• TRANSPORT. SAFETY AND ECOLOGY. LOGISTICS AND MANAGEMENT

    Certain issues to minimize the human factor impact in transportation security

    Trans Motauto World, Vol. 5 (2020), Issue 3, pg(s) 98-100

    Aviation security as a topical area of scientific research is marked contrast to other application tasks of security sector. The specific nature aims at dealing with research objects that differ in considerable uncertainty of identification and description. In such a case, the requirements for aviation security systems are constantly becoming more complex, and the methodology of scientific research on security issues lags far behind the common trend of civil aviation development.
    In the last few years, the trend to improve aviation security management systems in transportation industry has become a transition from classical schemes of regulatory management to schemes of computer-assisted management using procedures with the challenge of reducing the human factor. In fact, the human factor is not the only criterion for management in such systems. We can identify a number of factors that reduce the effectiveness of security management in the current system, and their impact is not fully investigated. A system analysis of these factors shows that each of them is not only related to the human factor, but the parameters of these factors’ influence on the management efficiency are largely determined by the human component. In this case, the human factor becomes the main criterion for optimal aviation security management. There is a problem of minimizing the negative impact of the human factor on aviation security management procedures. The authors of this work offer and study an original approach to solving this problem.

  • NATIONAL AND INTERNATIONAL SECURITY

    Options of Healthcare Facilities Protection Against Terrorist Attacks in the Czech Republic

    Security & Future, Vol. 4 (2020), Issue 1, pg(s) 20-22

    Medical facilities are distinctive types of premises accessible by a wide range of visitors seven days a week. They are places characterized by a high concentration of civilians and low-level security against the occurrence of various types of emergencies. Undoubtedly, terrorism is one of them. From a security point of view, hospitals are soft terrorist targets. Given the topicality of terrorism, we must address the question whether sufficient security is ensured for medical facilities. The aim of this paper is to point out the key role of security management in the overall management of hospitals. It will also outline some shortcomings in technical and operational security applications for their premises. The paper further discusses the effectiveness of crisis plans and emergency management exercises, as those are the primary conditions of successful emergency management.

  • TECHNOLOGICAL BASIS OF “INDUSTRY 4.0”

    Building personal virtual private networks in public cloud platforms

    Industry 4.0, Vol. 5 (2020), Issue 3, pg(s) 112-113

    Virtual Private Networks (VPN) enable usage of the public Internet infrastructure to build se-cure and reliable connections providing functionally of private corporate IT networks. Back in 90s VPN were created to mainly allow access to corporate resources for employees who work remotely and/or travel. Today, VPN can be used to gain access to geographically isolated and highly protected Internet resources like websites, interactive platforms and more. Such VPN are good for protecting Internet users’ privacy and enhance their security especially when using public free Wi-Fi networks. Indeed, now VPN are used more and more and gain popularity for exactly those reasons – provide almost universal access and protect privacy of millions Internet users. This paper reviews building blocks and procedure to build our own VPN. This way power users are in full control of their privacy and security when using public Internet infrastructure while also gain access to otherwise restricted online resources.

  • TECHNICAL FACILITIES FOR ENSURING SECURITY

    SECURITY OF THE B-MSS – THE NEW CHALLENGE FOR THE SATELLITE SYSTEM DESIGNERS

    Security & Future, Vol. 3 (2019), Issue 4, pg(s) 174-177

    The Broadband Mobile Satellite Services (B-MSS) are extremely important not only for government (army and police), but for  many civil applications as car, aero, railway and ship communications. Probably they will be part of the future 5-G network development and their security work is very important too. The solving of the main B-MSS security problems needs entirely new approach. The aim of this paper is to analyze two new radio-communication principles, named Spatial Correlation Processing – Random Phase Spread Coding, from security point of view. They were proposed by the author a decade before as antenna transmit-receive beam forming methods with many applications in microwave frequency bands too.

  • INFORMATION SECURITY

    CODE CONTRACTS VS INPUT VALIDATION

    Security & Future, Vol. 3 (2019), Issue 4, pg(s) 167-169

    The unstoppable growth of security flaws makes the developers more patient in integrating different security defenses in the application development! Most of the security breaches are due to uninformed or unqualified developers! The good part is that Internet provides a large amount of rules/documentations/guidelines/tools free for use to help the developers in their work! But as the coin has two sides each web application needs to provide two parts of security flaws protection. The first level of defense is the well known protection from the outside world, called user input validation! And the second side is to ensure that the application works without a problem! Which means to protect it from inside out by integrating what is called code contracts! Even thought those two types of protection have similar purposes there is a difference which we are going to present in the research!

  • INFORMATION SECURITY

    CROSS-SITE SCRIPTING ATTACKS AND THE SECURITY OF WEB APPLICATIONS

    Security & Future, Vol. 3 (2019), Issue 4, pg(s) 163-166

    This report focuses on vulnerabilities on web-applications and web-sites from Cross-Site Scripting attacks (XSS). The different types of XSS attacks are examined: DOM-based, active and passive attacks. The spread of XSS attacks across platforms – government and financial institutions, transportation companies, hospitality and entertainment has been analyzed. Research and analysis of the security of corporate websites and their resistance to XSS attacks have been carried out. The basic guidelines for preventing valuable data theft and unauthorized access to websites and applications from XSS attacks are reviewed and systematized.

  • NATIONAL AND INTERNATIONAL SECURITY

    ELECTRONIC ADMINISTRATION OF UNMANNED AVIATION WITH PUBLIC KEY INFRASTRUCTURE (PKI)

    Security & Future, Vol. 3 (2019), Issue 4, pg(s) 152-155

    As Unmanned Aircraft Systems (UAS) are converging an Internet of Things-like infrastructure, always connected to the internet, cryptographic security becomes a primary concern to ensure confidential, but even more importantly tamper-proof transport of data. Another emerging problem is the high number of unregistered drone flights, with no regard towards airspace regulations. The wellestablished and standardized processes of Public Key Infrastructure (PKI) can be utilized for electronic identification of drones and associating them to the owner, while providing encryption and integrity protection of data. Nowadays various companies provide PKI for drones. This material summarizes the trends, challenges, possibilities of hardware-based on-board secure storage of secrets and describes a possible solution for government-level electronic administration of drones and owners.

  • NATIONAL AND INTERNATIONAL SECURITY

    ORGANIZED CRIME ACTIVITIES ON THE ILLEGAL MARKET AND SECURITY IMPLICATION

    Security & Future, Vol. 3 (2019), Issue 4, pg(s) 140-143

    This work is inspired by the current problems of confronting organized crime, which in part controls illegal markets. Thus, it is also aimed at highlighting the most significant aspects of the research into illegal markets, whose knowledge enables the creation of effective strategic preferences in the fight against organized crime, whose actions have a number of negative implications for state security. Modern criminal organizations are profitable and market-oriented, and the methods of acting used are combined with the criminal and method of the operation of contemporary business organizations. The knowledge of the organization’s specifics and functioning of illegal markets enables the proper selection of methods to more efficiently counter the destructive actions of criminal organizations that control the illegal market. In fact, the destructive action of criminal organizations reflects directly on the state of security by increasing the level of corruption, the level of money laundering and the infiltration of organized crime into legal economic flows, the spread of illegal markets and the increase of the crime rate, but also the ability to generate criminal profits, increasing the economic power of criminal structures that is recursively used for influence on government holders.

  • INFORMATION SECURITY

    STUDY OF THE IMBALANCE AND DISPROPORTIONS IN THE OPPOSITION OF CYBER DEFENSE AGAINST HACKERS

    Security & Future, Vol. 3 (2019), Issue 3, pg(s) 102-105

    Study outlines the contours and the magnitude of the asymmetry in the opposition of cyber defense against hackers. Propose a
    model that reflects the dynamics of the opposition on both sides and the impact of the listed disproportions. It consist a functional analysis of the differences between organizational and technical approaches applied from both sides. Contains research into why even the most highly protected systems suffer from successful hacking attacks. The analysis sheds light on the magnitude of pressure exerted by malicious actors on cyber security for organizations and the disproportionate response from experts who protect information systems and networks.

  • SOCIETY & ”INDUSTRY 4.0”

    ASPECTS OF SAFETY AND SECURITY IN INDUSTRY 4.0

    Industry 4.0, Vol. 4 (2019), Issue 6, pg(s) 319-321

    Industry 4.0 includes the integration of Safety and Security. Their interconnection (influencing) is assumed. Application of control systems within Safety and Security changes the static principle to dynamic, assumes identification of all production and distribution processes, data mobility as a part of BIG DATA technology and human factor activity while ensuring the functionality of relevant applications. Industry Strategy 4.0 requires a proactive approach in risk analysis, based on the implementation of Safety and Security principles in the development and design phase of machines and complex technologies in the context of the use of CPS principles. It is important that rapid responses to the system’s problems are monitored effectively, with simultaneous exchange of information at individual levels in the production process.

  • TECHNOLOGIES

    INFORMATION MODELING OF INTELLIGENT AND SECURE CYBER-PHYSICAL PRODUCTION SYSTEMS USING OPC UA

    Machines. Technologies. Materials., Vol. 13 (2019), Issue 12, pg(s) 542-545

    The strategic initiative Industry 4.0 implies integration of Cyber-Physical Production Systems (CPPS), Internet of Things (IoT) and cloud computing, leading to what is called “smart factory”. The lack of theoretical foundation and methodologies for development of CPPS creates barriers that may hamper the adoption, commercialization, and market success of the new CPPS applications. Standardization and digitalization are at the heart of the methodologies for developing intelligent cyber-physical production systems. OPC UA is the only recommended communication standard within the RAMI reference architecture. Here comes the main purpose of the paper to analyze OPC UA in respect to the information model creation and measures to ensure security of applications. An important place in the paper is devoted to the specification of standardized information models of other organizations, such as those of the ISA-95 (IEC-62264).