Wednesday, December 4, 2019

Emerging Technologies and Innovation (Information Technology)

Question: Discuss about the Emerging Technologies and Innovation (Information Technology). Answer: Introduction: The interaction of the individuals over the social networking sites is on continuous increase. The people are more or less always connected with the help of the social networking sites. These social networking sites are used by the individuals for various purposes, either for the business purpose or for the purpose of communicating with other individuals over the personal matters. The users today are enjoying the facilities of remaining in contact with each other at any point of time and even if they reside at any place. For the people in the earlier days it had been a wonder to stay in touch with each other when they are residing in different countries or territories. The innovations and the new inventions made by the emerging science and technology led to the emergence of the software and the related sites that started making the connections among the individuals for various purposes much more smooth and easy that can be done within a few seconds (Feng et al. 2014). The social networking sites such as Twitter, Facebook , Flickr, MySpace, and other messaging sites such as the mobile messengers that can be used through the mobile networks are gaining more and more popularity among the Internet users (Cheminod et al. 2013). The Internet users are very much engaged in utilizing the advantages of such networking media. The sharing of the data has now turned to be a broad application and one of the essential parts of everyday life. People nowadays or rather in todays digital world cannot think of leading their lives without the presence of such social networking sites, at every stance, or rather at every moment they are in need of remaining connected or on line via the medium of such data. The popularity and increasing usage of the data sharing allow the real time communication among the users, they allow instant messaging as well as internet calling among the users even though they reside at different locations. The users of the OSN or the online soc ial networking sites, such as Facebook, Twitter, Instagram, MySpace are able to share the required information or data very easily. These social networking sites provide the spaces to the people through which they can easily carry connect with the people who are unknown to them and can develop new contacts. However, this act of enjoying the anonymous communication or sharing the data privately can lead to various disadvantages. There always remains a risk of the data getting hacked by the internet hackers or when such data will be exploited for the adversarial actions, as for instance when the individuals make an access to the private network without any legal permission and share the data in an illegal manner by the means of profiling the owner of the data whose private information is breached by such adverse action(Galliers Leidner, 2014). The digital world today has given rise to many advantages and the people can receive many valuable data regarding a plethora of aspects, people nowadays hardly need to wonder or rack their brains for searching any meaning or any information. The presence of Internet and all the kinds of informative software applications have made it quite possible. However, the use of the online social networking sites for the purpose of communicating with the help of the messengers in Facebook, chats, hangouts, MySpace, Twitter and many other applications or networking sites, have brought to the forefront many privacy issues as these networking sites always remain susceptible to diverse risks such as the leakage of information, corruption of data and also the breach of privacy (Li et al.2012). The information, thus, which is shared by the individuals engaged personally and the data shared by the corporate sectors for the need to be kept safe and secured from being illegally exploited. The corporate business sectors possess a great necessity of preserving their information related to the business interests. Therefore, the organizations save their critical information with the help of the International Standard known as the Information Security Management system (ISMS), thereby preserving the vital data from security discloses. An ISMS is the security system that uses the ISO standards in order to protect the privacy and confidentiality of the critical information (Hill et al. 2014). Significance of the study: The major purpose or the importance of this in depth study is to acquire the required information from the studies made earlier regarding the similar topic and to integrate the similar information acquired with that of the opinions that he himself possess and thus, in the process, make the readers understand and get knowledge about various aspects of the online social networking sites and the issues related to the maintenance of privacy of the communication that is conducted with the help of the means of such social networking sites. The report has attempted to undertake an in-depth study of the Industrial Control Systems (ICS) that is used for protecting the safety of the information related to the public infrastructures that is very vital for the country. The researcher thus gives information about all the security measures and standards that can be adopted and are usually adopted by the companies both the private and public sectors in order to secure the privacy of the information and most important data (Hahn et al. 2013). Specific aims of the Report: ISMS can easily protect the information and retain the privacy of certain matters; however it is not taken to be much suitable for the purpose of tackling the critical information. Although ISO 27001 marks the infrastructure of the ISMS, and it can save the privacy of the general information systems and can be implemented easily, it cannot provide the safety that is needed by the infrastructure owners of IC, who therefore actually follow the safety standards of IEC 61508 and IEC 61511. Therefore, as a result, for the maintenance of the confidentiality, availability, security and privacy of the entire information systems or the ICS a new Information Security Management System is required to be developed (Lees 2012). Therefore, the purpose of this report is to identify a new model SNSM for anonymous communication schemes in social network Security model after studying the standards such as the ISO, NIST SP 800-53s and the IEC 61511 standards. Thus, the researcher in this pursuit will deal with the following aims that would help in conducting the study or the research: To identify the importance characteristics of the anonymous communication schemes in the social network To find out the processes by which the security and privacy are working in the anonymous communication schemes in the social network To study and identify the security control or requirements of three international standards, namely, IEC 61511, NIST SP 800-53s and ISO Thus, the researcher would try to deal with the above aims and conduct the study in order to know the probabilities of designing a new system of Information or a new model that can help in the preservation of the data sharing (Wirth et al. 2016). Issues (Problem Statement): In this very section the researcher will provide the readers an in-depth study about the feature of the communication systems, the modes of data sharing and several other aspects regarding the importance of security in the communication systems. Through the collection of information about different aspects related to the topic from the secondary data sources the report would make the readers aware of each aspect through a profound and thorough study of the issues (Chretien Kind, 2013). The issues that usually arise are regarding the exposure of the identities of the users who may not like to get their real identities revealed, however, by default some of the social networking sites or websites may require the users to reveal their true identities for the sake of creating their profiles in those online social networking sites. Such privacy issues affect largely the perspectives of various users to use those sites for conducting certain important communication or work. Thus, two major issues can be identified based on this present scenario of privacy concerns. These two issues entail the identity of the users and the anonymity of the users. The users after revealing their true or real identities in the social networking websites get an exposure and their profiles or the accounts formed in such sites become known by other users too. Now, often it may happen that the hackers or the attackers of the privacy of the profiles with help of search engines try to index the ac counts of certain users if they are the users of a common social networking site. This in turn enables the hacker of the accounts to find the information about the victims or the users with the help of the search results, and thereby expose the anonymity of the users of such social networking websites or applications. There are other ways too which can be used by the attackers, namely the Neighborhood Attack and De-Anonymization attack, for the purpose of accessing the privacy of the profiles of certain users (Rock et al. 2013). Literature Review: This section would deal with an in depth study related to the International standards that are adopted by the business organizations in order to protect the breach of the private and vital communication. Through this section the readers will become aware about the importance of such international standards that are implemented by the companies as well as the significance of safeguarding the security of such information that takes place among various organizations and among the individuals regarding the personal issues. With the help of the secondary data sources this report will try to answer and deal with the identification of the features of the anonymous schemes, the incorporation and the issues related to such incorporation of the ISO, NIST and IEC and the explanation of their models finally would also inform about the solutions to such issues that can ensure the permanent safety of the social networking sites from the online hackers. The researcher in this section of the report would make a combined study by taking in consideration the studies conducted by previously by other researchers and also by integrating with it the researchers own views (Litt, 2013). Introduction and Application of the International Standards (ISO 27001, NIST SP 800-53, IEC 61511) and the issues related to them: (Model Explanations) ISO 27001: These international standards form the basis for the management of the security of the professional or corporate data as well as they are capable for safeguarding the personal information. ISO is one such International standard.ISO is the International standard that can be termed as the determination for the security of the data in the administration framework. This standard has proved to be very useful in protecting the information or the privacy of the organizations and thereby it can be termed as the information security management system of the organizations. This security management system had replaced the BS 7799 part 2. Although this standard has proved to be very useful for the business organizations, it cannot be used by the organizations for the authorization of the particular information and security controls, the reason is that wide ranges of organizations use this international standard. This standard enables the organizations to preserve the privacy of the assets, such as the financial data, details of the users as well as the details of the third parties. The certification to the ISO is possible for the organizations as per the set standards of the security management, but it is not mandatory (Kass-Hout Alhinnawi, 2013). NIST SP 800-53: NIST or National Institute of Standards and Technology is one such international standard that forms one of the parts of the particular publication series that is the 800 series; it helps in dealing with the programs in the risk management series or framework that deal with the security control. This international standard helps in providing the U.S. federal information systems a catalog of security controls. This standard aid the federal agencies in the incorporation of the Federal Information Security Management Act of 2002, so that the companies or the federal organizations can manage the cost effective programs in order to preserve or save their information systems and the data sharing that is done for conducting the communication with other parties. The special publication of NIS that is known as the Guide for Assessing Security Controls in Federal Information Systems and Organizations enable the evaluation of certain security control measure in order to identify what will be th e correct modes of the security controls. This is undertaken for the sake of protecting the privacy of the information of the families, individuals and other organizations and the nation. NIST is also known as the NIST special publication, which deals with the assortment of some of the fundamental set of baseline security controls that are used to recommend the security control measures for the federal information systems and organizations (Vyrynen et al. 2013). The fourth version of the NIST had taken a more holistic and different approach by hardening the systems with the help of applying the new forms of architecture in order to safeguard the information systems from the cyber attacks. It has been observed by many that the NIST is more concerned with the check box compliance rather than the actual security (Wirth et al. 2016). Many issues have reported against the security control measures of the NIST SP 800-53 or more probably the revised version 4. It has been observed that this version of the NIST is making the companies too much contended regarding the security of their information systems. It has been also reported that the mechanisms used by the NIST are not that much new and are rather obsolete, and therefore very less time is spent in solving the issues regarding the security control. Many companies even after the incorporation of the NIST SP are not that much safe as they are still vulnerable and are on the verge of being attacked by the cyber attack (Vyrynen et al. 2013). IEC 61511: IEC 61511 is another technical international standard that has been applied by many organizations for the preservation of the information related to the instrumentation of the firm. The firm incorporates IEC 61511 in order to protect the engineering systems of the companies and the information related to them. This international standard adapted by the organizations in order to analyze the probable risks and in order to ensure the certification of the SIS or Safety Instrumented Systems. This is for increasing the security controls among the users of the online social networking sites. The companies those adapt the IEC 61511 for the protection of the information or more precisely for the reduction of the risks undertake the Certification of Compliance with the IEC 61511, because this is very much important for the Process Industry Segment. The companies for the reduction of the risks use this particular technical standard, the risk reduction is set as the major priority by the IEC 615 11. Many critics or scholars such as Rahman and others have opined that for the purpose of the reduction of the risks there should be a graph in the facebook in order to design and assure a photo-based authentication that will preserve the privacy of the users by reducing the risks. Some other critics or researchers like Zhou have proposed that for the sake of maintaining smooth communication throughout the indirect social relationships via the media of the online social networking sites, there should be the introduction of the holographic encryption. This will also allow the free access of the resources throughout such indirect social relationships; however, there need to be exclusive information about the third party who is the owner of the resources (Jkl Berki, 2014). IEC61511 is very much useful in assuring the companies regarding the provision of the safety functions, reduction of the risks at every step and thereby the protecting the information systems of the organizations and management of the functional safety through the proper evaluation of the risks (Schumacher et al. 2013). However, there are some of the issues that challenge the proper execution of the IEC 61511 in the organizations. One of those issues is that IEC is that the there remains many steps in the process of the implementation of the IEC 61511, which make the entire process lengthy, that is the SIS design cycle becomes lengthy. Therefore, it requires very well planning and proper scheduling of the entire methodology of the application of IEC 61511, so that the SIS design cycle can be well managed to rescue it from the involvement into more critical dimensions (Jkl Berki 2014). Need for an advanced approach for securing anonymous communication scheme for social networking: Importance of Security in Anonymous communication scheme in social networking: In accordance with the opinions of the critics namely Danezis and Mittal, the use of layered encryption is very much needed for receiving the full control over the members of the online social networking sites, such as the facebook, MySpace and Twitter, etc. This is because the encrypted keys will be able to utilize to encode the information of the manager or the actual owner of the data. This will in turn ensure that the other users or the members of the online social networking sites are not able to get an access to the data and thereby the privacy or the safety of the data is conformed. It has been observed that among all other social networking sites, it is Face book that has the provisions for safeguarding or rather encrypting the real data by the process of filtering the whole of the URL that is able to connect the users to the website that is peripheral. Many critics or researchers have stated that Face book is able to provide warning to the users when they are on the verge of clicking on any website that is completely a fraudulent one. If the users are not warned about the fraudulence that is carried out by the hackers of the profiles and the information contained in the accounts or the profiles of the victims, the users will be always at loss and they may continue using the unknown websites, thereby falling victims to the traps of those hackers. The users of the face book may not remain aware of such fraudulence messages or the websites and therefore in such a case the user can compress the continue button or can click on the cancel button. Therefore, the concept or the aspect of the security is applicable to both the anonymity and the security of the data sharing through the online social networking sites (Hill et al. 2014). Significance of the Privacy in Anonymous Communication Scheme in the Social Networking: The owner of the data should be very much aware of the need to preserve the privacy of the data and therefore the owner of the data should undertake the execution of the privacy preservation configuration whenever there is a need to share the personal data (Bennett et al. 2015). Thus, the privacy preservation scheme by the medium of the well-managed revocation of the online social networks is the major concern of todays digital world. The privacy of the data of an OSN user is the liability of the user or the owner himself. The owner of the data possesses the exact control over the pictures, videos, and other copyrighted materials and the owner of the data is himself or herself responsible for the revelation of the information that is contained in his or her profile (Li, 2014). It is usually presumed that the information contained in the profile of a particular user is private and safe with the owner in case of Face book or Twitter or any other such online sites. However, in reality t he other members of the group who are there in the contact list of the owner are aware of the personal details of each other. The OSN applications such as the Facebook and the Twitter are not at all the anonymous online applications because these are such applications that require the users to reveal the identity of the users while signing in and opening their profiles. Thus, it is quite visible and evident that the privacy that is assumed to be maintained by the users regarding their profiles are actually show or reveal the information or the identity of the users through the means of the photos or the video that are uploaded by the users (Knapp Langill, 2014). Value or the Significance of the safety in the Anonymous Communication Scheme in Social networking: There is a tremendous need for the safety of the anonymous communication as such communication and the data related to such communication suffer positive or the passive and active attacks in the ad-hoc network routes (Feng et al. 2014). In case of the passive attacks, the intruder is not able to adapt the message stream and thereby the invader cannot perform any such function, this makes the invader incapable of making disrupting the function of the routing protocol (Roman et al.2013). Therefore, theses are attacks are the passive attacks. On the other hand, the attacks become active when the flow of the data is prevented as well as degraded. The active attacks delete the data as well as modify the data. In accordance with the critics and the researchers like Pishva and Hoang, besides these active and passive attacks, there are also the intersection attacks as well as the predecessor attacks and time attacks (Roman et al. 2013). Solution to the issues: The issues that have been identified with regard to the communication and sharing of the data among the users of the online social networking sites as well as the issues or the problems that cause hindrances during the installation or application of the International standards by te companies also have certain solutions. The solutions can be the following: Anonymity via Virtual Private Network (VPN) - This is the higher mode of the security control that helps in solving the problem of the proxy (Valente, 2012). The usage of the Virtual Private Network enables the encryption of the information or the data sent from the PC of the clients and then the information is again sent to the server of the VPN through the VPN tunnel that remains secured (Guerrero et al. 2013). The major strength of the Virtual Private Network is that the information packets that are sent from the source or the Pc of the clients remain encrypted and then are decoded after reaching the servers through the VPN tunnel. The hackers will try to retrieve the privacy of the data shared between the source clients and the servers and this will be done through the decrypting of the message after hacking the security key of the VNP (Knapp Langill, 2014). Preservation of the anonymity by the use of TOR (The Onion Router)- Here comes the another method that would help in the protection of the privacy of the data that is shared among the individuals for the sake personal matters and among the business organizations. This can be presumed to be one of the best modes as it helps in the transmission of the fully unique and safe encrypted information to the destination clients. This is because the messages that are transferred or that originate from the source client have to undergo or pass through a number of assessment procedures. The methodology of TOR is a very complex internal working mechanism. It helps to trace the activity of the users very easily (Galliers, Leidner, 2014). Although it may seem to be a complicated process, this is a good one as it makes the utilization of the cryptography and various layers of encryption. When the data is transmitted from the source to the destination clients, the information in this method is required to pass through various hubs, where the data is scrambled, de-encode and re-encoded with the help of the open key or the codes of the hubs. Thus, in each of the hub, the message that is under transmission will have to pass through the decoding of the encryption for the revelation of the next layer of the encryption, in accordance with the rules of the methodology of TOR (Lees, 2012). The entire process, thus, leads to the formation of the Onion Ring as the name itself suggests. As and when the information or the messages enter the last hub, the data need to pass through a final decryption of the encryption and finally the unique data gets delivered to the destination where it needs to reach without the breach of its privacy (Knapp Langill 2014). Therefore, the incorporation and adaptation of the TOR will be the most suitable means for the protecting the entire process of anonymous communication that is being carried through the online social networking sites (OSN) and thereby the safeguarding the privacy of the data sharing through decryption and encryption processes (De Coster McEwen, 2015). (Model Explanation) Conclusion: Thus, it becomes quite evident from the fact that the due to emergence of the new technologies and the increase in the innovation in the field of science, interaction and comfort zone of interaction has developed through the means of Information Technology, however, it has also caused many disadvantages, that need to be resolved. The privacy of the individuals and their information that is at stake at todays digital world can be preserved by the use of the VPN and TOR. Out of these two, TOR has proved to be the best in evaluation of the data sharing methods and helping in the transmission of the correct and safe information to the destination (Simons 2013). References: Cheminod, M., Durante, L., Valenzano, A. (2013). Review of security issues in industrial networks.Industrial Informatics, IEEE Transactions on,9(1), 277-293. Feng, N., Wang, H. J., Li, M. (2014). A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis.Information Guerrero, J. M., Chandorkar, M., Lee, T. L., Loh, P. C. (2013sciences,256, 57-73. Galliers, R. D., Leidner, D. E. (2014).Strategic information management: challenges and strategies in managing information systems. Routledge. Advanced control architectures for intelligent microgrids, part I: decentralized and hierarchical control.IEEE Transactions on Industrial Electronics,60(4), 1254-1262. Hahn, A., Ashok, A., Sridhar, S., Govindarasu, M. (2013). Cyber-physical security testbeds: Architecture, application, and evaluation for smart grid.Smart Grid, IEEE Transactions on,4(2), 847-855. Hill, C., Jones, G., Schilling, M. (2014).Strategic management: theory: an integrated approach. Cengage Learning. Kerzner, H. R. (2013).Project management: a systems approach to planning, scheduling, and controlling. John Wiley Sons. Knapp, E. D., Langill, J. T. (2014).Industrial Network Security: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Syngress. Lees, F. (2012).Lees' Loss prevention in the process industries: Hazard identification, assessment and control. Butterworth-Heinemann. Li, S., Xu, L., Wang, X., Wang, J. (2012). Integration of hybrid wireless networks in cloud services oriented enterprise information systems.Enterprise Information Systems,6(2), 165-187. Mo, Y., Kim, T. H. J., Brancik, K., Dickinson, D., Lee, H., Perrig, A., Sinopoli, B. (2012). Cyberphysical security of a smart grid infrastructure.Proceedings of the IEEE,100(1), 195-209. Park, S., Lee, K. (2014). Advanced approach to information security management system model for industrial control system.The Scientific World Journal,2014. Roman, R., Zhou, J., Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things.Computer Networks,57(10), 2266-2279. Rong, C., Nguyen, S. T., Jaatun, M. G. (2013). Beyond lightning: A survey on security challenges in cloud computing.Computers Electrical Engineering,39(1), 47-54. Schumacher, M., Fernandez-Buglioni, E., Hybertson, D., Buschmann, F., Sommerlad, P. (2013).Security Patterns: Integrating security and systems engineering. John Wiley Sons. Simons, R. (2013).Levers of control: how managers use innovative control systems to drive strategic renewal. Harvard Business Press. Sridhar, S., Hahn, A., Govindarasu, M. (2012). Cyberphysical system security for the electric power grid.Proceedings of the IEEE,100(1), 210-224. Yan, Y., Qian, Y., Sharif, H., Tipper, D. (2012). A survey on cyber security for smart grid communications.Communications Surveys Tutorials, IEEE,14(4), 998-1010. Yan, Y., Qian, Y., Sharif, H., Tipper, D. (2013). A survey on smart grid communication infrastructures: Motivations, requirements and challenges.Communications Surveys Tutorials, IEEE,15(1), 5-20. Yin, S., Li, X., Gao, H., Kaynak, O. (2015). Data-based techniques focused on modern industry: an overview.Industrial Electronics, IEEE Transactions on,62(1), 657-667. Mergel, I. (2012). The social media innovation challenge in the public sector. Information Polity, 17(3, 4), 281-292. Hoff, S. (2016). Book Review: Innovation and Inequality: Emerging Technologies in an Unequal World by Susan Cozzens and Dhanaraj Thakur. Smith, A., Raven, R. (2012). What is protective space? Reconsidering niches in transitions to sustainability. Research Policy, 41(6), 1025-1036. Valente, T. W. (2012). Network interventions. Science, 337(6090), 49-53. Najaflou, Y., Jedari, B., Xia, F., Yang, L. T., Obaidat, M. S. (2015). Safety challenges and solutions in mobile social networks. Systems Journal, IEEE, 9(3), 834-854. Chretien, K. C., Kind, T. (2013). Social media and clinical care ethical, professional, and social implications. Circulation, 127(13), 1413-1421. de Montjoye, Y. A., Shmueli, E., Wang, S. S., Pentland, A. S. (2014). openpds: Protecting the privacy of metadata through safeanswers. PloS one, 9(7), e98790. Vyrynen, K., Hekkala, R., Liias, T. (2013). Knowledge protection challenges of social media encountered by organizations. Journal of Organizational Computing and Electronic Commerce, 23(1-2), 34-55. Kass-Hout, T. A., Alhinnawi, H. (2013). Social media in public health. British medical bulletin, 108(1), 5-24. Wirth, H., Kulczycka, J., Hausner, J., Koński, M. (2016). Corporate Social Responsibility: Communication about social and environmental disclosure by large and small copper mining companies. Resources Policy, 49, 53-60. Hardwick, J., Anderson, A. R., Cruickshank, D. (2013). Trust formation processes in innovative collaborations: networking as knowledge building practices. European Journal of Innovation Management, 16(1), 4-21. Gummesson, E. (2014). Commentary on The role of innovation in driving the economy: Lessons from the global financial crisis. Journal of Business Research, 67(1), 2743-2750. Li, J. (2014). Data protection in healthcare social networks. Software, IEEE, 31(1), 46-53. Litt, E. (2013). Understanding social network site users privacy tool use. Computers in Human Behavior, 29(4), 1649-1656. Jkl, M., Berki, E. (2014). Communities, communication, and online identities. Cyber behaviour: Concepts, methodologies, tools, and applications/Information resources management association, 71-83. Cacciapuoti, A. S., Calabrese, F., Caleffi, M., Di Lorenzo, G., Paura, L. (2013). Human-mobility enabled wireless networks for emergency communications during special events. Pervasive and Mobile Computing, 9(4), 472-483. Rock, A. S., Rock, M. D. J. S., Salazar, M. D. J. S. (2013). U.S. Patent No. 8,447,690. Washington, DC: U.S. Patent and Trademark Office. Bennett, M., Gatof, J., Bowman, D., Ludlow, K. (2015). Regulating Emerging and Future Technologies in the Present. De Coster, R., McEwen, C. (2015). The Commercialisation and Adoption of Emerging Technologies: The Role of Professional Service Firms. Competitive Strategies for Academic Entrepreneurship: Commercialization of Research-Based Products: Commercialization of Research-Based Products, 227. Borgatti, S. P., Everett, M. G., Johnson, J. C. (2013). Analyzing social networks. SAGE Publications Limited.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.