Forthcoming articles

 


International Journal of Information Privacy, Security and Integrity

 

These articles have been peer-reviewed and accepted for publication in IJIPSI, but are pending final changes, are not yet published and may not appear here in their final order of publication until they are assigned to issues. Therefore, the content conforms to our standards but the presentation (e.g. typesetting and proof-reading) is not necessarily up to the Inderscience standard. Additionally, titles, authors, abstracts and keywords may change before publication. Articles will not be published until the final proofs are validated by their authors.

 

Forthcoming articles must be purchased for the purposes of research, teaching and private study only. These articles can be cited using the expression "in press". For example: Smith, J. (in press). Article Title. Journal Title.

 

Articles marked with this shopping trolley icon are available for purchase - click on the icon to send an email request to purchase.

 

Articles marked with this Open Access icon are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.

 

Register for our alerting service, which notifies you by email when new issues of IJIPSI are published online.

 

We also offer RSS feeds which provide timely updates of tables of contents, newly published articles and calls for papers.

 

International Journal of Information Privacy, Security and Integrity (6 papers in press)

 

Regular Issues

 

  • A Novel Integrated Approach Using Euclids and Fuzzy Logic for Secure Communication   Order a copy of this article
    by Sailaja Rayi, Rupa CH, Chakravarthy A S N 
    Abstract: Today there is a terrific rise in internet security attacks. Even though many encryption algorithms are developed to fight against the attacks, most of them are key centric algorithms. The security of algorithm is very much dependent on security of the key. A new cryptographic algorithm has been proposed based on internal key table, Euclids theorem and fuzzy logic. The proposed algorithm doesnt involve key exchange or sharing. It takes the help of internal key table whose indexes will be converted in to numeric form using Euclids and fuzzy logic to get the cipher text. The secrecy of the communication will be compromised if key is compromised. So there is a desperate need for key less algorithms to thwart against man-in-the-middle and spoofing attacks. The proposed approach will provide a solution for key exchange attacks. The performance of proposed work is evaluated by comparing with existing approaches and it shows better results.
    Keywords: Fuzzy logic; Euclid’s algorithm; Key table.

  • Privacy Preserving Association Rule Mining based on Homomorphic Computations   Order a copy of this article
    by Baby Vadlana, Subhash Chandra N 
    Abstract: The collection and analysis of data are continuously growing due to the pervasiveness of computing devices. The analysis of such information is fostering businesses and contributing beneficially to the society in many different fields. However, this storage and flow of possibly sensitive data poses serious privacy concerns. Methods that allow the knowledge extraction from data, while preserving privacy, are known as privacy-preserving data mining (PPDM) techniques. Many of the researchers have recently made an effort to preserve privacy of sensitive knowledge or information in a real database. Association rule mining and frequent itemset mining are two popular and widely studied data analysis techniques for a range of applications.To ensure data privacy, in this paper, we design an efficient homomorphic encryption based scheme for privacy preserving data mining. Later, we gave correctness proof, security analysis and experimental results for the proposed system. We also presented the comparison of our proposed method with other significant state of the art methods. The main issues with some of the known privacy preserving methods are - high computational complexity and large communication cost required for their execution. In this work, we achieved perfect secrecy and resist various attacks to some extent in association rule mining process.
    Keywords: Security; Association rule mining; Homomorphic encryption, Distributed computation; Transactional itemsets.

  • Towards an intercultural approach to information security   Order a copy of this article
    by Miloslava Plachkinova, Steven Andrés 
    Abstract: National culture plays an important role in the development and compliance with information security (InfoSec) policy and standards. A successful InfoSec policy must demonstrate understanding of the local workforce's culture and not just blindly impose rules and regulations. We conducted a quantitative study of 177 professionals across 35 national cultures to investigate whether national culture influences InfoSec training and best practices using Hofstede's six cultural dimensions. Our findings indicate that training programs should more directly address the variances in perception of InfoSec across cultures. These training programs should also reflect the significance of the organisation's InfoSec policies in the context of the local employee, while maintaining unified corporate governance. By increasing training comprehension, organisations can reduce security incidents resulting from unintentional policy violations and in turn, avoid costly remediation efforts.
    Keywords: information security; InfoSec; training; education; compliance; national culture; insider threat; corporate governance.
    DOI: 10.1504/IJIPSI.2018.10013212
     
  • How the modification of personality traits leave one vulnerable to manipulation in social engineering   Order a copy of this article
    by James Stewart, Maurice Dawson 
    Abstract: Research on cyber security related to social engineering has expanded from its purely technological orientation into explaining the role of human behaviour in detecting deception (Workman, 2007). In the broadest definition, social engineering, in the context of information security, is the manipulation of individuals to perform actions that cause harm or increase the probability of causing future harm. Human personality traits significantly contribute to the probability that an individual is susceptible to manipulation related to social engineering deception attacks and exploits (Maurya, 2013). The outcome of the attacks and objective is the alteration of normal and rational decision making as described in behaviour decision theory (Kamis, 2011). This quantitative and non-experimental study determined what makes an individual based on personality traits predisposed to social engineering treats in the context of susceptibility to deception manipulation and exploitation.
    Keywords: social engineering personality traits; social engineering; deception susceptibility; behaviour modification; cyber-attack; risk management; decision theory.
    DOI: 10.1504/IJIPSI.2018.10013213
     
  • Towards improving existing online social networks' privacy policies   Order a copy of this article
    by Alexandra K. Michota, Sokratis K. Katsikas 
    Abstract: The privacy policies of online social network (OSN) service providers are criticised as falling short of satisfying their users' privacy expectations letting huge quantities of their personally identifiable information (PII) exposed to unknown audiences. The purpose of this paper is twofold: to assess the conformance of the privacy policies applied in the five topmost leading OSNs to an internationally acknowledged benchmark such as the ISO 29100:2011 standard, and to propose improvements based on the findings of the assessment. Further, as serious mismatches between these privacy policies and the adherence criteria set out in the ISO 29100:2011 standard were identified, a data lifecycle model is proposed as the basis for an improved OSN privacy policy. A restructuring of the existing policies according to the data lifecycle model will allow them to enjoy characteristics that are known to be important in forming users' perceptions.
    Keywords: privacy policy; standards; social networks; ISO29100:2011; PII lifecycle.
    DOI: 10.1504/IJIPSI.2018.10013220
     
  • Enhanced tiny encryption algorithm for secure electronic health authentication system   Order a copy of this article
    by Yunusa Simpa Abdulsalam, Olayemi Mikail Olaniyi, Aliyu Ahmed 
    Abstract: One of the main worries circling the globe today is how to provide efficient and effective quality health services. Conventionally, part of the constraints in making these efficient quality health services possible is the fact that patients and consultants must be physically present in the same location. Modern development in information technology have been able to raise the number of possible ways healthcare can be delivered remotely to reduce medical access restraints, but the issue of patient authentication remains paramount. As more delicate data is stored in electronic health record (EHR) systems, there is need to provide effective security to avoid malicious attacks through illicit access to EHRs. This paper presents an enhancement to tiny encryption algorithm for secure near frequency communication based EHR system. The conventional tiny encryption algorithm was enhanced with Yarrow pseudo random number generator for better key randomisation. Results of the performance evaluation of the developed enhanced algorithm showed that the scheme is capable of providing countermeasures against replay and tag cloning attacks in data communication channels of clinic tele-consultations.
    Keywords: electronic health record; EHR; security; authentication; privacy; tiny encryption algorithm; TEA; healthcare.
    DOI: 10.1504/IJIPSI.2018.10013222