Title: Secure Supply Chain Information Interchange using Distributed Trust Backbone
<br>Cover Date: 2025-01-01
<br>Cover Display Date: Jan 2025
<br>DOI: 10.37936/ecti-cit.2025191.257456
<br>Description: International trade requires transparent visibility of the goods transportation. High-quality data related to containers is essential for container movement across the border speed. However, customs and port authorities face information incorrectness and inconsistency, which are significant determinants that decrease the performance of container clearance in supply chain activities. The Seamless Integrated Data Pipeline principle has been proposed to overcome the mentioned data quality shortcomings and enhance supply chain visibility. Based on the Data Pipeline idea, we proposed the Distributed Trust Backbone (DTB) as a model of secure information exchange between parties within the supply chain activity. However, the supply chain data is highly dynamic. Access control on dynamic resources is the key to enabling secure data exchange and clear visibility. We take this challenge up in this paper. We propose an access control mechanism based on the supply chain Data Pipeline concept and apply it to the DTB model. The elaboration on the concrete detail of the system is presented in this paper. The prototype has been developed and performed in the simulation tests. It reduces 58% of requesting data for supply chain activities. The results of the experiments show that our proposed method performs 100% access control to data with BigO(1) accessing the Access Control List. It can ensure that the information for decision-making in the supply chain is of high quality. The supply chain visibility is clearer and speeds up a modern information exchange system of supply chains.
<br>Citations: 0
<br>Aggregation Type: Journal
<br>-------------------
<br><br><br>Title: FFF: Fast Firewall Framework to Enhance Rule Verifying over High-speed Networks
<br>Cover Date: 2022-03-01
<br>Cover Display Date: Mar 2022
<br>DOI: 10.37936/ecti-cit.2022161.246990
<br>Description: The current trafic trend on computer networks is growing exponentially, affecting network firewalls because they constantly have to filter out mas-sive amounts of data. In this paper, we implement a firewall framework to improve trafic processing speed, named the Fast Firewall Framework (FFF or F3). FFF can verify rules at Big-O(1) worst-case access time, and it also consumes a small amount of memory, which is only Big-O(nbit). To evaluate the firewalls' effectiveness, we benchmark the proposed fire-wall framework against the two fastest open source firewalls, IPSets and IPack. The experimental results show that FFF can execute rules faster than both firewalls and consumes less memory. In addition, the proposed firewall framework has a simple structure that makes it easier to imple-ment.
<br>Citations: 1
<br>Aggregation Type: Journal
<br>-------------------
<br><br><br>Title: DSSF: Decision Support System to Detect and Solve Firewall Rule Anomalies based on a Probability Approach
<br>Cover Date: 2022-03-01
<br>Cover Display Date: March 2022
<br>DOI: 10.37936/ecti-cit.2022161.246996
<br>Description: Currently, establishing a private network on the Internet is highly haz- ardous as attackers continuously scan computers for vulnerabilities within the connected network. The rewall ranked the highest as a network de-vice is selected to protect unauthorized accesses and attacks. However, rewalls can eectively protect against assaults based on adequately de- ned rules without any anomalies. In order to resolve anomaly problems and assist rewall administrators manage the rules eectively, in this pa-per, a prototype of a decision support system has been designed and de-veloped for encouraging administrators to optimize rewall rules and min-imize deciencies that occur in rules by using a probability approach. The experimental results clearly show that the developed model encourages ex-perts and administrators of rewalls to make signicant decisions to resolve rule anomalies. As a result, expert's condence increases by 14.8%, and administrators' condence soars similarly about 44.2%. The accuracy of correcting rule anomalies is 83%.
<br>Citations: 3
<br>Aggregation Type: Journal
<br>-------------------
<br><br><br>Title: Decision making system for improving firewall rule anomaly based on evidence and behavior
<br>Cover Date: 2020-01-01
<br>Cover Display Date: 2020
<br>DOI: 10.25046/AJ050460
<br>Description: Firewalls are controlled by rules which often incur anomalies. The anomalies are considered serious problems that administrators do not desire to happen over their firewalls because they cause more vulnerabilities and decrease the overall performance of the firewall. Resolving anomaly rules that have already occurred on the firewall is difficult and mainly depends on the firewall administrator's discretion. In this paper, a model is designed and developed to assist administrators to make effective decisions for optimizing anomaly rules using the probability approach (Bayesian). In this model, the firewall needs to add four property fields (Extra fields) to the firewall rules: frequency of packets matching against rules, evidence of creating rules, the expertise of rules creator and protocol priority. These fields are used to calculate the probability of each firewall rule. The probability for each rule is used while the rules conflict and administrators need to resolve them. The rule having the highest probability value indicates that it has the highest priority in consideration. Experimental results show that the proposed model allows firewall administrators to make significant decisions about solving anomaly rules. The data structure of this model is based on k-ary tree, therefore the speed of building tree, time complexity and space complexity: O(n), O(logmn) and O(m*n) respectively. Besides, the confidence of the proposed firewall for resolving firewall rule anomalies of the administrator increase by 29.6% against the traditional firewall, and the reliability value between the inter-raters also increase by 13.1%.
<br>Citations: 5
<br>Aggregation Type: Journal
<br>-------------------
<br><br><br>Title: Global monitoring of dynamic information systems a case study in the international supply chain
<br>Cover Date: 2014-01-01
<br>Cover Display Date: 2014
<br>DOI: 10.1109/ICSEC.2014.6978215
<br>Description: Global information systems are becoming more complex and dynamic everyday: huge amounts of data and messages through those systems show dynamically changing traffic patterns. Because of this, diagnosing when sub-systems are not working properly is difficult. System failures or errors in information exchange protocols sometimes happen and interrupt the correct working of the system. International supply chain systems, for example, need smooth running when performing information exchange tasks between sub-systems but, in practice, show various types of information security breaches. So, finding a solution to diagnose and discover failure spots in the dynamic global system is highly required. This challenge is taken up in this paper. Based on an example prototype of the new European supply chain information system (Data Pipeline) and the required global monitoring process, we tested feasibility and effectiveness of real-time detection of system failures, the results of which are described in this paper.
<br>Citations: 3
<br>Aggregation Type: Conference Proceeding
<br>-------------------
<br><br><br>Title: Data concealing of supply chain transactions using the Distributed Trust Backbone
<br>Cover Date: 2014-01-01
<br>Cover Display Date: 2014
<br>DOI: 10.1109/ICITST.2014.7038796
<br>Description: Secure and accurate transactions are vital to any large-scale business system in order to guarantee the reliability of the system to stakeholders in both the public and private sectors. In supply chain systems, however, a variety of information security shortcomings is currently occurring in several processes, for example, related to data confidentiality. The Data Pipeline principle has been proposed to improve the security and quality of supply chain information systems. In a first elaboration, the Distributed Trust Backbone (DTB) model was designed. The DTB consists of a set of core components and protocols having the aim to enable secure information exchange. Next, a prototype has been implemented using computer systems available in three countries spread over the world. In order to test the system, we performed a case study in which data confidentiality appeared to be a fundamental requirement. In this paper, we describe our case study and argue that supply chain transactions can successfully be concealed using the DTB model. This concerns one of the fundamental requirement of secure information exchange along the international supply chain.
<br>Citations: 0
<br>Aggregation Type: Conference Proceeding
<br>-------------------
<br><br><br>Title: Multi-level access control in the data pipeline of the international supply chain system
<br>Cover Date: 2013-01-01
<br>Cover Display Date: 2013
<br>DOI: 10.1007/978-3-642-41585-2_7
<br>Description: The Seamless Integrated Data Pipeline system was proposed to the European Union in order to overcome the information quality shortcomings of the current international supply chain information exchange systems. Next to identification and authorization of stakeholders, secure access control needs to be considered at design time of the new data pipeline system. This challenge is taken up in this paper. First, based on an analysis of the proposed data pipeline concept, access control requirements are being defined. Second, a new multi-level access control model is being designed. The resulting model organizes access control at two levels, namely, at country and at service level, herewith enabling secure information exchange between global stakeholders. © 2013 Springer-Verlag Berlin Heidelberg.
<br>Citations: 6
<br>Aggregation Type: Book Series
<br>-------------------
<br><br><br>Title: Accountability in single window systems using an internal certificate authority - A case study on Thailand's national single window system
<br>Cover Date: 2011-12-01
<br>Cover Display Date: 2011
<br>DOI: N/A
<br>Description: A single window system (SWS) concerns a single-entry facility for electronic documents exchange between governmental departments and business partners and is aimed to reduce time and costs of international cross-border trade. Recently, the country of Thailand also started to design and implement a SWS based on modern information technologies. This includes the set-up of a public key infrastructure (PKI) to facilitate secure e-message exchange. An analysis of the information flows that are taking place in the prototype SWS proposed revealed us however that, next to improvements, some basic requirements with respect to the accountability of individual back office employees are not met. The first aim of this paper is to reveal this accountability problem. In addition we propose a possible solution for the shortcomings discovered, which basically boils down to extending the PKI with an internal certificate authority.
<br>Citations: 4
<br>Aggregation Type: Conference Proceeding
<br>-------------------
<br><br><br>