Sameer Hasan Albakri

Design and Develop a Video Conferencing Framework for Real-Time Telemedicine Applications Using Secure Group-Based Communication Architecture

One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient’s and the doctor’s end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.

A case study for the cloud computing security threats in a governmental organization

Cloud computing is not just a service of computing or how the computing service is delivered. It is transforming the computing landscape, which means many big technical, economic and business changes will happen. Cloud computing has emerged with a promise to decrease the cost of computing implementation and deliver the computing as service, where the client pay only for what he needed and used. On the other hand, many security concerns arise with cloud computing. This paper introduces a practical study for cloud computing security threats. This study was conducted on a real SaaS provider with more than one thousand and five hundred clients for 285 days.

Enhancement of network access control architecture with virtualization

The demand for protecting the enterprise network infrastructure from network security threats has shown an increase in recent years. Therefore, a security enforcement mechanism for the network is required to protect the network against the threats especially from internal. Generally, staffs and visitors that use their computer everywhere could bring a threat as it escape from the protective measures imposed by an organization. Therefore, it is necessary to secure enterprise network from being compromised by using endpoint security solution. Network Access Control (NAC) is capable to provide solution for determining the integrity of endpoints which serve as a basis for trustworthy communication. However, literature review reveals several types of NAC architecture that have been implemented by solution providers such as CISCO NAC and Microsoft NAP employs proprietary standard and the deployment method used is not comprehensive. In addition, previous architecture only complies with one of the NAC characteristic such as in-band or out-band, managed or unmanaged LAN, agent or agentless, pre-admission or postadmission and limited OS support. Hence, this study will focus on reviewing all those NAC architecture as a baseline to produce an enhanced NAC architecture which can cater for all NAC characteristics. The results shows that proposed NAC architecture which is combination of all the NAC characteristics can effectively control the network access by endpoint device. This proposed NAC architecture maybe useful as a basis for reference not only for researchers in this field but also for network administrator. It is necessary to review the NAC architecture from time to time to ensure that the security is remain intact.

Novel Risk Assessment Method to Identify Information Security Threats in Cloud Computing Environment

Cloud computing model brought many technical and economic benefits, however, there are many security issues. Most of the common traditional information security risk assessment methods such as ISO27005, NIST SP800-30 and AS/NZS 4360 are not fit for the cloud computing environment. Therefore, this study applies medical research approach to assess the information security threats in the cloud computing environment. This study has been conducted as a retrospective cohort study and the collected data has been analyzed by using the survival analysis method. The study has been conducted on the software as a service (SaaS) environment that has more than one thousand and seven hundred cloud customers. The survival analysis method is used to measure the significance of the risk factor level. The information security threats have been categorized into twenty-two categories. This study has proven that the medical research approach can be used to assess the security risk assessment in cloud computing environment to overcome the weaknesses that accompany the usage of the traditional information security risk assessment methods in cloud computing environment.

Digital Forensic Challenges in the Cloud Computing Environment

The cloud computing model has been developed with promises to overcome the difficulties of other computing models. The low cost of computing resources, availability, location independence, and more focus on business objectives that this model promises are the most attractive features for companies. However, security issues are still the main obstacle that prevent widespread cloud computing adaptation. Digital forensics, a necessary process after any security incident, is faced with many challenges in the cloud computing environment. In this paper, we discuss the challenges digital forensics face in a cloud computing environment.

Enhancement and Implementation of Network Access Control Architecture for Virtualization Environments

The demand for protecting the enterprise network infrastructure from network security threats has shown an increase in recent years. Therefore, a security enforcement mechanism for the network is required to protect the network against the threats especially from internal. Generally, staffs and visitors that use their computer everywhere could bring a threat as it escape from the protective measures imposed by an organization. Therefore, it is necessary to secure enterprise network from being compromised by using endpoint security solution. Network Access Control (NAC) is capable to provide solution for determining the integrity of endpoints which serve as a basis for trustworthy communication. However, literature review reveals several types of NAC architecture that have been implemented by solution providers such as CISCO NAC and Microsoft NAP employs proprietary standard and the deployment method used is not comprehensive. In addition, previous architecture only complies with one of the NAC characteristic such as in-band or out-band, managed or unmanaged LAN, agent or agentless, pre-admission or postadmission and limited OS support. Hence, this study will focus on reviewing all those NAC architecture as a baseline to produce an enhanced NAC architecture which can cater for all NAC characteristics. The results shows that proposed NAC architecture which is combination of all the NAC characteristics can effectively control the network access by endpoint device. This proposed NAC architecture maybe useful as a basis for reference not only for researchers in this field but also for network administrator. It is necessary to review the NAC architecture from time to time to ensure that the security is remain intact.