The right way to agility should start with a proper agile mindset instead of applying Agile methods directly. However, apart from the manifesto, it is unlikely to find a comprehensive set of Agile principles that can serve for an improved agile mindset. Our study intends to fulfill this gap in a systematic way: providing a list of the Agile methods along with their principles within a single source, in the way of providing a better understanding of the concept of agility from a wide and exhaustive perspective. To do so, the collected 105 principles were content-analyzed in order to group them into 32 categories for a higher-level abstraction. These categories then were subsumed into two main categories. The whole grouping process was reviewed by one expert and the list was adjusted accordingly. Then, based on the consolidated list of the categorized principles, analysis and evaluations were made by the authors. As a part of the evaluations, semi-structured interviews with two experts were conducted to evaluate the categorized principles in general, especially in terms of their contribution to agility.
In information security context, social engineering is defined as malicious activities caused by cybercriminals by means of human interactions. It is mainly a psychological manipulation technique which gets benefit of human error to reach private information. This study used machine learning algorithms to predict individuals’ susceptibility to be tricked by social engineering attacks. Simulated scenarios were presented to study participants, and they were asked to identify whether each scenario was a social engineering attack or not. Different kinds of attacks related to various industries were integrated to social engineering simulations. For each participant, different types of social engineering scores were calculated according to their responses. Besides simulations, questionnaires related to demographics, technology usage, and personality traits were filled out by the participants. All of these collected data were used in building predictive classification and regression machine learning models. Through regression and classification models, it was aimed to proactively predict individuals’ social engineering risk levels and classify them into different risk groups in terms of different attack types. This research revealed that it is possible to predetermine the social engineering risk levels of individuals. This important finding means that possible attacks can be prevented by raising awareness before the attack occurs. Within the scope of this study, a social engineering risk detection mobile application has also been developed to give practitioners and policy makers an idea of what kind of systems can be developed in order to determine the risk levels of individuals and then to educate them about various attacks. The ones who need to take action against social engineering attacks will get benefit from findings of this research.
Today, almost all applications running on the smartphone provide valuable and sensitive transactions on user's private data such as identity data, credit card details, payment data, location data and so on. Service providers are trying to increase the efficiency of their applications and to improve the compatibility of security mechanisms through SIM (Subscriber Identity Module) cards owned by Mobile Network Operators (MNOs). In this sense, there is an urgent need for a centralized secure key management service. Thanks to the strong security infrastructure created by card manufacturers during design and the robust security procedures applied by MNOs; SIM cards have significant potential to provide the required secure environment for service providers. Accordingly, a novel centralized SIM card based key management framework called SIM-GAYS is designed and developed to facilitate centralized cryptographic operations of diverse mobile applications provided by service providers. This paper aims to present and demonstrate the essential development results of SIM-GAYS. The functional requirements of the SIM-GAYS are tested depending on developed scenarios. The results showed that the designed and developed APDU (Application Protocol Data Unit) transmission method between SIM card and smartphone, and secure storage of the keys by the Master Key (owned by SIM-GAYS) support almost all cryptographic services provided by SIM-GAYS framework.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.