List of Articles امنیت اطلاعات

• Open Access Article
  • Abstract Page
  • Full-Text
  
  1 - modified division and replication of data in cloud for optimal performace and security (MDROPS)
  hossein hassanpour
  The tendency of organizations to use cloud services is increasing every day, due to the economic benefits that can be contained, the adoption of every service of information security topic is the most critical basic needs. Hence the need to Outsourcing data as well as t More

  The tendency of organizations to use cloud services is increasing every day, due to the economic benefits that can be contained, the adoption of every service of information security topic is the most critical basic needs. Hence the need to Outsourcing data as well as the significant growth of the hacker's knowledge may be considered as a major obstacle in the path of securing the cloud services. One of the proposed techniques to secure cloud computing using network platform, is divide and replicate data [5]. That this method suffers from problems like disclosure of Information through telephone (internet) tapping, incompleteness of encryption of location's data storage algorithm. Therefore, in this article we have tried to present a way to optimize the performance and increase the level of security, by dividing and replicating data using a methodology with the encryption of location's respondents and Finally, we want to indicate the increase of efficiency and security with the implementation of the algorithm in the context of data center networks that simulated with Cloudsim software, and also to compare the algorithm using the same proposed approaches. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  2 - IT Services Outsourcing Novation tactics and Entrepreneurial Strategies in the Financial Services (Case Study: Private and public banks in Markazi province)
  mahtab Eshghiaraghi
  With the rapid rise of global developments and  transition from the traditional society to the information society, paying attention to entrepreneurial strategies for the correct and optimal use of new opportunities and values has forced the banking system to be changed More

  With the rapid rise of global developments and  transition from the traditional society to the information society, paying attention to entrepreneurial strategies for the correct and optimal use of new opportunities and values has forced the banking system to be changed more and more. Outsourcing of information technolog( IT) services has changed to a strategy option in using IT services for organizations due to relatively large advantages for organizations. The aim of this study is to explain the role of Outsourcing strategies of IT services in the financial Services of Private and public Banks inMarkazi province. This research is practical in terms of objective and the method is correlational.The statistical population consists of managers and experts of Private and public banks in Markaziprovince which over 103 is members of the community.Research data collected via questionnaire with Cronbach's alpha 0.889 were analyzed throughSpss software. Besides, multivariate regression and Pearson correlation test were applied to analyze them.The result ideates that all hypotheses are accepted. Also findings show that there is a direct relationship between management variables and expenses reduction, novation technologies and accessibility to more specialty (Mobile Banking, Internet and Electronics), IT security and risk reduction, increasing the business flexibility with novation Tactics and strategies of information technology IT services outsourcing in financial Services. So it is concludee that Private and public banks in Markazi province can improve financial services through raising access to more profession and using new technologies, decreasing the expenses, focusing on the main activities, decreasing risks and contracting for IT security and incresing commercial flexibility by IT outsourcingWith the rapid rise of global developments and  transition from the traditional society to the information society, paying attention to entrepreneurial strategies for the correct and optimal use of new opportunities and values has forced the banking system to be changed more and more. Outsourcing of information technolog( IT) services has changed to a strategy option in using IT services for organizations due to relatively large advantages for organizations. The aim of this study is to explain the role of Outsourcing strategies of IT services in the financial Services of Private and public Banks inMarkazi province. This research is practical in terms of objective and the method is correlational.The statistical population consists of managers and experts of Private and public banks in Markaziprovince which over 103 is members of the community.Research data collected via questionnaire with Cronbach's alpha 0.889 were analyzed throughSpss software. Besides, multivariate regression and Pearson correlation test were applied to analyze them.The result ideates that all hypotheses are accepted. Also findings show that there is a direct relationship between management variables and expenses reduction, novation technologies and accessibility to more specialty (Mobile Banking, Internet and Electronics), IT security and risk reduction, increasing the business flexibility with novation Tactics and strategies of information technology IT services outsourcing in financial Services. So it is concludee that Private and public banks in Markazi province can improve financial services through raising access to more profession and using new technologies, decreasing the expenses, focusing on the main activities, decreasing risks and contracting for IT security and incresing commercial flexibility by IT outsourcing. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  3 - Information Security Maturity Assessment Model in the IT Departments of the Oil Industry Subsidiaries in Iran
  Reza Radfar Fatemeh akhavan
  10.52547/jstpi.20788.16.64.41
  The business approach and risk management framework of the company through the establishment and maintenance of the information security management system (ISMS) is a framework for identifying, assessing, controlling and managing the risks associated with information se More

  The business approach and risk management framework of the company through the establishment and maintenance of the information security management system (ISMS) is a framework for identifying, assessing, controlling and managing the risks associated with information security in the company. It is based on privacy standards, integrity and availability of information assets. In the present report, not only a model for evaluating the information security maturity in the headquarters of one of the oil industry companies is developed, but also the defect analysis and implementation of the existing organization are initially carried out in accordance with the requirements of ISO 27000. By defining the indicators of evaluation and measurement of these indicators in the organization, its maturity is estimated in this security standard. Different models are presented to identify the weaknesses and security powers of a particular organization. The goal is to identify a gap between theory and practice that can be approximated by the process-oriented approach. The puberty model introduced and used in this project, provides a starting point for implementing security, a public view of security, and a framework for prioritizing operations. This model of information security maturity has 5 phases. (The maturity model is information security as a tool for assessing the ability of organizations to meet security goals, that is, confidentiality, integrity and availability, and prevent attacks and access to the mission of the organization in spite of attacks and accidents)??. This model defines a process that has all aspects of security management, measurement, and control. The results of the evaluation show that the organizations which have security investments ahead of time have to understand the needs for high-level management of information security in the organization, and in addition to the actions taken in the field of physical environment, network and personal computers, controls access and encryption have been made to identify the necessary training and culture. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  4 - Secure Computing on the Internet of Everything
  Seyed Omid Azarkasb Seyed Hossein Khasteh
  With the advancement of technology and the remarkable growth of the Internet of Things (IoT), the need for secure computing in this domain has increased. The Internet of Everything enables the connection and communication among objects, data, processes, and individuals, More

  With the advancement of technology and the remarkable growth of the Internet of Things (IoT), the need for secure computing in this domain has increased. The Internet of Everything enables the connection and communication among objects, data, processes, and individuals, including systems, smart devices, industrial systems, and many others. With the immense number of connected objects, information security, and privacy have become significant challenges in IoT computing. This article explores the concept of secure computing in the Internet of Everything. It investigates the impact of the Internet of Things on the concept of security and its related needs. Furthermore, the methods and technologies used to establish secure computing in the Internet of Everything are discussed, including topics such as data encryption, identification and authentication, access management, privacy protection, and threat detection. Additionally, the challenges and drawbacks of secure computing in the Internet of Everything are examined, addressing issues such as the complexity of the connected environment, dynamic security threats, the need for standards and security-related concerns, and the influence of technological changes on secure computing. Finally, solutions and recommendations are provided to enhance secure computing in the Internet of Everything, including the use of strong encryption, centralized access management, user education and awareness, and advanced threat detection and monitoring systems. This article aims to provide a better understanding of secure computing in the Internet of Everything and to develop suitable security solutions for this domain. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  5 - Identifying the Key Drivers of Digital Signature Implementation in Iran (using fuzzy Delphi method)
  Ghorbanali Mehrabani Fatemeh Zargaran khouzani
  iThe purpose of this article is to identify and analyze the key drivers of digital signature implementation in Iran with a fuzzy Delphi approach. In terms of practical purpose and in terms of information gathering, the research has benefited from a hybrid approach. The More

  iThe purpose of this article is to identify and analyze the key drivers of digital signature implementation in Iran with a fuzzy Delphi approach. In terms of practical purpose and in terms of information gathering, the research has benefited from a hybrid approach. The statistical community consists of all experts and specialists in the field of information technology and digital signature and articles in this field. The sample size of the statistical community of experts is 13 people who were selected by the purposeful sampling method. 30 articles were selected based on their availability and downloadable, non-technical nature, and relevance to the topic. The method of data analysis was done according to the fuzzy Delphi approach. Validity and reliability were calculated and confirmed using the CVR index and Cohen's kappa test with coefficients of 0.83 and 0.93, respectively. The results prove that the key drivers of digital signature implementation in Iran include 5 main dimensions and 30 concepts, which are 1) security (information confidentiality, information security, sender authentication, document authentication, privacy protection, trust between parties), 2) business (digital business models, communication needs, staff management, organization size, organizational structure, organization resources, organizational culture, top managers, competition ecosystem, e-governance), 3) user (perceived convenience, perceived benefit, consumer behavior, consumer literacy, consumer lifestyle), 4) technical (development of technical infrastructure, systems integration, system complexity, system tanks, design quality, technical speed of certificate production and verification, impermeability of hackers) and 5) Legal (legal licenses, penal laws, legislative body, e-commerce laws). Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  6 - Identifying the Key Drivers of Digital Signature Implementation in Iran (Using Fuzzy Delphi Method)
  Ghorbanali Mehrabani Fatemeh Zargaran khouzani
  Despite the emphasis of researchers and experts on the need to implement digital signatures and the progress of technology towards the digitization of all affairs and electronic governance, Iran is still facing the challenge of implementing digital signatures. The purpo More

  Despite the emphasis of researchers and experts on the need to implement digital signatures and the progress of technology towards the digitization of all affairs and electronic governance, Iran is still facing the challenge of implementing digital signatures. The purpose of this article is to identify and analyze the key drivers of digital signature implementation in Iran with a fuzzy Delphi approach. In terms of practical purpose and in terms of information gathering, the research has benefited from a hybrid approach. The statistical community consists of all experts and specialists in the field of information technology and digital signature and articles in this field. The sample size of the statistical community of experts is 13 people who were selected by the purposeful sampling method. 31 articles were selected based on their availability and downloadable, non-technical nature, and relevance to the topic. The method of data analysis was done according to the fuzzy Delphi approach. Validity and reliability were calculated and confirmed using the CVR index and Cohen's kappa test with coefficients of 0.83 and 0.93, respectively. The results prove that the key drivers of digital signature implementation in Iran include 5 main dimensions and 30 concepts, which are 1) security (information confidentiality, information security, sender authentication, document authentication, privacy protection, trust between parties), 2) business (digital business models, communication needs, staff management, organization size, organizational structure, organization resources, organizational culture, top managers, competition ecosystem, e-governance), 3) user (perceived convenience, perceived benefit, consumer behavior, consumer literacy, consumer lifestyle), 4) technical (development of technical infrastructure, systems integration, system complexity, system tanks, design quality, technical speed of certificate production and verification, impermeability of hackers) and 5) Legal (legal licenses, penal laws, legislative body, e-commerce laws). It is suggested that in the field of digital signature implementation, special attention should be paid to rewriting rules, training users, creating a security culture, and digital signature policymakers should invite knowledge-based companies to cooperate in developing infrastructure and making relevant software competitive. Manuscript profile