The use of the command line interface in the verification and management of the security of IT systems and the analysis of the potential of integrating biometric data in cryptographic mechanisms

Manowska, Anna; Boroš, Martin; Bluszcz, Anna; Tobór-Osadnik, Katarzyna

doi:10.29119/1641-3466.2024.198.16

Artykuł - szczegóły

Tytuł artykułu

The use of the command line interface in the verification and management of the security of IT systems and the analysis of the potential of integrating biometric data in cryptographic mechanisms

Autorzy

Manowska Anna , Boroš Martin , Bluszcz Anna , Tobór-Osadnik Katarzyna

Treść / Zawartość

Pełne teksty:

198-Manowska-Boros-Bluszcz-Tobór-Osadnik.pdf

Pobierz

Identyfikatory

DOI

10.29119/1641-3466.2024.198.16

Warianty tytułu

Języki publikacji

Abstrakty

Purpose: The rapid advancement of digital technologies has necessitated robust security measures to protect information systems against escalating cyber threats. The objective is to study the effectiveness of the command line interface (CLI) in IT system security management. Design/methodology/approach: This paper explores the efficacy of the command line interface (CLI) in managing IT system security and examines the potential of integrating biometric data into cryptographic mechanisms. We delve into the CLI's precision and flexibility, which enable the execution of complex security tasks and its seamless integration with advanced security tools. Furthermore, we investigate the incorporation of biometrics, such as fingerprints and facial recognition, into encryption processes, offering enhanced security by binding access to individual biometric identifiers. Findings: Our findings suggest that while CLI remains a vital tool for security specialists, the convergence of CLI with biometric authentication can significantly fortify the security of information systems. Practical implications: The paper addresses the challenges and opportunities presented by this integration, including privacy concerns and the need for secure handling of biometric data. We also discuss the implications of such technologies in the context of the European Union's legal framework on cybersecurity. Originality/value: The article is aimed at those involved in cyber security management. The article presents the possibility of using biometric attestations to support the security of IT systems.

Słowa kluczowe

cybersecurity European Union cybersecurity legislation cryptographic mechanisms data encryption multi-factor authentication

cyberbezpieczeństwo prawodawstwo Unii Europejskiej w zakresie cyberbezpieczeństwa mechanizmy kryptograficzne szyfrowanie danych uwierzytelnianie wieloczynnikowe

Wydawca

Wydawnictwo Politechniki Śląskiej

Czasopismo

Zeszyty Naukowe. Organizacja i Zarządzanie / Politechnika Śląska

Rocznik

2024

Tom

z. 198

Strony

289--308

Opis fizyczny

Bibliogr. 36 poz.

Twórcy

autor

Manowska Anna

anna.manowska@polsl.pl

Department of Automatics and Industrial Informatics, Silesian University of Technology, Poland

https://orcid.org/0000-0001-9300-215X

autor

Boroš Martin

martin.boros@uniza.sk

Department of Security Management, Faculty of Security Engineering, University of Žilina, Slovakia

https://orcid.org/0000-0003-0705-0556

autor

Bluszcz Anna

anna.bluszcz@polsl.pl

Department of Safety Engineering, Silesian University of Technology, Poland

https://orcid.org/0000-0001-9724-5706

autor

Tobór-Osadnik Katarzyna

katarzyna.tobor-osadnik@polsl.pl

Department of Safety Engineering, Silesian University of Technology, Poland

https://orcid.org/0000-0003-4568-3485

Bibliografia

1. Bolle, R.M., Connell, J.H., Pankanti, S., Ratha, N.K., Senior, A.W. (2004). Guide to Biometrics. New York, NY, USA: Springer.
2. Brown, S., Green, T. (2022). Biometrics and Cryptography: The Future of Data Security. Berlin, Germany: Springer, pp. 101-145.
3. Davis, M., Taylor, E. (2023). Integrating Biometric Authentication in Cryptographic Protocols. Secur. Cryptogr. J.
4. Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., Halderman, J.A. (2014). The Matter of Heartbleed. Proceedings of the 2014 Conference on Internet Measurement Conference, pp. 475-488.
5. European Commission (2017). Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications). COM/2017/010 final - 2017/03 (COD).
6. European Parliament and Council of the European Union (2016) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). Official Journal of the European Union 2016, L119, pp.1-88.
7. European Parliament and Council of the European Union (2016). Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union. Official Journal of the European Union 2016, L194, pp.1-30.
8. Gressin, S. (2017). The Equifax Data Breach: What to Do. Federal Trade Commission.
9. International Organization for Standardization (2013). ISO/IEC 27001:2013 Information technology - Security techniques - Information security management systems - Requirements.
10. International Organization for Standardization (2013). ISO/IEC 27002:2013 Information technology - Security techniques - Code of practice for information security controls.
11. Jain, A.K., Flynn, P., Ross, A.A. (2007). Handbook of Biometrics. New York, NY, USA,: Springer.
12. Jain, A.K., Nandakumar, K., Nagar, A. (2008). Biometric Template Security. EURASIP J. Adv. Signal Process, 579416.
13. Jain, A.K., Ross, A. (2007). Introduction to Biometrics. In: A.K. Jain, P. Flynn, A.A. Ross (Eds.), Handbook of Biometrics (pp. 1-22). New York, NY, USA: Springer.
14. Jain, A.K., Ross, A., Nandakumar, K. (2011). Introduction to Biometrics. Boston, MA, USA: Springer.
15. Johnson, L., White, R. (2020). The Role of CLI. In: H. Thompson (Ed.), Modern Security Practices. In Advances in Network Security, vol. 2 (pp. 45-78). New York, NY, USA: Wiley.
16. Kim, Y., Park, J., Lee, H. (2023). Enhancing Security Through Biometric-Enabled Cryptographic Keys. Proceedings of the International Conference on Information Security, Seoul, South Korea, 10-12 June 2023.
17. Kottler, M. (2016). Dyn Analysis Summary Of Friday October 21 Attack. Dyn Blog.
18. Lee, R.M., Assante, M.J., Conway, T. (2016). Analysis of the Cyber Attack on the Ukrainian Power Grid. Electricity Information Sharing and Analysis Center (E-ISAC).
19. Martinez, R. (2021). Biometric Security Protocols in Cryptography. Ph.D. Thesis. Cambridge, MA, USA: Massachusetts Institute of Technology.
20. Matsuura, K., Miyaguchi, K. (2003). Cryptographic Approach to "Privacy-Friendly" Tags. In: RFID Privacy Workshop. Cambridge, MA, USA: MIT.
21. Mistry, K., Jain, A.K. (2010). Biometric Encryption: Security for Data and Identity. Proceedings of the IEEE Symposium on Security and Privacy. San Francisco, CA, USA, May 2010, pp. 123-127.
22. Mohurle, S., Patil, M. (2017) A Brief Study on WannaCry Ransomware Attack. International Journal of Advanced Research in Computer Science, vol. 8, no. 5, pp. 1938-1940.
23. Nagar, A., Nandakumar, K., Jain, A.K. (2010, January). Biometric template transformation: a security analysis. Media Forensics and Security II, vol. 7541, pp. 237-251.
24. National Institute of Standards and Technology. Cryptographic Standards and Guidelines. Available online: https://csrc.nist.gov/publications, 6 February 2024.
25. O'Gorman, L. (2003). Comparing Passwords, Tokens, and Biometrics for User Authentication. Proc. IEEE 2003, 91, pp. 2021-2040.
26. Perlroth, N. (2013). Target’s Hacking Nightmare Reveals the Vulnerability of Data. The New York Times.
27. Ratha, N.K., Connell, J.H., Bolle, R.M. (2001). Enhancing Security and Privacy in Biometrics-Based Authentication Systems. IBM Syst. J., 40, pp. 614-634.
28. Rathgeb, C., Uhl, A.A. (2011). Survey on Biometric Cryptosystems and Cancelable Biometrics. EURASIP J. Inf. Secur., 3, pp. 1-25.
29. Sanger, D.E., Perlroth, N. (2020). Russian Hackers Broke Into Federal Agencies, U.S. Officials Suspect. The New York Times.
30. Sanger, D.E., Perlroth, N., Schmidt, M.S. (2014). U.S. Said to Find North Korea Ordered Cyberattack on Sony. The New York Times.
31. Smith, J., Doe, A. (2021). Command Line Proficiency: A Necessity for Cybersecurity Experts. J. Cyber Secur. Technol., 5, 123-145.
32. Soutar, C., Roberge, D., Stoianov, A., Gilroy, R., Kumar, B.V.K.V. (1998). Biometric Encryption Using Image Processing. Proceedings of the SPIE 3314, Optical Security and Counterfeit Deterrence Techniques II. San Jose, CA, USA, 28 January 1998, pp. 178-188.
33. Teoh, A.B.J., Ngo, D.C.L., Goh, A. (2004). Biohashing: Two Factor Authentication Featuring Fingerprint Data and Tokenised Random Number. Pattern Recognit, 37, pp. 2245-2255.
34. Uludag, U., Pankanti, S., Prabhakar, S., Jain, A.K. (2004). Biometric Cryptosystems: Issues and Challenges. Proc. IEEE 2004, 92, pp. 94-960.
35. Vacca, J.R. (2007). Biometric Technologies and Verification Systems. Amsterdam, The Netherlands: Elsevier.
36. Wagner, D., Fischer, I. (2019). The Unix Command Line and Its Role in Security Administration. In: A. Syed (Ed.), Unix Systems for Modern Architectures. New York, NY, USA: ACM Press.

Uwagi

Opracowanie rekordu ze środków MNiSW, umowa nr POPUL/SP/0154/2024/02 w ramach programu "Społeczna odpowiedzialność nauki II" - moduł: Popularyzacja nauki (2025).

Typ dokumentu

Bibliografia

Identyfikator YADDA

bwmeta1.element.baztech-cf5fe89c-fca3-438a-9b30-9b96f1c90e03