Entity Configuration for Designing a Port Security Information System : Proposed Extensions of the Vocational Education and Training Curriculum

Port security is one of the most important fields of Vocational Education and Training (VET) maritime studies. In this article, we propose the configuration of entities that are used to design a port security information system for VET education. Our work integrates recent maritime Information Technology (IT) concepts into VET. We record the initial design for building educational software for a school-level security information system that can be used as an extension project for the existing maritime curriculum of VET. This plan, if implemented and completed, will strengthen and expand the boundaries of school knowledge and curriculum. This article describes the design part of the whole project.


I. INTRODUCTION
According to the recent reforms in Vocational Education and Training (VET) in Greece, the students have the right to choose directions from the Maritime Specialties (http://www.iep.edu.gr/el/naftiliakon-epaggelmaton). They can do this choice in the second grade of the daily Vocational Lyceum (EPAL). In the second-grade students attend 23 hours of Laboratory Training and 12 hours of General Education courses per week. In the 3rd grade of EPAL, after choosing one of the two (2) specialties provided by the VET direction, also they can attend 23 hours of specific lessons. According to the Gov. 1489 / t. B / 26-5-2016, from the school year 2017-2018 up today (2020), in the Sector of Maritime Occupations in the 3rd Class of the Daily and Evening EPAL, the following specializations are planned: • "Merchant Marine Commander", • "Merchant Marine Engineer". Students who serve on a boat are considered as "individual pupils" with an obligation to take oral and written exams at the end of the school year. Upon graduation, students receive a master's or engineering degree that allows them, if under 27, to participate in the national exams for admission to the Merchant Navy Academies S. Gompou is with the Department of Informatics, University of Piraeus, Greece (e-mail: sophiagompou@gmail.com).
D. Κotsifakos is with Vocational Education and Training, Department of Secondary Education Piraeus, and, he is also with the Department of Informatics, University of Piraeus, Greece (e-mail: kotsifakos@unipi.gr).
Marine Engineer" are taught Navigation, Stability of a ship, Loading, Emergency, Bridge Guard and Naval Communications. One of the most important fields of study of the specialties concerns the safety of ships and ports. Ports are the most important part of maritime transport, with safety of shipping and passengers playing a very important role, as we are seeing an increasing number of terrorism incidents and other emergencies.
More attention should be paid to issues relating to improving the safety of passengers and installations, as the Greek legislation lacks relevant laws and guidelines. The strategic position of the Greek ports, coupled with the increasing volume of freight and passenger traffic, increases the need for intelligent and specialized safety solutions. An adequate level of protection and resilience against natural or electronic threats, or even combined threats to ports, should be ensured and the detrimental effects on society and citizens of any attack should be limited. It is important that the competent authorities also consider the sense of passenger safety. A modern information security system for vocational education should include access control for incoming vehicles and users, electronic patrols, surveillance of port facilities and surrounding operating sites, as well as electronic control of passengers following the International Ship and Port Facility Security Code (ISPS). Furthermore, technology in general and Information Technologies (IT) are essential for maritime, as the communication of ships with ports will be safe, without fear of hackers monitoring. Port operators should in all cases implement an appropriate security plan that is consistent with the relevant financial and operational data and with the security standards of the ISPS.
Based on these guidelines, we propose a completely new classification of entities for the design of an information system security modeling based on the latest directions of IT, as well as the curriculum data and the institutional framework for maritime studies in VET. With term "entity configurations in maritime specialties" we mean the distinct and independent configuration that can be a source of a maritime threat and may be included in a risk assessment framework. Modeling of the planned information system concerns all explicit or unambiguous marine factors. The main motivation of our idea is that the project of design, modeling and implementation of a school-level security information system (educational software) strengthens and expands the boundaries of school knowledge, especially as this curriculum pursues.  The article describes the part of Phase 1 and is written in the following order: in Section II we introduce the conceptual clarification for the Information Security System for Maritime Studies off Vocational Education. In Section III we focus in the safety systems used in port and the threats to port security planning needs for organizing a new information system. In Section IV we present the entity configuration for designing a port security information system used in ports and the International Code on Ship and Port Facility Security (ISPS code) for the safety of ships and port facilities. In Section V we present the port fire station operating regulations and suggestions for advancing port security with computer science. In Section VI we present the conclusions, the basic idea of the article, and our suggestions for advancing port security with computer science.

II. CONCEPTUAL CLARIFICATION FOR AN INFORMATION
SECURITY SYSTEM FOR MARITIME STUDIES OFF VOCATIONAL EDUCATION Reference [6] shows that shipping is a key pillar of the growth of the Greek economy. This success is largely due to the manpower it employs, both in command staff (Masters -Engineers) and in other seafarers. sipping is a field that requires responsibility, leadership, mechanical skills, knowledge of foreign languages, especially the English language, good physical strength and endurance, and love and familiarity with the sea. Merchant Marine Commander and Merchant Marine Engineer must be the "masters" of the ship and, at the same time, the ship's representative on board, to be the principal responsible for the safety of the ship, the crew, the cargo, and the passengers, to map the course of the ship, to direct and organize the work of all crew. The Merchant Marine Commander or the Merchant Marine Engineer need to work with the Engineer and the shipping company.
The graduate of the Merchant Marine Engineer track of VET may be responsible for the maintenance, proper operation of the ship's engines and for the calculation of fuel and supplies, works mainly at the engine room and is responsible for the maintenance work, the proper operation of the engines, and the supply of fuel, water, lubricants and spare parts of the ship. Moreover, he needs to work closely with the Captain and the shipping company. Another crucial area concerns criminal and terrorist actions. Ports can a target of criminal and terrorist actions. The increasing load of freight and passenger transport the last years demand more strict security measures, which, however, must allow the uninterrupted function of the port activity and provided customer services. The ones responsible for the ports must always apply a suitable security plan, adjusted to the financial and operational data and simultaneously compliant to the security standard of the ISPS code (International Ship & Port Facility Security Code) as described by the International Maritime Organization (IMO), United Nations (http://www.imo.org/en/About/Pages/Default.aspx).
Complying with the ISPS code requires investment in physical security measures for the protection of large areas with an extensive perimeter, which, however, should not affect the passengers' traveling experience. Maritime security refers to a dual meaning, where except from the illegal actions (security), there is also the secure conduction of labor at the port (safety). Some important security systems, which are used for the avoidance of illegal actions in European ports is the Long-Range Identification and Tracking of ships System (LRIT), European Border Surveillance System (EUROSUR), Vessel Traffic Monitoring & Information Systems (VTMIS), and Systems specialized in the Design, Development, Production and Integration of Command and Control (C2) and Force Protection Systems (System C4i).
The contribution of the Fire Brigade is also important in port security because is responsible and has the operational design of suppressing all fires. The contribution of the Fire Brigade is also important for the rescue of people and tangible goods from the ports and the Port Police. The mission of Fire Brigade includes the assurance of compliance and monitoring the application of the naval security rules. Computer Science is also a major factor in maritime security. Applying external measures on both ports' and ships' security systems (e.g. firewalls) can prevent many potential cyber-attacks, which may lead to endangering both passengers and crew, and be the source of an attack with an impact in the maritime ecosystem.
The Conceptual Clarification for the entities of an Information Security System for VET ( Fig. 1) results from the following legislation: • Port: On Article 1 of Law 2971/2001 (Government Gazette A' 285) is stated that "A port is a land and sea area together with works and equipment, which mainly allows for the reception of all types of waterways and recreational craft, the loading and unloading, storage, reception and promotion of their cargo, the servicing of passengers and vehicles and the development of business activities, directly or indirectly related to maritime transport". Based on Article 18 of Law 2971/2001, "port zone" means the land and sea area, continuous or interrupted, in which the competent port administration and demersal operator can carry out the projects required to serve commercial, passenger, maritime, tourism and fishing traffic and, more generally, the good functioning of the port. It is divided into land and sea. Article 19 stipulates that 'the land-harbor zone shall consist of the seabed and the continuously needed coastal areas for the execution of works. Under Article 20 "the seaport zone shall include the port basins and the sea area up to five hundred meters from the coast of the land area". In addition, in accordance with Article 2 The system we propose, and design allow better surveillance of the marine space and help to prevent illegal actions on its territory (Fig. 2) are: •

LRIT (Integrated Vessel Monitoring Network and enavigation systems for European waters) • EUROSUR (European Border Surveillance System) • Vessel Traffic Services (VTS)
• System C4i (Secure wired and wireless communication systems and data transmission networks). For educational reasons we keep only them. Port security refers to a two-pronged concept that first includes the right working and physical environment (safety) and the second is the security climate relating to unlawful acts that endanger human life and property. The second is intended primarily to avoid unlawful acts being carried out in the port area. In the case of installations, persons or ships which are in breach of the law (ILO-IMO, 2004:1). A. Safe Operation at the Port Site (Safety): Port workers and those directly involved in their work are exposed to various accidents such as the fall in the sea, possible fires resulting from leakage of liquid cargo, and natural disasters which can be caused. Therefore, there should exist an effective management of the safety and health of workers. In order to protect port workers, the International Labor Organization ILO (the United Nations organization responsible for promoting social justice and promoting decent work by defining international labor standards) has adopted a code covering the most common activities taking place in ports. ILO standards help address these challenges by dealing with two characteristics of dock work: the need for specific protection due to the safety and health hazards to which dockworkers are exposed during their work, and the impact of technological progress and international trade on their employment and the organization of work in ports. (https://www.ilo.org/global/lang--en/index.htm). Safety is achieved by working measures (e.g. fire protection and firefighting) and health.
B. Security: Security refers to the avoidance of illegal activities at the port, whether these concern facilities, persons or ships. The revised International Convention for the Safety of Life at Sea (SOLAS 1974) with the adoption of the International Code for the Safety of Ships and Port Facilities by Unlawful Acts (ISPS Code), in conjunction with Regulation (EP) 725/2 004 of the European Parliament and of the Council of the European Union constitute the basic safety framework for port facilities and ships. Security includes terrorist attacks, sabotage, unauthorized use, and smuggling.
A safety assessment is followed by the development of a safety plan to be drawn up by both port facilities and ships. This plan provides every detail for the preparation, prevention and response activities of stakeholders. In each port facility and ship, there must be a safety officer the duties of whom is the preparation and implementation of the safety plan are included.
The security organization of the port facility should be able to monitor the entire port facility and the points close to it, on land and at sea, at all times, including nighttime and the periods of limited visibility, the restricted access areas within the port facility, the ships in the port facility and the areas around the ships. Lighting, security guards, including pedestrian patrols, vehicles or the sea, intruder detection devices and surveillance equipment may be used for monitoring.
In addition, it is necessary for the shipping company to ensure that the necessary assistance is provided to the company's security officer, the master, and the ship's security officer to perform their duties and responsibilities. The mission of the Port Corps to the security of each port includes ensuring compliance with and monitoring the application of maritime safety rules to ships and port facilities. The Port Corps also cheque the conditions for the safe management of ships, in accordance with the institutional framework applicable each time, such as the International Ship and Port Facility Security Code (ISPS).

IV. ENTITY CONFIGURATION FOR DESIGNING A PORT SECURITY INFORMATION SYSTEM USED IN PORTS AND THE INTERNATIONAL CODE ON SHIP AND PORT FACILITY SECURITY CODE FOR THE SAFETY OF SHIPS AND PORT FACILITIES
In Fig. 3 we present the configuration entities for the port security information system. This configuration concerns a proposal for a proposed extension of the existing maritime curriculum of vocational education and training.
The International Code on Ship and Port Facility Security (ISPS Code) is part of the International Convention on the Safety of Life at Sea (SOLAS) and lays down the ways of implementing security measures on ships and port facilities to avoid terrorist threats and other criminal acts. It focuses on the proper implementation of security measures required internationally. It consists of two parts. In the first part where its provisions are regarded as binding and in the second part where its provisions are regarded as constitutive. Administrative bodies for the implementation of the provisions of the ISPS Code and the Regulation, port facilities may also entrust private companies with the task of implementing the provisions of the Regulation.
The provision of security services, equipped with the relevant statutory authorization, the exercise of the security checks provided the approved security plans. Those provisions including checks on persons, baggage and cargo, access checks and security surveillance of port facilities. Those activities require the issue of a police authorization by the Port Authority concerned, the terms and conditions of which shall be determined by a decision of the Minister. The Fire Brigade in its mission to provide security and protection of the lives and property of citizens and the State itself against the risks of fires and any other disasters shall be responsible and operational planning for the repression of all fires and for providing all possible assistance to save people and property in the port areas. It has, thus, set up fire brigade stations in the country's major ports with qualified fire brigade and special equipment to best guarantee their fire protection according to the State Department. no. 5804 Ministerial Decree, the Fire Brigades Magistrates of the Brigadier are the responsibility of the Regional Administrations. The Port Fire Stations are subject to the Regional Administrations or the Department of Fire Brigades concerned and are distinguished in Class I by two ships (one Class A and one Class A2 ship), and in Class II by one Class A2 ship. Fire-fighting vessels (PPE) shall be made available and allocated to the Regional Administrations or their Fire Brigades by the decision of the Head of the Fire Brigade, upon submission of a proposal by the Water Resources Directorate. Reference [7] shows that Port Fire Stations have a certain area of responsibility defined by the Regional Fire Brigade Administration to which they belong. In the event of an incident outside the area of responsibility of the Port Fire Brigade, the competence to intervene by the fire brigade may be extended by order of the Chief Fire Brigade. The Fire Brigades Magistrates of the Brigadier Tasks: • Fire safety of the country's ports and port facilities.
• The fight against fires of all types and sizes of ships, floating facilities, and installations, at berth or in the wider port area and on land. • To assist people at risk at sea. • The provision of assistance and response to water disasters in the insides of ships, floating equipment, and installations. • The performance of any other task arising from other provisions relating to fire -rescue at sea. Ship-Port contact is a circumstance that bears no gap in its computer security system. Thanks to the continuous development of Information Technology, cryptography, and computer security, additional security measures can and should be taken to increase the security of passengers and crew but also of the ports and ships. It is the main concern for ports to ensure safe communication with the ships in its range. The ruling concern is to prevent any kind of intervention by third parties to the port's or ship's computer system, which can cause disastrous accidents or miscommunication.
A. Firewalls: Firewalls are compulsory for every device, to protect the personal and significant data from hackers and the device from viruses [1], [4]. A firewall provides security and privacy, but when conveying a message, it can easily be modified.
B. Port Knocking Method: The Port Knocking method ensures safe and encrypted communication between authorized devices [5]. It opens a port on a firewall when it receives the correct sequence of attempts in specific ports. Through this port, an encrypted message is passed to the other side [2]. This method can ensure that an attacker cannot detect any port, as they will seem protected and closed unless he sends knocks in the correct sequence. Port Knocking protection has a long sequence of knockings, which beneath, has a less complicated knocking sequence [3]. Both steps, to connect with the other party behind the firewall, demand the consignor to know the exact port knocking combination of the recipient's firewall.
C. Message Encryption: Encrypting the message is an additional, but not useless, security measure, so as the security is airtight [8]. The IDEA is used worldwide, as it is considered one of the most well-known encryption algorithms. It has 64 bits block size for keys and 128bits key size, to increase the degree of diffusion. Through the years of use by the United States of America and European countries, there has not been any attack, despite many attempts.
D. Procedure: The Consignor decides they want to send a message to the Receiver. After getting the message written, it is encrypted based on the I.D.E.A. Algorithm. Next, with the port knocking method and after knocking in the correct sequence on the receiver's firewall, the Receiver will receive the encrypted message. When it is time for the receiver to read it, it will be automatically decrypted.

VI. CONCLUSION
In this article we have shown that modeling of the planned information system concerns all explicit or unambiguous marine factors we have shown that the project of design, modeling and implementation of a school-level security information system (educational software) strengthens and expands the boundaries of school knowledge, especially as this curriculum pursues. In this article we also we have shown that the entity configuration for designing a port security information system could operate as extension of the VET curriculum. The added teaching value of our proposal concerns the training of VET students in the entities we have listed that could build a modern information system. The future work of the article is about a transitional teaching period in which students will build such information systems with modern IT tools and environments and integrate the entities. Another extension of the article could involve the Securing Critical Information Infrastructures and Supply Chains, focusing on initiatives and efforts that attempt to deal with the risks and vulnerabilities of port Critical Information Infrastructures (CII) ecosystems [9]. Al future extensions of the article concern, on the one hand, researchers and designers of school educational software and on the other hand, the teachers and the students of VET.

ACKNOWLEDGMENT
Many of the key ideas in the article were derived from the SAURON project-EU H2020-CIP-01-2016-2017: "Scalable multidimensionAl sitUation awaReness sOlution for protectiNg european ports". Although the proposed software design of this article is not related to the SAURON project (https://sauronproject.eu/) we feel that a thank note for motivation ideas should be mentioned. We also need to refer to the work of the Nineta Polemi at European Comission (DG-CONNECT) Cyber Security and Digital Privacy Unit (https://www.cyberwatching.eu/nineta-polemi) as high standard paradigms for us, about security and privacy.