When Mobile Phones are RFID-Equipped - Finding E.U.-U.S. Solutions to Protect Consumer Privacy and Facilitate Mobile Commerce

New mobile phones have been designed to include delivery of mobile advertising and other useful location-based services, but have they also been designed to protect consumers\u27 privacy? One of the key enabling technologies for these new types of phones and new mobile services is Radio Frequency Identification (RFID), a wireless communication technology that enables the unique identification of tagged objects. In the case of RFID-enabled mobile phones, the personal nature of the devices makes it very likely that, by locating a phone, businesses will also be able to locate its owner. Consumers are currently testing new RFID-enabled phones around the globe, but the phones are not yet in general use by consumers in the United States and Europe. The incorporation of RFID into cell phones in order to deliver mobile advertising and other location-based services raises a host of important privacy questions that urgently need to be addressed before the phones become widely available. Analyzing the risks to consumer privacy in this new context, this paper offers a comparative law analysis of the applicable regulatory frameworks and recent policy developments in the European Union and the United States and concludes that there are many privacy concerns not presently addressed by E.U. and U.S. laws. This article also offers specific ideas to protect consumers\u27 privacy through applications of fair information practices and privacy-enhancing technologies. When mobile phones are RFID-equipped, consumers will need new privacy protections in order to understand the risks and make knowledgeable decisions about their privacy

Blockchain-based reputation models for e-commerce: a systematic literature review

The Digital Age is the present, and nobody can deny that. With it has come a digital transformation in various sectors of activity, and e-commerce is no exception. Over the last few decades, there has been a massive increase in its utilization rates, as it has several advantages over traditional commerce. At the same time, the rise in the number of crimes on the Internet and, consequently, the understanding of the risks involved in online shopping has led consumers to become more cautious, looking for information about the seller and taking it into account when making a purchase decision. The need to get to know the merchant better before making a purchase decision has encouraged the creation of reputation systems, whose services play an essential role in today's e-commerce context. Reputation systems act as mechanisms to reduce information asymmetry between consumers and sellers and establish rankings that attest to fulfilling standards and policies considered necessary for shops operating in the digital market. The critical problems in current reputation systems are the frauds and attacks that such systems currently have to deal with, which results in a lack of trust between users. These security and fraud issues are critical because users' trust is commonly based on reputation models, and many of these current systems are not immune to them, thus compromising e-commerce growth. The need for a better and safer model emerges with the development of e-commerce. Through reading the articles and pursuing the answers to the primary questions, blockchain is data register technology to be analysed in order to gain a better acknowledgment of the potential of such technology. More research work and investigation must be done to fully understand how to create a more assertive reputation model. Thus, this study systematizes the knowledge generated by reputation models in E-commerce studies in Scopus, WoS databases, and Google Scholar, using PRISMA methodology. A systematic approach was adopted in conducting a literature review. The need for a systematic literature review came from the knowledge that there are reputation systems that mitigate some of the problems. In addition to identifying some indicators used in reputation models, we also conclude that these models could help provide some insurance to buyers and sellers, with a commitment to being a problem solver, being able to mitigate known problems such as Collusion, Sybil attacks, laundering attacks, and preventing online fraud ranging from ballot stuffing and bad-mouthing. Nevertheless, the results of the present work demonstrate that even though these reputation models still cannot solve all of the problems, attacking one fraud opens the door to an attack. The architecture of the models was identified, with the realization that a few lacks that need to be fulfilled

Advances in the Convergence of Blockchain and Artificial Intelligence

Blockchain (BC) and artificial intelligence (AI) are currently two of the hottest computer science topics and their future seems bright. However, their convergence is not straightforward, and more research is needed in both fields. Thus, this book presents some of the latest advances in the convergence of BC and AI, gives useful guidelines for future researchers on how BC can help AI and how AI can become smarter, thanks to the use of BC. This book specifically analyzes the past of BC through the history of Bitcoin and then looks into the future: from massive internet-of-things (IoT) deployments, to the so-called metaverse, and to the next generation of AI-powered BC-based cyber secured applications

Distributed Ledger Technology (DLT) Applications in Payment, Clearing, and Settlement Systems:A Study of Blockchain-Based Payment Barriers and Potential Solutions, and DLT Application in Central Bank Payment System Functions

Payment, clearing, and settlement systems are essential components of the financial markets and exert considerable influence on the overall economy. While there have been considerable technological advancements in payment systems, the conventional systems still depend on centralized architecture, with inherent limitations and risks. The emergence of Distributed ledger technology (DLT) is being regarded as a potential solution to transform payment and settlement processes and address certain challenges posed by the centralized architecture of traditional payment systems (Bank for International Settlements, 2017). While proof-of-concept projects have demonstrated the technical feasibility of DLT, significant barriers still hinder its adoption and implementation. The overarching objective of this thesis is to contribute to the developing area of DLT application in payment, clearing and settlement systems, which is still in its initial stages of applications development and lacks a substantial body of scholarly literature and empirical research. This is achieved by identifying the socio-technical barriers to adoption and diffusion of blockchain-based payment systems and the solutions proposed to address them. Furthermore, the thesis examines and classifies various applications of DLT in central bank payment system functions, offering valuable insights into the motivations, DLT platforms used, and consensus algorithms for applicable use cases. To achieve these objectives, the methodology employed involved a systematic literature review (SLR) of academic literature on blockchain-based payment systems. Furthermore, we utilized a thematic analysis approach to examine data collected from various sources regarding the use of DLT applications in central bank payment system functions, such as central bank white papers, industry reports, and policy documents. The study's findings on blockchain-based payment systems barriers and proposed solutions; challenge the prevailing emphasis on technological and regulatory barriers in the literature and industry discourse regarding the adoption and implementation of blockchain-based payment systems. It highlights the importance of considering the broader socio-technical context and identifying barriers across all five dimensions of the social technical framework, including technological, infrastructural, user practices/market, regulatory, and cultural dimensions. Furthermore, the research identified seven DLT applications in central bank payment system functions. These are grouped into three overarching themes: central banks' operational responsibilities in payment and settlement systems, issuance of central bank digital money, and regulatory oversight/supervisory functions, along with other ancillary functions. Each of these applications has unique motivations or value proposition, which is the underlying reason for utilizing in that particular use case

Crowdsourcing atop blockchains

Traditional crowdsourcing systems, such as Amazon\u27s Mechanical Turk (MTurk), though once acquiring great economic successes, have to fully rely on third-party platforms to serve between the requesters and the workers for basic utilities. These third-parties have to be fully trusted to assist payments, resolve disputes, protect data privacy, manage user authentications, maintain service online, etc. Nevertheless, tremendous real-world incidents indicate how elusive it is to completely trust these platforms in reality, and the reduction of such over-reliance becomes desirable. In contrast to the arguably vulnerable centralized approaches, a public blockchain is a distributed and transparent global consensus computer that is highly robust. The blockchain is usually managed and replicated by a large-scale peer-to-peer network collectively, thus being much more robust to be fully trusted for correctness and availability. It, therefore, becomes enticing to build novel crowdsourcing applications atop blockchains to reduce the over-trust on third-party platforms. However, this new fascinating technology also brings about new challenges, which were never that severe in the conventional centralized setting. The most serious issue is that the blockchain is usually maintained in the public Internet environment with a broader attack surface open to anyone. This not only causes serious privacy and security issues, but also allows the adversaries to exploit the attack surface to hamper more basic utilities. Worse still, most existing blockchains support only light on-chain computations, and the smart contract executed atop the decentralized consensus computer must be simple, which incurs serious feasibility problems. In reality, the privacy/security issue and the feasibility problem even restrain each other and create serious tensions to hinder the broader adoption of blockchain. The dissertation goes through the non-trivial challenges to realize secure yet still practical decentralization (for urgent crowdsourcing use-cases), and lay down the foundation for this line of research. In sum, it makes the next major contributions. First, it identifies the needed security requirements in decentralized knowledge crowdsourcing (e.g., data privacy), and initiates the research of private decentralized crowdsourcing. In particular, the confidentiality of solicited data is indispensable to prevent free-riders from pirating the others\u27 submissions, thus ensuring the quality of solicited knowledge. To this end, a generic private decentralized crowdsourcing framework is dedicatedly designed, analyzed, and implemented. Furthermore, this dissertation leverages concretely efficient cryptographic design to reduce the cost of the above generic framework. It focuses on decentralizing the special use-case of Amazon MTurk, and conducts multiple specific-purpose optimizations to remove needless generality to squeeze performance. The implementation atop Ethereum demonstrates a handling cost even lower than MTurk. In addition, it focuses on decentralized crowdsourcing of computing power for specific machine learning tasks. It lets a requester place deposits in the blockchain to recruit some workers for a designated (randomized) programs. If and only if these workers contribute their resources to compute correctly, they would earn well-deserved payments. For these goals, a simple yet still useful incentive mechanism is developed atop the blockchain to deter rational workers from cheating. Finally, the research initiates the first systematic study on crowdsourcing blockchains\u27 full nodes to assist superlight clients (e.g., mobile phones and IoT devices) to read the blockchain\u27s records. This dissertation presents a novel generic solution through the powerful lens of game-theoretic treatments, which solves the long-standing open problem of designing generic superlight clients for all blockchains

The study of blockchain towards its application to South African Social Security Agency (SASSA)

In recent years, there has been a rapid improvement in the way currencies are perceived, which has led to a rise in digital currencies commonly known as cryptocurrencies (because they are secured by the use of cryptography). Bitcoin was the _rst successful cryptocurrency which allowed users to transact directly with each other without the involvement of the third party (the bank). Bitcoin introduced a new technology known as the blockchain which is considered to be the ext-generation technology". Blockchain is a chronological database used to store all the transactions that have occurred since the inception of Bitcoin. A study of the Blockchain involving its application to the South African Social Security Agency (SASSA) is presented. This study assesses how the Blockchain functions. The Blockchain has been viewed as the next-generation technology. This study also assesses the application of the Blockchain to other systems other than cryptocurrencies or digital currencies. Recent studies in the literature have proposed applications of the Blockchain to other system (e.g. electronic voting, smart contracts, and intellectual property rights). Although these proposals have been put forward, none has been made speci_cally for SASSA. This study also presents the problems that the Blockchain has (e.g. scalability, security).Recent literature has tried to solve the problem of scalability, by introducing new protocols like mini-blockchain. In addition, this study presents the challenges that SASSA is currently having and it provides details about the attacks that could succeed in the system. The study presents the analysis of the blockchain for its application to SASSA; the analysis includes scalability, performance and security. Based on the analysis, it is shown that the blockchain is not compatible to be applied to SASSA. However, this study proposes a solution to some of the challenges SASSA is currently facing

Non-fungible tokens (NFTS) and their security challenges

The Non-Fungible Token (NFT) market has been exploding in the past years. The notion of NFT originated with Ethereum's token standard, which aimed to differentiate each token using distinguishing signals. Tokens of this type can be associated with virtual or digital properties to serve as unique identifiers. Using NFTs Non-Fungible Token (NFT) is a new technology gaining traction in the Blockchain industry. In this article, we examine state-of the art NFT systems that have the potential to reshape the market for digital virtual assets. We will assess the security of existing NFT systems and expand on the opportunities and prospective uses for the NFT idea. Finally, we discuss existing research challenges that must be overcome before mass-market penetration may occur. We hope that this paper provides an up-to-date analysis and summary of existing and proposed solutions and projects, making it easier for newcomers to stay current.Fonksuz Belirteç (NFT) pazarı son yıllarda patlama yapıyor. NFT'nin nosyonu Ethereum'un belirteç standardıyla ortaya çıkmıştır ve bu durum, her belirteci ayırt edici sinyaller kullanarak ayırt etmeyi amaçlamaktadır. Bu tipteki belirteçler, benzersiz tanımlayıcılar olarak hizmet vermek için sanal veya dijital özelliklerle ilişkilendirilebilir. NFTS Non-Fungible Token (NFT) kullanmak, Blockchain endüstrisinde yeni bir teknoloji kazanıyor. Bu makalede, dijital sanal varlıklar için pazarı yeniden şekillendirme potansiyeline sahip son teknoloji ürünü NFT sistemlerini inceliyoruz. Mevcut NFT sistemlerinin güvenliğini değerlendirecek ve NFT fikri için fırsatları ve olası kullanımları genişleteceğiz. Son olarak, kitle pazara giriş gerçekleşmeden önce aşılması gereken mevcut araştırma zorluklarını ele alıyoruz. Bu incelemede, mevcut ve önerilen çözüm ve projelerin güncel bir analizi ve özeti sağlanarak, yeni gelenlerin güncel kalmasını kolaylaştırılmasını umuyoruz.No sponso

Design and Evaluate a Fair Exchange Protocol Based on Online Trusted Third Party (TTP)

One of the most crucial factors that e-commerce protocols should address is a fair exchange. In this research, an advanced method of cryptography coupled with the pay per use technique is used. A new electronic commerce protocol for the exchange of commodities is introduced. The proposed new protocol guarantees both features while addressing the main drawbacks associated with other related protocols. The new suggested e-commerce protocol is composed of two stages: pre-exchange and exchange stages. When the suggested new protocol is analysed with scrupulous protocol analysis, it attains fair exchange and a secure method of payment. The suggested new e-commerce protocol is more efficient than other related existing protocols. In this research “protocol prototype” and “model checking” is used for the purpose of authentication. The protocol prototype verifies that the suggested new protocol is executable when it's used in a real context. By experimental designs, this research shows the length of asymmetric keys as the biggest element that affects the efficiency of the protocol. When model-checking is applied in this protocol, the outcome indicates that the suggested protocol achieves the required features of fairness. Protocol extensions give those involved in the protocol the capacity to be resilient to failure. By using three methods of authentication, this research confirms that the new proposed protocol is well formulated. The work reported in this thesis first study the existing fair exchange protocols that solve the fairness problem. Then, propose more efficient protocol to solve the fairness problem. The original idea in this thesis is to reduce the communication overheads, risks and solve the bottleneck problems in the protocols that involve an online TTP

On Protocols for Information Security Services

Now-a-days, organizations are becoming more and more dependent on their information systems due to the availability of high technology environment.Information is also treated as vital like other important assets of an organization. Thus, we require Information Security Services (ISS) protocols to protect this commodity. In this thesis, investigations have been made to protect information by developing some ISS protocols. We proposed a key management protocol, which stores one-way hash of the password at the server, instead of storing plaintext version of password.Every host and server agrees upon family of commutative one-way hash functions. Due to this prevention mechanism, online and offline guessing attacks are defeated. The protocol provides host authentication. As a result, man-in-the-middle attack is averted. It also withstands malicious insider attack