Transparent authentication methodology in electronic education

In the context of on-line assessment in e-learning, a problem arises when a student taking an exam may wish to cheat by handing over personal credentials to someone else to take their place in an exam, Another problem is that there is no method for signing digital content as it is being produced in a computerized environment. Our proposed solution is to digitally sign the participant’s work by embedding voice samples in the transcript paper at regular intervals. In this investigation, we have demonstrated that a transparent stenographic methodology will provide an innovative and practical solution for achieving continuous authentication in an online educational environment by successful insertion and extraction of audio digital signatures

Reconfigurable Security: Edge Computing-based Framework for IoT

In various scenarios, achieving security between IoT devices is challenging since the devices may have different dedicated communication standards, resource constraints as well as various applications. In this article, we first provide requirements and existing solutions for IoT security. We then introduce a new reconfigurable security framework based on edge computing, which utilizes a near-user edge device, i.e., security agent, to simplify key management and offload the computational costs of security algorithms at IoT devices. This framework is designed to overcome the challenges including high computation costs, low flexibility in key management, and low compatibility in deploying new security algorithms in IoT, especially when adopting advanced cryptographic primitives. We also provide the design principles of the reconfigurable security framework, the exemplary security protocols for anonymous authentication and secure data access control, and the performance analysis in terms of feasibility and usability. The reconfigurable security framework paves a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication

Keamanan Data Transaksi Nasabah Pada Aplikasi Bank Sampah Berbasis Web Menggunakan Algoritma AES

The Malacca waste bank located in East Jakarta was established in 2008, the Malacca waste bank has a number of customers reaching more than 300 people and the waste absorbed every month reaches 2 - 2.5 tons. In carrying out its activities, the Malacca Sari waste bank still has several problems, including: the difficulty of recording the income of waste, the lack of integrity between the customer's savings book and the garbage bank's bookkeeping and the customer often does not carry a savings book, and even something is missing, to anticipate this and improve the services of the garbage bank, we need an application for processing data effectively and efficiently, which can have a secure data storage system and complement the application with good security techniques. In this case the researcher uses the cryptographic algorithm (Advanced Encryption System). With this application, it is expected that transaction data information stored in the application will be safe and not known to eavesdroppers or irresponsible parties. In this application, the encrypted information is only in the form of balance data at a garbage bank and only the management and customers can use this application. Based on program implementation and testing, researchers can conclude that this application is easy to use, the confidentiality of data and information able to maintain and protect Keywords : AES (Advanced Encryption System), MySQL, Cryptographic, Php, Waste Bank

Keamanan Data Transaksi Nasabah Pada Aplikasi Bank Sampah Berbasis Web Menggunakan Algoritma AES

The Malacca waste bank located in East Jakarta was established in 2008, the Malacca waste bank has a number of customers reaching more than 300 people and the waste absorbed every month reaches 2 - 2.5 tons. In carrying out its activities, the Malacca Sari waste bank still has several problems, including: the difficulty of recording the income of waste, the lack of integrity between the customer's savings book and the garbage bank's bookkeeping and the customer often does not carry a savings book, and even something is missing, to anticipate this and improve the services of the garbage bank, we need an application for processing data effectively and efficiently, which can have a secure data storage system and complement the application with good security techniques. In this case the researcher uses the cryptographic algorithm (Advanced Encryption System). With this application, it is expected that transaction data information stored in the application will be safe and not known to eavesdroppers or irresponsible parties. In this application, the encrypted information is only in the form of balance data at a garbage bank and only the management and customers can use this application. Based on program implementation and testing, researchers can conclude that this application is easy to use, the confidentiality of data and information able to maintain and protect Keywords : AES (Advanced Encryption System), MySQL, Cryptographic, Php, Waste Bank

Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors