Maintaining consumer confidence in electronic payment mechanisms

Credit card fraud is already a significant factor inhibiting consumer confidence in e-commerce. As more advanced payment systems become common, what legal and technological mechanisms are required to ensure that fraud does not do long-term damage to consumers' willingness to use electronic payment mechanisms

Power analysis on smartcard algorithms using simulation

This paper presents the results from a power analysis of the AES and RSA algorithms by\ud simulation using the PINPAS tool. The PINPAS tool is capable of simulating the power\ud consumption of assembler programs implemented in, amongst others, Hitachi H8/300\ud assembler. The Hitachi H8/300 is a popular CPU for smartcards. Using the PINPAS tool, the\ud vulnerability for power analysis attacks of straightforward AES and RSA implementations is\ud examined. In case a vulnerability is found countermeasures are added to the implementation\ud that attempt to counter power analysis attacks. After these modifications the analysis is\ud performed again and the new results are compared to the original results

Usability and Trust in Information Systems

The need for people to protect themselves and their assets is as old as humankind. People's physical safety and their possessions have always been at risk from deliberate attack or accidental damage. The advance of information technology means that many individuals, as well as corporations, have an additional range of physical (equipment) and electronic (data) assets that are at risk. Furthermore, the increased number and types of interactions in cyberspace has enabled new forms of attack on people and their possessions. Consider grooming of minors in chat-rooms, or Nigerian email cons: minors were targeted by paedophiles before the creation of chat-rooms, and Nigerian criminals sent the same letters by physical mail or fax before there was email. But the technology has decreased the cost of many types of attacks, or the degree of risk for the attackers. At the same time, cyberspace is still new to many people, which means they do not understand risks, or recognise the signs of an attack, as readily as they might in the physical world. The IT industry has developed a plethora of security mechanisms, which could be used to mitigate risks or make attacks significantly more difficult. Currently, many people are either not aware of these mechanisms, or are unable or unwilling or to use them. Security experts have taken to portraying people as "the weakest link" in their efforts to deploy effective security [e.g. Schneier, 2000]. However, recent research has revealed at least some of the problem may be that security mechanisms are hard to use, or be ineffective. The review summarises current research on the usability of security mechanisms, and discusses options for increasing their usability and effectiveness

Make it so! Jean-Luc Picard, Bart Simpson and the design of e-public services

In this paper, we report on a project applying participatory design methods to include people who have experience of social exclusion (in one form or another) in designing possible technologies for e-(local)-government services. The work was part of a project for the Office of the Deputy Prime Minister in the UK, and was concerned with ‘access tokens’ that can provide personal identification for individuals accessing public services, based on technologies such as multi-functional smartcards, flash memory sticks, mobile phone SIMs or similar devices. In particular we report on our experience using the ‘pastiche scenarios’ technique recently developed by Mark Blythe. Our findings indicate that the technique can be effective and engaging in helping people to create realistic scenarios of future technology use and highlight some possible pitfalls to consider when using this technique.</p

Survey of LAN infrastructure and ICT equipment in schools: November 2005 to January 2006 (summary report)

Nationally representative technical audit of school infrastructure - summar