A generic framework for process execution and secure multi-party transaction authorization

Process execution engines are not only an integral part of workflow and business process management systems but are increasingly used to build process-driven applications. In other words, they are potentially used in all kinds of software across all application domains. However, contemporary process engines and workflow systems are unsuitable for use in such diverse application scenarios for several reasons. The main shortcomings can be observed in the areas of interoperability, versatility, and programmability. Therefore, this thesis makes a step away from domain specific, monolithic workflow engines towards generic and versatile process runtime frameworks, which enable integration of process technology into all kinds of software. To achieve this, the idea and corresponding architecture of a generic and embeddable process virtual machine (ePVM), which supports defining process flows along the theoretical foundation of communicating extended finite state machines, are presented. The architecture focuses on the core process functionality such as control flow and state management, monitoring, persistence, and communication, while using JavaScript as a process definition language. This approach leads to a very generic yet easily programmable process framework. A fully functional prototype implementation of the proposed framework is provided along with multiple example applications. Despite the fact that business processes are increasingly automated and controlled by information systems, humans are still involved, directly or indirectly, in many of them. Thus, for process flows involving sensitive transactions, a highly secure authorization scheme supporting asynchronous multi-party transaction authorization must be available within process management systems. Therefore, along with the ePVM framework, this thesis presents a novel approach for secure remote multi-party transaction authentication - the zone trusted information channel (ZTIC). The ZTIC approach uniquely combines multiple desirable properties such as the highest level of security, ease-of-use, mobility, remote administration, and smooth integration with existing infrastructures into one device and method. Extensively evaluating both, the ePVM framework and the ZTIC, this thesis shows that ePVM in combination with the ZTIC approach represents a unique and very powerful framework for building workflow systems and process-driven applications including support for secure multi-party transaction authorization

Malware-Resistant Protocols for Real-World Systems

Cryptographic protocols are widely used to protect real-world systems from attacks. Paying for goods in a shop, withdrawing money or browsing the Web; all these activities are backed by cryptographic protocols. However, in recent years a potent threat became apparent. Malware is increasingly used in attacks to bypass existing security mechanisms. Many cryptographic protocols that are used in real-world systems today have been found to be susceptible to malware attacks. One reason for this is that most of these protocols were designed with respect to the Dolev-Yao attack model that assumes an attacker to control the network between computer systems but not the systems themselves. Furthermore, most real-world protocols do not provide a formal proof of security and thus lack a precise definition of the security goals the designers tried to achieve. This work tackles the design of cryptographic protocols that are resilient to malware attacks, applicable to real-world systems, and provably secure. In this regard, we investigate three real-world use cases: electronic payment, web authentication, and data aggregation. We analyze the security of existing protocols and confirm results from prior work that most protocols are not resilient to malware. Furthermore, we provide guidelines for the design of malware-resistant protocols and propose such protocols. In addition, we formalize security notions for malware-resistance and use a formal proof of security to verify the security guarantees of our protocols. In this work we show that designing malware-resistant protocols for real-world systems is possible. We present a new security notion for electronic payment and web authentication, called one-out-of-two security, that does not require a single device to be trusted and ensures that a protocol stays secure as long as one of two devices is not compromised. Furthermore, we propose L-Pay, a cryptographic protocol for paying at the point of sale (POS) or withdrawing money at an automated teller machine (ATM) satisfying one-out-of-two security, FIDO2 With Two Displays (FIDO2D) a cryptographic protocol to secure transactions in the Web with one-out-of-two security and Secure Aggregation Grouped by Multiple Attributes (SAGMA), a cryptographic protocol for secure data aggregation in encrypted databases. In this work, we take important steps towards the use of malware-resistant protocols in real-world systems. Our guidelines and protocols can serve as templates to design new cryptographic protocols and improve security in further use cases

Does the online card payment system unwittingly facilitate fraud?

PhD ThesisThe research work in this PhD thesis presents an extensive investigation into the security settings of Card Not Present (CNP) financial transactions. These are the transactions which include payments performed with a card over the Internet on the websites, and over the phone. Our detailed analysis on hundreds of websites and on multiple CNP payment protocols justifies that the current security architecture of CNP payment system is not adequate enough to protect itself from fraud. Unintentionally, the payment system itself will allow an adversary to learn and exploit almost all of the security features put in place to protect the CNP payment system from fraud. With insecure modes of accepting payments, the online payment system paves the way for cybercriminals to abuse even the latest designed payment protocols like 3D Secure 2.0. We follow a structured analysis methodology which identifies vulnerabilities in the CNP payment protocols and demonstrates the impact of these vulnerabilities on the overall payment system. The analysis methodology comprises of UML diagrams and reference tables which describe the CNP payment protocol sequences, software tools which implements the protocol and practical demonstrations of the research results. Detailed referencing of the online payment specifications provides a documented link between the exploitable vulnerabilities observed in real implementations and the source of the vulnerability in the payment specifications. We use practical demonstrations to show that these vulnerabilities can be exploited in the real-world with ease. This presents a stronger impact message when presenting our research results to a nontechnical audience. This has helped to raise awareness of security issues relating to payment cards, with our work appearing in the media, radio and T

Supporting application's evolution in multi-application smart cards by security by contract

La tecnología de Java Card ha evolucionado hasta el punto de permitir correr tanto servidores como clientes Web dentro de una tarjeta inteligente. Además, las tarjetas inteligentes actuales permiten tener instaladas en si mismas múltiples aplicaciones, las cuales pueden ser descargadas y actualizadas a lo largo de la vida de la tarjeta. Esta nueva característica de las tarjetas inteligentes las hace muy atractivas para ambos usuarios y desarrolladores de tarjetas inteligentes debido a las nuevas posibilidades que estas proveen. El uso de estas tarjetas inteligentes no supone ningún problema cuando las aplicaciones han sido instaladas antes de que la tarjeta haya sido sellada porque las interacciones entre las aplicaciones instaladas han sido comprobadas a priori con sus respectivas políticas. El problema surge cuando las aplicaciones pueden ser descargadas dinámicamente y la seguridad de la información intercambiada entre estas aplicaciones no puede ser asegurada. Por ello, el uso de las tarjetas inteligentes como tarjetas multi-aplicación es todavía extremadamente raro debido a que las aplicaciones en ellas instaladas, las cuales contienen información sensible, provienen de diferentes proveedores. Debido a esto es necesario un método que controle las posibles interacciones entre las aplicaciones instaladas. Dado que los actuales modelos y técnicas de seguridad para tarjetas inteligentes no soportan este tipo de evolución, es necesario un nuevo método donde el comportamiento referente a la seguridad se ajuste con la política de seguridad de la tarjeta anfitriona en caso de nuevas descargas o actualizaciones. La conformidad entre el comportamiento de la tarjeta y la política de la tarjeta debe ser comprobada durante la petición de instalación o de actualización evitando la necesidad de los costosos métodos de monitorización en tiempo de ejecución. Además deberá asegurarse que no existirán fugas de información en su intercambio entre las aplicaciones. Este nuevo modelo propuesto, que será llamado seguridad por contrato (SxC usando las siglas en inglés) tratará con los posibles cambios tanto en los contratos de las aplicaciones como en los de la política de la plataforma dinámicamente. En el presente PFC se presenta y desarrolla un modelo de políticas y contratos así como los algoritmos que se encargarán de asegurar la certificación de las aplicaciones. También, debido a la limitación de memoria en las tarjetas inteligentes el sistema será testeado con un ejemplo real

Information Security and Cryptography-Encryption in Journalism

The purpose of this review paper is to garner knowledge about the information security and cryptography encryption practices implementation for journalistic work and its effectiveness in thwarting software security breaches in the wake of ‘Journalism After Snowden’. Systematic literature review for the ‘information security and cryptography encryption in journalism’ employed with an eye to synthesize existing practices in this field. For this, at first the existing approachable research article databases and search engines employed to download or get the abstract of relevant scientific articles which are then used for citation and summarization works in a systematic rigorous anatomization. Contingent upon them their analysis and synthesis employed to arrive at the findings. Research papers collated for the purpose of writing this review paper lighted up the vital issues related to investigative journalists’ safety practices promulgation inadequacies even after the UNESCO 2017 and 2022 guidelines for urgent instrumentalization needs of journalists on the part of its’ member States.Lattice Science Publication (LSP) © Copyright: All rights reserved