Implementation of secure email server in cloud environment

In the recent virtual communication world, the email services play a vital role as a basic content of heterogeneous networking infrastructure. Whereby, multiple platforms are connecting each other. Mail Server refers to computer performing Mail Transfer Agent functions. MTA is software that delivers electronic mail messages from one computer to another, by using client-server application architecture. MTA implements both sender and receiver portions of SMTP (Simple Mail Transfer Protocol). Postfix is a free and open-source MTA which is fast, easy-to-administrator and provide secure communication over Internet. In this paper we focus on the problem of email contents disclosure, and establish a secure mail server by using Postfix in Linux platform and then implement it into a cloud service provider as IaaS (Infrastructure as a Service). Security is provided by tuning a Transport Layer Security (TLS), and SMTP-AUTH which use Simple Authentication and Security Layer (SASL) as a security mechanism and platform

Setting Up Personal Cloud Server Tonido @ Department of Computer Studies, CSIBER and Integration with Moodle Server - A Case Study

Cloud computing represents a real paradigm shift in the way softwares are developed, deployed and used. Cloud computing, which is based on utility computing has a remarkable contribution in realizing long held dream of utility computing in achieving the development of infinitely scalable and universally available systems as, with cloud computing user can start very small and become big very fast limited only by his/her needs, which means cloud computing is revolutionary even if the technology it is based on is evolutionary. There is a handful of free open source cloud softwares available which guide an end user from setting up of file server to drive mapping and file synchronization. All these utilities are bundled into a single software module. The authors have performed a survey of different open source softwares currently available on Internet and have performed their relative comparisons. A private file cloud server has been installed in the Department of Computer Studies, CSIBER, Kolhapur, MS, India. For sharing and synchronizing files Tonido cloud software is employed. The security has been implemented using role based authentication wherein all inter and intra department communications are modeled by assigning different roles to the users of the system. The drive mapping is achieved at admin and user level using free add-ons available for Tonido. The folder changes are monitored periodically and notification messages are sent to appropriate users instantly. The cloud server enables stream-lining various house-keeping chores such as uploading notices, syllabi for students and also helps in keeping all the documents centralized, structured and updated. The system has rendered the whole process automatic and there is very little chance for committing any mistake which results in extremely effective communication system between users of different categories. At the OS level, security trimming is performed by programmatically editing requisite registry entries using Group Policy Editor, Microsoft management console program at runtime depending on the user logged in and mapping user credentials to the corresponding drives accessible only to that user. Finally, the Tonido server is integrated with institute’s Moodle server and the data is synchronized with the help of an interface e application implemented in Java. DOI: 10.17762/ijritcc2321-8169.15072

Digital Architecture as Crime Control

This paper explains how theories of realspace architecture inform the prevention of computer crime. Despite the prevalence of the metaphor, architects in realspace and cyberspace have not talked to one another. There is a dearth of literature about digital architecture and crime altogether, and the realspace architectural literature on crime prevention is often far too soft for many software engineers. This paper will suggest the broad brushstrokes of potential design solutions to cybercrime, and in the course of so doing, will pose severe criticisms of the White House\u27s recent proposals on cybersecurity. The paper begins by introducing four concepts of realspace crime prevention through architecture. Design should: (1) create opportunities for natural surveillance, meaning its visibility and susceptibility to monitoring by residents, neighbors, and bystanders; (2) instill a sense of territoriality so that residents develop proprietary attitudes and outsiders feel deterred from entering a private space; (3) build communities and avoid social isolation; and (4) protect targets of crime. There are digital analogues to each goal. Natural-surveillance principles suggest new virtues of open-source platforms, such as Linux, and territoriality outlines a strong case for moving away from digital anonymity towards psuedonymity. The goal of building communities will similarly expose some new advantages for the original, and now eroding, end-to-end design of the Internet. An understanding of architecture and target prevention will illuminate why firewalls at end points will more effectively guarantee security than will attempts to bundle security into the architecture of the Net. And, in total, these architectural lessons will help us chart an alternative course to the federal government\u27s tepid approach to computer crime. By leaving the bulk of crime prevention to market forces, the government will encourage private barricades to develop - the equivalent of digital gated communities - with terrible consequences for the Net in general and interconnectivity in particular

A gap analysis of Internet-of-Things platforms

We are experiencing an abundance of Internet-of-Things (IoT) middleware solutions that provide connectivity for sensors and actuators to the Internet. To gain a widespread adoption, these middleware solutions, referred to as platforms, have to meet the expectations of different players in the IoT ecosystem, including device providers, application developers, and end-users, among others. In this article, we evaluate a representative sample of these platforms, both proprietary and open-source, on the basis of their ability to meet the expectations of different IoT users. The evaluation is thus more focused on how ready and usable these platforms are for IoT ecosystem players, rather than on the peculiarities of the underlying technological layers. The evaluation is carried out as a gap analysis of the current IoT landscape with respect to (i) the support for heterogeneous sensing and actuating technologies, (ii) the data ownership and its implications for security and privacy, (iii) data processing and data sharing capabilities, (iv) the support offered to application developers, (v) the completeness of an IoT ecosystem, and (vi) the availability of dedicated IoT marketplaces. The gap analysis aims to highlight the deficiencies of today's solutions to improve their integration to tomorrow's ecosystems. In order to strengthen the finding of our analysis, we conducted a survey among the partners of the Finnish IoT program, counting over 350 experts, to evaluate the most critical issues for the development of future IoT platforms. Based on the results of our analysis and our survey, we conclude this article with a list of recommendations for extending these IoT platforms in order to fill in the gaps.Comment: 15 pages, 4 figures, 3 tables, Accepted for publication in Computer Communications, special issue on the Internet of Things: Research challenges and solution

Free-libre open source software as a public policy choice

Free Libre Open Source Software (FLOSS) is characterised by a specific programming and development paradigm. The availability and freedom of use of source code are at the core of this paradigm, and are the prerequisites for FLOSS features. Unfortunately, the fundamental role of code is often ignored among those who decide the software purchases for Canadian public agencies. Source code availability and the connected freedoms are often seen as unrelated and accidental aspects, and the only real advantage acknowledged, which is the absence of royalty fees, becomes paramount. In this paper we discuss some relevant legal issues and explain why public administrations should choose FLOSS for their technological infrastructure. We also present the results of a survey regarding the penetration and awareness of FLOSS usage into the Government of Canada. The data demonstrates that the Government of Canada shows no enforced policy regarding the implementation of a specific technological framework (which has legal, economic, business, and ethical repercussions) in their departments and agencies

Semantic discovery and reuse of business process patterns

Patterns currently play an important role in modern information systems (IS) development and their use has mainly been restricted to the design and implementation phases of the development lifecycle. Given the increasing significance of business modelling in IS development, patterns have the potential of providing a viable solution for promoting reusability of recurrent generalized models in the very early stages of development. As a statement of research-in-progress this paper focuses on business process patterns and proposes an initial methodological framework for the discovery and reuse of business process patterns within the IS development lifecycle. The framework borrows ideas from the domain engineering literature and proposes the use of semantics to drive both the discovery of patterns as well as their reuse

Vibration Alert Bracelet for Notification of the Visually and Hearing Impaired

This paper presents the prototype of an electronic vibration bracelet designed to help the visually and hearing impaired to receive and send emergency alerts. The bracelet has two basic functions. The first function is to receive a wireless signal and respond with a vibration to alert the user. The second function is implemented by pushing one button of the bracelet to send an emergency signal. We report testing on a prototype system formed by a mobile application and two bracelets. The bracelets and the application form a complete system intended to be used in retirement apartment communities. However, the system is flexible and could be expanded to add new features or to serve as a research platform for gait analysis and location services. The medical and professional potential of the proposed system is that it offers a simple, modular, and cost-effective alternative to all the existing medical devices with similar functionality currently on the market. The proposed system has an educational potential as well: it can be used as a starting point for capstone projects and demonstration purposes in schools to attract students to STEM disciplines

CERT strategy to deal with phishing attacks

Every day, internet thieves employ new ways to obtain personal identity people and get access to their personal information. Phishing is a somehow complex method that has recently been considered by internet thieves.The present study aims to explain phishing, and why an organization should deal with it and its challenges of providing. In addition, different kinds of this attack and classification of security approaches for organizational and lay users are addressed in this article. Finally, the CERT strategy is presented to deal with phishing and studying some anti-phishing