Secure Electronic Payment: Proposed method for the growth of E-commerce in Bangladesh

The innovations in technologies are changing the social, cultural and economic relationships in a vast variety of ways. Information technology has become a necessary tool for today’s organizations and banking industry is not an exception. Electronic commerce is rapidly growing modern business process in all over the world, but in Bangladesh it is increasing comparatively slower rate. Though Bangladesh was comparatively a late introducer of e-banking but now almost all the banks are providing internet banking to their customers. But what is important is the lack of comprehensive study of the e-payment security covering organizational and customers’ point of view. Considering the importance of secure e-payment to grow up e-commerce in Bangladesh this study was taken up. It was revealed from the survey that the customers’ and service providers main concern was security. E-banking service providers should have to ensure that online banking is safe and secure for every user in all kind of transactions. The Authors also proposed a secure e-payment model in general and on debit card and credit card to bring customers confidence on e-payment and increase the volume of e-commerce in the context of Bangladesh. &nbsp

End-to-end security in active networks

Active network solutions have been proposed to many of the problems caused by the increasing heterogeneity of the Internet. These ystems allow nodes within the network to process data passing through in several ways. Allowing code from various sources to run on routers introduces numerous security concerns that have been addressed by research into safe languages, restricted execution environments, and other related areas. But little attention has been paid to an even more critical question: the effect on end-to-end security of active flow manipulation. This thesis first examines the threat model implicit in active networks. It develops a framework of security protocols in use at various layers of the networking stack, and their utility to multimedia transport and flow processing, and asks if it is reasonable to give active routers access to the plaintext of these flows. After considering the various security problem introduced, such as vulnerability to attacks on intermediaries or coercion, it concludes not. We then ask if active network systems can be built that maintain end-to-end security without seriously degrading the functionality they provide. We describe the design and analysis of three such protocols: a distributed packet filtering system that can be used to adjust multimedia bandwidth requirements and defend against denial-of-service attacks; an efficient composition of link and transport-layer reliability mechanisms that increases the performance of TCP over lossy wireless links; and a distributed watermarking servicethat can efficiently deliver media flows marked with the identity of their recipients. In all three cases, similar functionality is provided to designs that do not maintain end-to-end security. Finally, we reconsider traditional end-to-end arguments in both networking and security, and show that they have continuing importance for Internet design. Our watermarking work adds the concept of splitting trust throughout a network to that model; we suggest further applications of this idea

Secure Electronic Payment: Proposed method for the growth of E-commerce in Bangladesh

The innovations in technologies are changing the social, cultural and economic relationships in a vast variety of ways. Information technology has become a necessary tool for today’s organizations and banking industry is not an exception. Electronic commerce is rapidly growing modern business process in all over the world, but in Bangladesh it is increasing comparatively slower rate. Though Bangladesh was comparatively a late introducer of e-banking but now almost all the banks are providing internet banking to their customers. But what is important is the lack of comprehensive study of the e-payment security covering organizational and customers’ point of view. Considering the importance of secure e-payment to grow up e-commerce in Bangladesh this study was taken up. It was revealed from the survey that the customers’ and service providers main concern was security. E-banking service providers should have to ensure that online banking is safe and secure for every user in all kind of transactions. The Authors also proposed a secure e-payment model in general and on debit card and credit card to bring customers confidence on e-payment and increase the volume of e-commerce in the context of Bangladesh

Wireless sensor networks

Wireless sensor networks promise an unprecedented fine-grained interface between the virtual and the physical world. They are one of the most rapidly developing new information technologies, with applications in a wide range of fields including industrial process control, security and surveillance, environmental sensing, and structural health monitoring. The subject of this project is motivated by the urgent need to provide a comprehensive and organized survey of the field. It shows how the core challenges of energy efficiency, robustness, and autonomy are addressed in these systems by networking techniques across multiple layers. The topics covered include network deployment, wireless characteristics, time synchronization, congestion and error control, medium access, standards, topology control, routing, security, data transfer, transport protocols and new technologies and materials in fabricating sensors

Multi-algorithmic Cryptography using Deterministic Chaos with Applications to Mobile Communications

In this extended paper, we present an overview of the principal issues associated with cryptography, providing historically significant examples for illustrative purposes as part of a short tutorial for readers that are not familiar with the subject matter. This is used to introduce the role that nonlinear dynamics and chaos play in the design of encryption engines which utilize different types of Iteration Function Systems (IFS). The design of such encryption engines requires that they conform to the principles associated with diffusion and confusion for generating ciphers that are of a maximum entropy type. For this reason, the role of confusion and diffusion in cryptography is discussed giving a design guide to the construction of ciphers that are based on the use of IFS. We then present the background and operating framework associated with a new product - CrypsticTM - which is based on the application of multi-algorithmic IFS to design encryption engines mounted on a USB memory stick using both disinformation and obfuscation to ‘hide’ a forensically inert application. The protocols and procedures associated with the use of this product are also briefly discussed

Impact of access control and copyright in e-learning from user’s perspective in the United Kingdom

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University LondonThe widespread adoption of E-Learning has largely been driven by the recommendations of educational technologists seeking to convey the benefits of E-Learning as a valuable accessory to teaching and possible solution for distance-based education. Research in the E-Learning domain has mainly focused on providing and delivering content andinfrastructure. Security issues are usually not taken as central concern in most implementations either because systems are usually deployed in controlled environments, or because they take the one-to-one tutoring approach, not requiring strict security measures. The scope of this research work is to investigate the impact of Access Control and Copyright in E-Learning system. An extensive literature review, theories from the field of information systems, psychology and cognitive sciences, distance and online learning, as well as existing E-Learning models show that research in E-learning is still hardly concerned with the issues of security. It is obvious that E-learning receives a new meaning as technology advances and business strategies change. The trends of learning methods have also led to the adjustment of National Curriculum and standards. However, research has also shown that any strategy or development supported by the Internet requires security and is therefore faced with challenges. This thesis is divided into six Chapters. Chapter 1 sets the scene for the research rationale and hypotheses, and identifies the aims and objectives. Chapter 2 presents the theoretical background and literature review. Chapter 3 is an in-depth review of the methods and methodology with clear justification of their adaptation and explains the underlying principles. Chapter 4 is based on the results and limitations obtained from the six case studies observations supported with literature review and ten existing models, while Chapter 5 is focused on the questionnaire survey. Chapter 6 describes the proposed Dynamic E-Learning Access Control and Copyright Framework (DEACCF) and the mapping of the threats from the Central Computing and Telecommunications Agency (CCTA) Risk Analysis and Management Method (CRAMM) to Annualised Loss Expectancy (ALE). Chapter 7 presents the conclusions and recommendations, and the contribution to knowledge with further development plans for future work

Addressing Insider Threats from Smart Devices

Smart devices have unique security challenges and are becoming increasingly common. They have been used in the past to launch cyber attacks such as the Mirai attack. This work is focused on solving the threats posed to and by smart devices inside a network. The size of the problem is quantified; the initial compromise is prevented where possible, and compromised devices are identified. To gain insight into the size of the problem, campus Domain Name System (DNS) measurements were taken that allow for wireless traffic to be separated from wired traffic. Two-thirds of the DNS traffic measured came from wireless hosts, implying that mobile devices are playing a bigger role in networks. Also, port scans and service discovery protocols were used to identify Internet of Things (IoT) devices on the campus network and follow-up work was done to assess the state of the IoT devices. Motivated by these findings, three solutions were developed. To handle the scenario when compromised mobile devices are connected to the network, a new strategy for steppingstone detection was developed with both an application layer and a transport layer solution. The proposed solution is effective even when the mobile device cellular connection is used. Also, malicious or vulnerable applications make it through the mobile app store vetting process. A user space tool was developed that identifies apps contacting malicious domains in real time and collects data for research purposes. Malicious app behavior can then be identified on the user’s device, catching malicious apps that were overlooked by software vetting. Last, the variety of IoT device types and manufacturers makes the job of keeping them secure difficult. A generic framework was developed to lighten the management burden of securing IoT devices, serve as a middle box to secure legacy devices, and also use DNS queries as a way to identify misbehaving devices

SPARC 2017 retrospect & prospects : Salford postgraduate annual research conference book of abstracts

Welcome to the Book of Abstracts for the 2017 SPARC conference. This year we not only celebrate the work of our PGRs but also the 50th anniversary of Salford as a University, which makes this year’s conference extra special. Once again we have received a tremendous contribution from our postgraduate research community; with over 130 presenters, the conference truly showcases a vibrant PGR community at Salford. These abstracts provide a taster of the research strengths of their works, and provide delegates with a reference point for networking and initiating critical debate. With such wide-ranging topics being showcased, we encourage you to exploit this great opportunity to engage with researchers working in different subject areas to your own. To meet global challenges, high impact research inevitably requires interdisciplinary collaboration. This is recognised by all major research funders. Therefore engaging with the work of others and forging collaborations across subject areas is an essential skill for the next generation of researchers