Intelligent XML Tag Classification Techniques for XML Encryption Improvement

Flexibility, friendliness, and adaptability have been key components to use XML to exchange information across different networks providing the needed common syntax for various messaging systems. However excess usage of XML as a communication medium shed the light on security standards used to protect exchanged messages achieving data confidentiality and privacy. This research presents a novel approach to secure XML messages being used in various systems with efficiency providing high security measures and high performance. system model is based on two major modules, the first to classify XML messages and define which parts of the messages to be secured assigning an importance level for each tag presented in XML message and then using XML encryption standard proposed earlier by W3C [3] to perform a partial encryption on selected parts defined in classification stage. As a result, study aims to improve both the performance of XML encryption process and bulk message handling to achieve data cleansing efficiently

Outflanking and securely using the PIN/TAN-System

The PIN/TAN-system is an authentication and authorization scheme used in e-business. Like other similar schemes it is successfully attacked by criminals. After shortly classifying the various kinds of attacks we accomplish malicious code attacks on real World Wide Web transaction systems. In doing so we find that it is really easy to outflank these systems. This is even supported by the users' behavior. We give a few simple behavior rules to improve this situation. But their impact is limited. Also the providers support the attacks by having implementation flaws in their installations. Finally we show that the PIN/TAN-system is not suitable for usage in highly secure applications.Comment: 7 pages; 2 figures; IEEE style; final versio

Project characteristics for design and build procurement in Malaysian construction industry

Design & Build procurement approach is one of the procurement methods which is known to be widely gaining popularity in order to serve the modern day construction clients desire of having a constructed facility. To effectively service the market-driven expansion of this project delivery strategy in the construction community, a fundamental understanding of the characteristics of the Design & Build procurement approach is necessary. This study is aimed at appraising the Design & Build procurement approach in the Malaysian construction industry based on current practice through identifying the characteristics of the procurement approach. For this purpose, a detailed literature review of the Design & Build characteristics was conducted and data was collected from a two round Delphi questionnaire survey conducted with experienced professionals that have vast experience in the Design & Build procurement practice. The relative importance of these characteristics were quantified by the relative importance index method demonstrating their level of priority. The key findings in the study showed that the practice of the procurement approach in Malaysia is most importantly characterized by the fact that it is most suitable for projects that are complex in nature, while ‘effective client representation’ is the least important characteristic of the Design & Build procurement approach with regard to the Malaysian construction industry. It is expected that with the consideration of these characteristics of the D&B procurement approach, it will consequently result in the overall improvement in the performance of the Malaysian construction industry in relation to project delivery

Beyond Bitcoin: Issues in Regulating Blockchain Transactions

The buzz surrounding Bitcoin has reached a fever pitch. Yet in academic legal discussions, disproportionate emphasis is placed on bitcoins (that is, virtual currency), and little mention is made of blockchain technology—the true innovation behind the Bitcoin protocol. Simply, blockchain technology solves an elusive networking problem by enabling “trustless” transactions: value exchanges over computer networks that can be verified, monitored, and enforced without central institutions (for example, banks). This has broad implications for how we transact over electronic networks. This Note integrates current research from leading computer scientists and cryptographers to elevate the legal community’s understanding of blockchain technology and, ultimately, to inform policymakers and practitioners as they consider different regulatory schemes. An examination of the economic properties of a blockchain-based currency suggests the technology’s true value lies in its potential to facilitate more efficient digital-asset transfers. For example, applications of special interest to the legal community include more efficient document and authorship verification, title transfers, and contract enforcement. Though a regulatory patchwork around virtual currencies has begun to form, its careful analysis reveals much uncertainty with respect to these alternative applications

Critical success factors for preventing E-banking fraud

E-Banking fraud is an issue being experienced globally and is continuing to prove costly to both banks and customers. Frauds in e-banking services occur as a result of various compromises in security ranging from weak authentication systems to insufficient internal controls. Lack of research in this area is problematic for practitioners so there is need to conduct research to help improve security and prevent stakeholders from losing confidence in the system. The purpose of this paper is to understand factors that could be critical in strengthening fraud prevention systems in electronic banking. The paper reviews relevant literatures to help identify potential critical success factors of frauds prevention in e-banking. Our findings show that beyond technology, there are other factors that need to be considered such as internal controls, customer education and staff education etc. These findings will help assist banks and regulators with information on specific areas that should be addressed to build on their existing fraud prevention systems