17,736 research outputs found

    A Discriminative Survey on SQL Injection Methods to Detect Vulnerabilities in Web applications

    Get PDF
    SQL Injection Attacks are extremely sober intrusion assaults on web based application since such types of assaults could reveals the secrets and safety of information. In actuality, illegal personnel intrude to the web based database and then after consequently, access to the information. To avoid such type of assault different methods are recommended by various researchers but they are not adequate since most of implemented methods will not prevent all type of assaults. In this paper we did survey on the various sorts of SQL Injection attacks and on the various present SQL Injection Attacks avoidance methods available. We analyzed that the existing SQL Injection Attacks avoidance methods will require the client side information, one by one and then authenticate which will create typical the developer’s job to write different validation codes for every web page which is receiving in the server side. Keywords: SQL Injection, Attacks, Vulnerability, WWW, XS

    Evaluating current authentication methods: Prediction of a more suitable authentication approach for public interaction

    Get PDF
    The trend in information technology is towards achieving ubiquitous service rendering where barriers (geographical, time) in getting information related services will be eliminated. A good example of this is the ATM machines used by banks for public banking services, the likes in other sectors are currently on the way.This paper explores the user’s perception on the current identity authentication (Token-based and Knowledgebased) with a view to predict a more secured authentication for authentication in public places.A survey study is conducted so as to justify the claims of the previous authors on the need to migrate from the conventional knowledge-based and tokenbased authentication methods to a more secured biometric authentication approach which makes impossible user’s impersonation, and thus minimizing fraud, particularly in business transactions.Also, biometrical identification was also reviewed with respect to the all known biometric identifiers where human iris data was revealed to be the best human trait that can be used for identification/authentication purposes in public zone

    InShopnito: an advanced yet privacy-friendly mobile shopping application

    Get PDF
    Mobile Shopping Applications (MSAs) are rapidly gaining popularity. They enhance the shopping experience, by offering customized recommendations or incorporating customer loyalty programs. Although MSAs are quite effective at attracting new customers and binding existing ones to a retailer's services, existing MSAs have several shortcomings. The data collection practices involved in MSAs and the lack of transparency thereof are important concerns for many customers. This paper presents inShopnito, a privacy-preserving mobile shopping application. All transactions made in inShopnito are unlinkable and anonymous. However, the system still offers the expected features from a modern MSA. Customers can take part in loyalty programs and earn or spend loyalty points and electronic vouchers. Furthermore, the MSA can suggest personalized recommendations even though the retailer cannot construct rich customer profiles. These profiles are managed on the smartphone and can be partially disclosed in order to get better, customized recommendations. Finally, we present an implementation called inShopnito, of which the security and performance is analyzed. In doing so, we show that it is possible to have a privacy-preserving MSA without having to sacrifice practicality

    Credit Risk, Systemic Uncertainties and Economic Capital Requirements for an Artificial Bank Loan Portfolio

    Get PDF
    This paper analyses the impact of different credit risk-based capital requirement implementations on banks' need for capital. The capital requirements for an artificially constructed risky loan portfolio are calculated by applying the BIS approach, the two widespread commercial risk-measurement models, CreditMetrics and CreditRisk+, and, finally, an original synthetic model similar to KMV. In the first three cases we closely follow the methodologies proposed by the regulatory or credit risk models. Economic capital requirements for the latter are obtained by means of Monte Carlo simulations. In the context of CreditMetrics, we additionally perform a Monte Carlo-based stress testing of the monetary policy changes reflected in the term structure of interest rates. Our model of KMV type combines the elements of the structural and the reduced-form methods of risky debt pricing, and the possibilities of its numerical solution are outlined.credit risk, economic capital, market risk, New Basel Capital Accord, systemic uncertainty.
    • …
    corecore