Securing library information system: Vulnerabilities and threats

Threats and vulnerabilities in computers and networks are common nowadays since computers are widely used by the public. The risks of computer threats and vulnerabilities are high since most computers are connected to the internet. Library Information Systems is also vulnerable to attack since it is a public access institution. Majority of users are naive when it comes to computer and network securities. Some breaches in Library Information System are intentional and some are unintentional. Risks analysis should be done to find the threats and risks in designing the Library Information System. Threats are made possible due to lack of proper procedures, software flaws and policies. The administrators should anticipate all the possible attacks and their mitigation techniques. In this paper, we will try to address various issues arise from this vulnerabilities and threats. We will also describe how we can reduce and overcome this vulnerabilities and threats

Security and privacy of Single-Sign-On (SSO) in mobile environment: Students' experiences and perceptions

The number of password-protected Internet-based applications is increasing significantly compared to a decade ago.Many Internet applications require users to subscribe to their services and authenticate themselves through the use of login credentials.The number of such applications is increasing exponentially.Consequently, it causes an increase in the number of login credentials that users have to manage for both Internet and mobile environments.Due to the limitation in human memory, users usually forget their credentials (i.e., user names/IDs and passwords) and they tend to write down the passwords or replicate single password for many different applications. This practice could expose users to variety of security threats and attacks.A recent technological development on user authentication has introduced single-sign-on (SSO) that intends to help users with their credentials management.This research aims to investigate password management and SSO for accessing Internet applications especially through the use of mobile devices.The research was carried out in two phases: (i) a focus group study and (ii) survey.The researchers interviewed 11 students from School of Computing (SOC), Universiti Utara Malaysia (UUM).The results of the study found that the students did not practice proper password management. Further, it suggested that SSO may not be the immediate solution to improve the students’ password management.A behavioral study was conducted on 250 students from Universiti Utara Malaysia to understand how they managed their login credentials while accessing the Internet via their mobile devices, and their perceptions and awareness towards SSO.The results suggested that students practiced poor login credential management, however, the students are concerned about the security and privacy of their credentials.Security and privacy in mobile environment are important and need to be addressed through the use of technology and policy.The findings of this research imply system developers and policy makers on the aspect of users’ security and privacy.The findings are also useful for the purpose of training and educating students on the importance of security and privacy in mobile environment

A taxonomy of security faults in the window operating system

Operating system is the heart of computing system.It is an important component of any computer system.Although there are several operating systems in desktop environment, in this study we will focus on Windows operating system (OS).Windows based applications have clearly come to dominate the desktop environment.Window OS offers the full power of a modern operating system, including virtual memory, process, file protection and networking.The objectives of this study are to identify the vulnerabilities based on Window OS and to classify the vulnerabilities based on Window OS.Severity rating system from Microsoft Security Response Center (MSRC) will be used in order to identify the vulnerabilities.Meanwhile, we will use the classification scheme of intrusion technique to classify the vulnerabilities.This research expose about security flaws in Windows OS and how they can arise

A study of AODV friendship mechanism in mobile adhoc network trust feature

Mobile ad hoc networks (MANETS) are mobile nodes moving rapidly and they use wireless connections to connect to various networks or nodes.The dynamic nature of MANETs, make it vulnerable to attack by intruders. The sending and passing of nodes are based on several routing protocols. The packets do not reach the destination and some form of secure mechanism based on trust or friendship are deployed to protect the network integrity. Denial of service attacks is one of the typical attack type in mobile adhoc network.In this paper, we deployed Black hole and Grey hole attack. Black hole attack absord all data packets that are sent to its node whereas grey hole attack will drop some packet for a particular network destination based on packets type, time or randomly selected portion of packets.In this experiment we simulated several routing protocol to investigate the secure mechanism in protecting from the blackhole ad greyhole attack.The findings are presented and discussed

The performance of user verification using two fingerprints based on error rates

Biometric technologies, especially fingerprint verification, have started to attract users around the world to use it to secure their places or properties.The current implementation of a fingerprint verification system has faced several problems such as noisy finger and fingerprint misplacement by the user. To solve or minimise this kind of problem, the approach using two fingerprints on the verification process has been tried in this research. Two classifiers are used to study the performance level of the system, and compared to the current system that uses a single fingerprint. In this research,total error rate has been used as an indicator to the performance level of the syste

Industrial web application customization mechanism to improve software quality and productivity

Competition in the software market for industrial use is very challenging.Quality and productivity of software is very important to the software industry to remain competitive.Most of the commercial and industrial web applications are complex, hard to implement, risky to maintain and customization requires deep understanding of the requirements.Research showed that customization and reusability may increase the productivity and quality of the software and also decrease the development time.Unfortunately, implementing systematic reuse and customize existing system has proven to be a difficult process.While software engineers continue to struggle with cost and time, reuse has emerged as a good engineering principles and practice in various fields.However, technology to completely integrate user interface, reuse design, customization and implementation is still immature.The aim of this study is to provide a novel visual object sharing technique for designing, customizing, reusing and visualizing web elements to provide a breakthrough solution for the given problems. This technique support and provide rapid development of web-based business application where all of these underlying data and application codes are defined by meta-data, tag library and XSLT schema.This study contributes mainly in the field of reusability and customization for the web application.This study also demonstrated empirical data from two commercial projects and the results indicated that proposed object-oriented application framework (OOAF) is consistently better than traditional methods.By using OOAF, software industries are able to reduce development time, increase the quality and productivity of web application.

Replica maintenance strategy for data grid

Data Grid is an infrastructure that manages huge amount of data files, and provides intensive computational resources across geographically distributed collaboration.Increasing the performance of such system can be achieved by improving the overall resource usage, which includes network and storage resources.Improving network resource usage is achieved by good utilization of network bandwidth that is considered as an important factor affecting job execution time.Meanwhile, improving storage resource usage is achieved by good utilization of storage space usage. Data replication is one of the methods used to improve the performance of data access in distributed systems by replicating multiple copies of data files in the distributed sites.Having distributed the replicas to various locations, they need to be monitored.As a result of dynamic changes in the data grid environment, some of the replicas need to be relocated.In this paper we proposed a maintenance replica placement strategy termed as Unwanted Replica Deletion Strategy (URDS) as a part of Replica maintenance service.The main purpose of the proposed strategy is to find the placement of unwanted replicas to be deleted.OptorSim is used to evaluate the performance of the proposed strategy. The simulation results show that URDS requires less execution time and consumes less network usage and has a best utilization of storage space usage compared to existing approaches

Towards increasing web application development productivity through object-oriented framework

Software development remains complex, expensive and risky.Thus, the need for reusability has become obvious.Through reusability web developers/engineers can save countless hours and millions of dollars in development cost. Object-oriented (OO) framework mechanism provides a new vehicle for reuse and enables web engineers to customize or reuse various aspects in web engineering such as customizing one or more elements of user interface, automatically generate event handlers, data handlers or related data elements based on changes made by them.The OO framework mechanism includes tags and scripts that predefine some generic web application activities and a common programming interface for generating a framework customization environment. This study provides a novel solution to produce high quality web applications within a shortest development timeframe through the means of customization, reusability, extensibility and flexibility.At the end, this study will conduct a comprehensive evaluation on the proposed OO framework. Building on previous works, this study emphasized the reuse of design, code and testing as a tool to uncover strengths and weaknesses of the OO framework for dynamic web engineering

RSA algorithm performance in short messaging system exchange environment

Short Message Service (SMS) is a widely service for brief communication.With the rise of mobile usage it has become a popular tool for transmitting sensitive information. This sensitive information should be totally secure and reliable to exchange.This urgent need for secure SMS, led to drive for RSA implementation, which is considered one of the strongest algorithms in security since we are going to bring big security into small device.Our main goal in this project is to design an experimental test bed application in order to use this application in evaluating the performance of RSA. This report explains and documents the process of implementing an RSA in Experimental SMS Exchange Environment using J2ME language which is available in several mobile devices on the market today

Implementation of IPv4 over IPv6 using dual stack transition mechanism (DSTM) on 6iNet

Moving from Internet protocol version four (IPv4) to Internet protocol version six (IPv6) is not straightforward because IPv4 and IPv6 are incompatible protocols.To enable the smooth integration between IPv4 and IPv6, several transition mechanisms have been proposed by IETF IPng Transition Working Group (NGTrans).One of them is dual stack transition mechanism (DSTM).This paper reviews the implementation of DSTM over our IPv6 test-bed (6iNet) in University Utara Malaysia (UUM). This paper also describes our experience of configuring 6iNet.6iNet is the first IPv6 test-bed in UUM and has become a platform for IPv6 research in UU