Search results

Embedded systems, Internet of Things (IoT) and mobile computing devices are used in various domains which include public-private infrastructure, industrial installation and critical environment. Generally, information handled by these devices is private and critical. Therefore, it must be appropriately secured from different attacks and hackers. Lightweight cryptography is an aspiring field which investigates the implementation of cryptographic primitives and algorithms for resource constrained devices. In this paper, a new compact hybrid lightweight encryption technique has been proposed. Proposed technique uses the fastest bit permutation instruction PERMS with S-box of PRESENT block cipher for non-linearity. An arbitrary n-bit permutation is performed using PERMS instruction in less than log (n) number of instructions. This new hybrid system has been analyzed for software performance on Advanced RISC Machine (ARM) and Intel processor whereas Cadens tool is used to analyze the hardware performance. The result of the proposed technique is improved by the factor of eight as compared to the PRESENT-GRP hybrid block cipher. Moreover, PERMS instruction bit permutation properties result a very good avalanche effect and compact implementation in the both hardware and software environment.

The innovation of cryptography technique and blockchain has made cryptocurrency an alternative medium of exchange due to its safety, transparency and cost effectiveness. But its main feature cannot be separated from the users who use cryptocurrency for their illegal transactions. There are several arguments related to the legality of cryptocurrency. The purpose of this paper is to analyze the nature of cryptocurrency based on characteristics of money, legal perspective, economic perspective and Sharia perspective.

In this study, the methodology used is descriptive with a qualitative approach. The object of this research is cryptocurrency. The data are secondary data obtained from peer-reviewed journal articles, conference papers review, working paper and Sharia consultant reports addressing the legality of cryptocurrency. The literature review analysis includes the following steps: material collection, descriptive analysis, discussion with people in Sharia competency and intuitive-subjective material evaluation.

Regarding the characteristic of money, cryptocurrency is acceptable. But in terms of the legal perspectives, cryptocurrency does not meet the criteria as currency. From the economic perspective, cryptocurrency does not fully meet the characteristic currency due to high price volatility, and from the Sharia perspective, cryptocurrency can be considered property (mal) but not as a monetary value (thamanniyah).

The research findings are based on the journal articles, working paper and Sharia consultant report, and it may lack Sharia’s opinion. Any further discussion related to Sharia perspectives will be a great input to enrich the study.

This study also includes the implications related to the opportunities and the risks of cryptocurrency that can be discussed for the development of the cryptocurrency in the future.

This study includes the implication cryptocurrency is using as nature of money and not as speculative instrument.

This study argued the legality of cryptocurrency in four perspectives such as the nature of money, legal, economy and Sharia perspective.

Recently, deep learning (DL) has been widely applied in various aspects of human endeavors. However, studies have shown that DL models may also be a primary cause of data leakage, which raises new data privacy concerns. Membership inference attacks (MIAs) are prominent threats to user privacy from DL model training data, as attackers investigate whether specific data samples exist in the training data of a target model. Therefore, the aim of this study is to develop a method for defending against MIAs and protecting data privacy.

One possible solution is to propose an MIA defense method that involves adjusting the model’s output by mapping the output to a distribution with equal probability density. This approach effectively preserves the accuracy of classification predictions while simultaneously preventing attackers from identifying the training data.

Experiments demonstrate that the proposed defense method is effective in reducing the classification accuracy of MIAs to below 50%. Because MIAs are viewed as a binary classification model, the proposed method effectively prevents privacy leakage and improves data privacy protection.

The method is only designed to defend against MIA in black-box classification models.

The proposed MIA defense method is effective and has a low cost. Therefore, the method enables us to protect data privacy without incurring significant additional expenses.

This study is aimed at assessing the information security management practice with a focus on banking card security in selected financial institutions in Ethiopia, using an international information security standard as a benchmark. It is to identify the gaps and recommend best security practices to help financial institutions meet the required security compliance.

Two financial sectors were purposively selected. A total of twenty-five respondents (IT executives and IT staff) were included in the study. Quantitative data was collected using the PCI-DSS (Payment Card Industry Data Security Standard) security standard questionnaire. In addition, observation and document analysis were made.

The result shows that most of the essential security management activities in the financial sectors do not comply with the international security standard. Similarly, the level of most of the indispensable security requirements that should be in place is found to be below the acceptable level. The study also revealed major security factors that prohibit the financial sectors from PCI-DSS security standard compliance.

This study assessed the information security management practice with a focus on banking card security and tried to figure out the limitations of security practices of the organizations surveyed based on the standard adopted. The topic has not been well explored especially in the Ethiopia context. Hence, the result can positively influence security policies, particularly in the banking sector.

The purpose of this work is to bridge FL and blockchain technology through designing a blockchain-based smart agent system architecture and applying in FL. and blockchain technology through designing a blockchain-based smart agent system architecture and applying in FL. FL is an emerging collaborative machine learning technique that trains a model across multiple devices or servers holding private data samples without exchanging their data. The locally trained results are aggregated by a centralized server in a privacy-preserving way. However, there is an assumption where the centralized server is trustworthy, which is impractical. Fortunately, blockchain technology has opened a new era of data exchange among trustless strangers because of its decentralized architecture and cryptography-supported techniques.

In this study, the author proposes a novel design of a smart agent inspired by the smart contract concept. Specifically, based on the proposed smart agent, a fully decentralized, privacy-preserving and fair deep learning blockchain-FL framework is designed, where the agent network is consistent with the blockchain network and each smart agent is a participant in the FL task. During the whole training process, both the data and the model are not at the risk of leakage.

A demonstration of the proposed architecture is designed to train a neural network. Finally, the implementation of the proposed architecture is conducted in the Ethereum development, showing the effectiveness and applicability of the design.

The author aims to investigate the feasibility and practicality of linking the three areas together, namely, multi-agent system, FL and blockchain. A blockchain-FL framework, which is based on a smart agent system, has been proposed. The author has made several contributions to the state-of-the-art. First of all, a concrete design of a smart agent model is proposed, inspired by the smart contract concept in blockchain. The smart agent is autonomous and is able to disseminate, verify the information and execute the supported protocols. Based on the proposed smart agent model, a new architecture composed by these agents is formed, which is a blockchain network. Then, a fully decentralized, privacy-preserving and smart agent blockchain-FL framework has been proposed, where a smart agent acts as both a peer in a blockchain network and a participant in a FL task at the same time. Finally, a demonstration to train an artificial neural network is implemented to prove the effectiveness of the proposed framework.

The purpose of this paper is to examine the blockchain as a trusted computing platform. Understanding the strengths and limitations of this platform is essential to execute large-scale real-world applications in blockchains.

This paper proposes several modifications to conventional blockchain networks to improve the scale and scope of applications.

Simple modifications to cryptographic protocols for constructing blockchain ledgers, and digital signatures for authentication of transactions, are sufficient to realize a scalable blockchain platform.

The original contributions of this paper are concrete steps to overcome limitations of current blockchain networks.

The objective of this study is to examine the nature of cryptocurrencies, risks involved in using it due to its volatile nature, advantages, disadvantages and its functions as money.

This is an inductive approach to a descriptive analysis (Qualitative research). In order to come to an adequate conclusion, we reviewed several studies and articles previously published in this field related to our research questions, and then explored the nature of Cryptocurrencies, their advantages and disadvantages, risks associated with cryptocurrency usage and their user-friendliness in Saudi Arabia.

The findings of this study reveal that anonymity and concealment are important aspects of cryptocurrencies. This system does not follow a transparent process that can make it parallel to conventional fiat currency.

Although this study focuses on the issue of trust, it fails to recognize more technological factors hampering its transaction mechanism instead of enhancing it, owing to a lack of facts and knowledge.

Like conventional transaction system users must sign their crypto transactions that others must duly verify easily. Once a promise is made, one will not be able to back out of it until it is protected from revocation by the signer.

In comparison with reviewed literature, this study focuses more on the issue of volatility, which accounts for the fact that cryptocurrency has not been accepted as a permanent tool of monetary policy. Additionally, the study finds that the Saudi public is largely pessimistic toward such currencies.

Information systems' security is more critical than ever before since security threats are rapidly growing. Before putting in place information systems' security measures, organizations are required to determine the maturity level of their information security governance. Literature review reveals that there is no recent study on information systems' security maturity level of banks in Ethiopia. This study thus seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators.

Four private banks are selected as a representative sample. The system security engineering capability maturity model (SSE-CMM) is used as the maturity measurement criteria, and the measurement was based on ISO/IEC 27001 information security control areas. The data for the study were gathered using a questionnaire.

A total of 93 valid questionnaires were gathered from 110 participants in the study. Based on the SSE-CMM maturity model assessment criteria the private banking industry's current maturity level is level 2 (repeatable but intuitive). Institutions have a pattern that is repeated when completing information security operations but its existence was not thoroughly proven and institutional inconsistency still exists.

This study seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators. This topic has not been attempted previously in the context of Ethiopian financial sector.

The purpose of this paper is to develop a usable configuration management for Archistar, which utilizes secret sharing for redundantly storing data over multiple independent storage clouds in a secure and privacy-friendly manner. Selecting the optimal secret sharing parameters, cloud storage servers and other settings for securely storing the secret data shares, while meeting all of end user’s requirements and other restrictions, is a complex task. In particular, complex trade-offs between different protection goals and legal privacy requirements need to be made.

A human-centered design approach with structured interviews and cognitive walkthroughs of user interface mockups with system administrators and other technically skilled users was used.

Even technically skilled users have difficulties to adequately select secret sharing parameters and other configuration settings for adequately securing the data to be outsourced.

Through these automatic settings, not only system administrators but also non-technical users will be able to easily derive suitable configurations.

The authors present novel human computer interaction (HCI) guidelines for a usable configuration management, which propose to automatically set configuration parameters and to solve trade-offs based on the type of data to be stored in the cloud. Through these automatic settings, not only system administrators but also non-technical users will be able to easily derive suitable configurations.

This study aims to offer a bibliometric and coding analysis of blockchain articles published in the accounting, auditing and accountability fields.

The data were collected using the Scopus database and a bibliometric and qualitative coding analysis with the keywords “blockchain” and “accounting” or “auditing” or “accountability.” Of the 514 initial sources, 93 peer-reviewed papers, book chapters and conference proceedings in the areas of business, management and accounting were finally selected. Nonscientific sources such as nonpeer-reviewed books and white papers were excluded.

This study reveals a promising and multidisciplinary field of research dominated by scholars and less by practitioners. Qualitative research, especially discourse analysis, is the most used method among authors. This study gives some useful insights about blockchain's definition and characteristics, business models, processes involved, connection with other technologies and relationships with accounting theories. Among the most interesting insights, the results confirm that technology as an external force can create an intersection among several research areas: accounting, auditing, accountability, business, management, computer science and engineering fields. Finally, in terms of research themes, although blockchain has a clear effect on auditing accounting, the links with the area of accountability are less clear and validated.

This study highlights the current state of the field, combining methodological approaches and providing valuable future research insights. Additionally, it is also a starting point for professionals to fully understand blockchain's characteristics and potential with a constructive and systemic approach.