Search results

Embedded systems, Internet of Things (IoT) and mobile computing devices are used in various domains which include public-private infrastructure, industrial installation and critical environment. Generally, information handled by these devices is private and critical. Therefore, it must be appropriately secured from different attacks and hackers. Lightweight cryptography is an aspiring field which investigates the implementation of cryptographic primitives and algorithms for resource constrained devices. In this paper, a new compact hybrid lightweight encryption technique has been proposed. Proposed technique uses the fastest bit permutation instruction PERMS with S-box of PRESENT block cipher for non-linearity. An arbitrary n-bit permutation is performed using PERMS instruction in less than log (n) number of instructions. This new hybrid system has been analyzed for software performance on Advanced RISC Machine (ARM) and Intel processor whereas Cadens tool is used to analyze the hardware performance. The result of the proposed technique is improved by the factor of eight as compared to the PRESENT-GRP hybrid block cipher. Moreover, PERMS instruction bit permutation properties result a very good avalanche effect and compact implementation in the both hardware and software environment.

The innovation of cryptography technique and blockchain has made cryptocurrency an alternative medium of exchange due to its safety, transparency and cost effectiveness. But its main feature cannot be separated from the users who use cryptocurrency for their illegal transactions. There are several arguments related to the legality of cryptocurrency. The purpose of this paper is to analyze the nature of cryptocurrency based on characteristics of money, legal perspective, economic perspective and Sharia perspective.

In this study, the methodology used is descriptive with a qualitative approach. The object of this research is cryptocurrency. The data are secondary data obtained from peer-reviewed journal articles, conference papers review, working paper and Sharia consultant reports addressing the legality of cryptocurrency. The literature review analysis includes the following steps: material collection, descriptive analysis, discussion with people in Sharia competency and intuitive-subjective material evaluation.

Regarding the characteristic of money, cryptocurrency is acceptable. But in terms of the legal perspectives, cryptocurrency does not meet the criteria as currency. From the economic perspective, cryptocurrency does not fully meet the characteristic currency due to high price volatility, and from the Sharia perspective, cryptocurrency can be considered property (mal) but not as a monetary value (thamanniyah).

The research findings are based on the journal articles, working paper and Sharia consultant report, and it may lack Sharia’s opinion. Any further discussion related to Sharia perspectives will be a great input to enrich the study.

This study also includes the implications related to the opportunities and the risks of cryptocurrency that can be discussed for the development of the cryptocurrency in the future.

This study includes the implication cryptocurrency is using as nature of money and not as speculative instrument.

This study argued the legality of cryptocurrency in four perspectives such as the nature of money, legal, economy and Sharia perspective.

This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong traceability and provability concerning the SSA’s output product, known as an operational flight program (OFP). Through a secure development environment (SDE), each critical software development function performed on said OFP during its development has a corresponding record represented on a blockchain.

An SDE is implemented as a virtual machine or container incorporating software development tools that are modified to support blockchain transactions. Each critical software development function, e.g. editing, compiling, linking, generates a blockchain transaction message with associated information embedded in the output of a said function that, together, can be used to prove integrity and support traceability. An attestation process is used to provide proof that the toolchain containing SDE is not subject to unauthorized modification at the time said critical function is performed.

Blockchain methods are shown to be a viable approach for supporting exhaustive traceability and strong provability of development system integrity for mission-critical software produced by an NAE SSA for NAE embedded systems software.

A blockchain-based authentication approach that could be implemented at the OFP point-of-load would provide for fine-grain authentication of all OFP software components, with each component or module having its own proof-of-integrity (including the integrity of the used development tools) over its entire development history.

Many SSAs have established control procedures for development such as check-out/check-in. This does not prove the SSA output software is secure. For one thing, a build system does not necessarily enforce procedures in a way that is determinable from the output. Furthermore, the SSA toolchain itself could be attacked. The approach described in this paper enforces security policy and embeds information into the output of every development function that can be cross-referenced to blockchain transaction records for provability and traceability that only trusted tools, free from unauthorized modifications, are used in software development. A key original concept of this approach is that it treats assigned developer time as a transferable digital currency.

Recently, deep learning (DL) has been widely applied in various aspects of human endeavors. However, studies have shown that DL models may also be a primary cause of data leakage, which raises new data privacy concerns. Membership inference attacks (MIAs) are prominent threats to user privacy from DL model training data, as attackers investigate whether specific data samples exist in the training data of a target model. Therefore, the aim of this study is to develop a method for defending against MIAs and protecting data privacy.

One possible solution is to propose an MIA defense method that involves adjusting the model’s output by mapping the output to a distribution with equal probability density. This approach effectively preserves the accuracy of classification predictions while simultaneously preventing attackers from identifying the training data.

Experiments demonstrate that the proposed defense method is effective in reducing the classification accuracy of MIAs to below 50%. Because MIAs are viewed as a binary classification model, the proposed method effectively prevents privacy leakage and improves data privacy protection.

The method is only designed to defend against MIA in black-box classification models.

The proposed MIA defense method is effective and has a low cost. Therefore, the method enables us to protect data privacy without incurring significant additional expenses.

This study is aimed at assessing the information security management practice with a focus on banking card security in selected financial institutions in Ethiopia, using an international information security standard as a benchmark. It is to identify the gaps and recommend best security practices to help financial institutions meet the required security compliance.

Two financial sectors were purposively selected. A total of twenty-five respondents (IT executives and IT staff) were included in the study. Quantitative data was collected using the PCI-DSS (Payment Card Industry Data Security Standard) security standard questionnaire. In addition, observation and document analysis were made.

The result shows that most of the essential security management activities in the financial sectors do not comply with the international security standard. Similarly, the level of most of the indispensable security requirements that should be in place is found to be below the acceptable level. The study also revealed major security factors that prohibit the financial sectors from PCI-DSS security standard compliance.

This study assessed the information security management practice with a focus on banking card security and tried to figure out the limitations of security practices of the organizations surveyed based on the standard adopted. The topic has not been well explored especially in the Ethiopia context. Hence, the result can positively influence security policies, particularly in the banking sector.

The purpose of this work is to bridge FL and blockchain technology through designing a blockchain-based smart agent system architecture and applying in FL. and blockchain technology through designing a blockchain-based smart agent system architecture and applying in FL. FL is an emerging collaborative machine learning technique that trains a model across multiple devices or servers holding private data samples without exchanging their data. The locally trained results are aggregated by a centralized server in a privacy-preserving way. However, there is an assumption where the centralized server is trustworthy, which is impractical. Fortunately, blockchain technology has opened a new era of data exchange among trustless strangers because of its decentralized architecture and cryptography-supported techniques.

In this study, the author proposes a novel design of a smart agent inspired by the smart contract concept. Specifically, based on the proposed smart agent, a fully decentralized, privacy-preserving and fair deep learning blockchain-FL framework is designed, where the agent network is consistent with the blockchain network and each smart agent is a participant in the FL task. During the whole training process, both the data and the model are not at the risk of leakage.

A demonstration of the proposed architecture is designed to train a neural network. Finally, the implementation of the proposed architecture is conducted in the Ethereum development, showing the effectiveness and applicability of the design.

The author aims to investigate the feasibility and practicality of linking the three areas together, namely, multi-agent system, FL and blockchain. A blockchain-FL framework, which is based on a smart agent system, has been proposed. The author has made several contributions to the state-of-the-art. First of all, a concrete design of a smart agent model is proposed, inspired by the smart contract concept in blockchain. The smart agent is autonomous and is able to disseminate, verify the information and execute the supported protocols. Based on the proposed smart agent model, a new architecture composed by these agents is formed, which is a blockchain network. Then, a fully decentralized, privacy-preserving and smart agent blockchain-FL framework has been proposed, where a smart agent acts as both a peer in a blockchain network and a participant in a FL task at the same time. Finally, a demonstration to train an artificial neural network is implemented to prove the effectiveness of the proposed framework.