Search results
1 – 10 of 139Quantum key distribution (QKD) is a technology, based on the quantum laws of physics, rather than the assumed computational complexity of mathematical problems, to generate and…
Abstract
Purpose
Quantum key distribution (QKD) is a technology, based on the quantum laws of physics, rather than the assumed computational complexity of mathematical problems, to generate and distribute provably secure cipher keys over unsecured channels. The authors are using this concept of QKD for the online banking systems. The paper aims to discuss these issues.
Design/methodology/approach
In order to function properly, any system using QKD needs to transport both quantum and classical data from a specified source to a specified destination, resolve competing requests for shared hardware, and manage shared keys between neighboring trusted nodes via a multi-hop mechanism. In this paper the authors are going to explain the transmission and control system for QKD implementation in online banking systems.
Findings
This paper presents the transmission and system control of QKD for online banking system is feasible under specific conditions outside a laboratory. Above, the authors have shown the research on the QKD based online banking systems. Though the current researches are focused on QKD systems for online banking systems, the techniques discussed can be applied to other quantum information processing involving photons. Combination with other efforts that are not mentioned here, such as entangled-photon-sources, single photon sources, two-qubit gates, and so on, will provide a rigid foundation for future quantum information technologies.
Originality/value
Recognizing the importance of online access as one of the vehicles for the development of cheaper, faster and more reliable services there are areas of improvement where all involved parties should endeavor to improve toward the deployment of services without unnecessary or excessive risks. This improvement applies to both retail and commercial customers and does not endorse any particular technology.
Details
Keywords
Lillie M. Hibbler-Britt and Anna Copeland Wheatley
The scandals associated with breaches in business ethics has had a negative impact on companies and governments. Numerous scandals have brought to the forefront the influence of…
Abstract
The scandals associated with breaches in business ethics has had a negative impact on companies and governments. Numerous scandals have brought to the forefront the influence of power and profit as they relate to how business is conducted. This behavior in corporations could impact technological advancements. The advancements being recognized in quantum computing will have a profound impact on how business is conducted and business communications. The primary areas of concern are the teleportation of information and teleportation of matter. Given the abundance of ethical breaches within corporations and governments around the globe, it is necessary for business ethics to be revised as it relates to enforcement and accountability. The wealth possessed by companies and their immunity from portions of the law has placed business ethics at a crisis level. Quantum teleportation has the potential to resolve some of these issues, however, the scientific community must participate by building in safeguards such as cryptography that prevents third party access to information.
Bhushan Kapoor, Pramod Pandya and Joseph S. Sherif
This paper seeks to advance research and strategies that lead to a heightened awareness of the need to protect data from disclosure, to guarantee the authenticity of data and…
Abstract
Purpose
This paper seeks to advance research and strategies that lead to a heightened awareness of the need to protect data from disclosure, to guarantee the authenticity of data and messages, and to protect systems from network‐based attacks.
Design/methodology/approach
The paper introduces the necessary mathematics of cryptography: integer and modular arithmetic, linear congruence, Euclidean and extended Euclidean algorithm, Fermat's theorem, and Elliptic curve.
Findings
The results indicate that encryption has expanded beyond confidentiality concerns to include techniques for message integrity checking, sender/receiver identity authentication, digital signatures, interactive proofs, and secure computation.
Practical implications
The results of this research show that all forms of e‐commerce activities such as online credit card processing, purchasing stocks, and banking data processing, if compromised, would lead to businesses losing billions of dollars in lost revenues as well as losing confidence in e‐commerce. In the last few years, it had been reported that organizations that store and maintain customers' private and confidential records were compromised on many occasions by hackers breaking into the data networks and stealing the records from the storage media.
Originality/value
This paper tackles one of the most critical problems of securing data networks. Security problems arise among other things to resource and workload sharing; complexity of interconnected networks; authentication of users; fast expandability of networks; threats to networks such as wiretapping and violations of the seven pillars of security: authentication, authorization, privacy, integrity, non‐repudiation, availability, and audit.
Details
Keywords
Yoel Raban and Aharon Hauptman
The cyber security industry emerged rapidly in recent years due to mounting cyber threats and increasing cyber hacking activities. Research on emerging technologies emphasizes the…
Abstract
Purpose
The cyber security industry emerged rapidly in recent years due to mounting cyber threats and increasing cyber hacking activities. Research on emerging technologies emphasizes the risks and sometimes neglects to address the potential positive contribution to cyber security. The purpose of this study is to conduct a relatively balanced long-term foresight study to elicit major significant threat drivers and to identify emerging technologies that are likely to have a significant impact on defense and attack capabilities in cyber security.
Design/methodology/approach
The main instruments used in this study were horizon scanning and an online survey among subject-matter experts that assessed emerging threats and the potential impact of several emerging technologies on cyber defense capabilities and cyber attack capabilities.
Findings
An expert survey shows that cyber resilience, homomorphic encryption and blockchain may be considered as technologies contributing mainly to defense capabilities. On the other hand, Internet of Things, biohacking and human machine interface (HMI) and autonomous technologies add mainly to attack capabilities. In the middle, we find autonomous technologies, quantum computing and artificial intelligence that contribute to defense, as well as to attack capabilities, with roughly similar impact on both.
Originality/value
This study adds to the current research a balanced long-term view and experts’ assessment of negative and positive impacts of emerging technologies, including their time to maturity and consensus levels. Two new Likert scale measures were applied to measure the potential impact of emerging technologies on cyber security, thus enabling the classification of the results into four groups (net positive, net negative, positive-positive and negative-negative).
Joe Garcia, Russell Shannon, Aaron Jacobson, William Mosca, Michael Burger and Roberto Maldonado
This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software…
Abstract
Purpose
This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong traceability and provability concerning the SSA’s output product, known as an operational flight program (OFP). Through a secure development environment (SDE), each critical software development function performed on said OFP during its development has a corresponding record represented on a blockchain.
Design/methodology/approach
An SDE is implemented as a virtual machine or container incorporating software development tools that are modified to support blockchain transactions. Each critical software development function, e.g. editing, compiling, linking, generates a blockchain transaction message with associated information embedded in the output of a said function that, together, can be used to prove integrity and support traceability. An attestation process is used to provide proof that the toolchain containing SDE is not subject to unauthorized modification at the time said critical function is performed.
Findings
Blockchain methods are shown to be a viable approach for supporting exhaustive traceability and strong provability of development system integrity for mission-critical software produced by an NAE SSA for NAE embedded systems software.
Practical implications
A blockchain-based authentication approach that could be implemented at the OFP point-of-load would provide for fine-grain authentication of all OFP software components, with each component or module having its own proof-of-integrity (including the integrity of the used development tools) over its entire development history.
Originality/value
Many SSAs have established control procedures for development such as check-out/check-in. This does not prove the SSA output software is secure. For one thing, a build system does not necessarily enforce procedures in a way that is determinable from the output. Furthermore, the SSA toolchain itself could be attacked. The approach described in this paper enforces security policy and embeds information into the output of every development function that can be cross-referenced to blockchain transaction records for provability and traceability that only trusted tools, free from unauthorized modifications, are used in software development. A key original concept of this approach is that it treats assigned developer time as a transferable digital currency.
Details
Keywords
- Software development
- Blockchain
- Cybersecurity
- Operational flight program
- Secure development environment
- Secure virtual machine
- Zero trust
- Embedded systems
- Mission-critical systems
- OFP
- DevOps
- DevSecOps
- Software support activity
- SSA
- SDE
- Permissioned blockchain
- Cryptocurrency
- Time-limited authorization for developer action
- TADA
- Code signing
- Trusted software guard
- SGX
- Trusted eXecution technology
- TXT
- Trusted platform module
- Self-hosting
- Controlled access blockchain
- CABlock
- Role-based access control
- RBAC
China's advances in quantum communications.