SlideShare a Scribd company logo

eDem&eGov 2014

D
Denys A. Flores, PhD

The document proposes an authentication and auditing architecture to enhance security on eGovernment services. It aims to address issues with relying solely on digital certificates for authentication by designing a centralized authentication service that uses salted password hashes. The model also implements a network intrusion detection system and database login auditing to detect and generate evidence of unauthorized database access. Further research will focus on analyzing evidence sources to investigate credential misuse.

Technology
1 of 19
First International Seminar on eDemocracy and eGovernment. Quito - Ecuador An Authentication and Auditing Architecture for Enhancing Security on eGovernment Services Denys A. Flores, MSc. Escuela Politécnica Nacional, Ecuador First International Conference on eDemocracy & eGovernment
First International Seminar on eDemocracy and eGovernment. Quito - Ecuador About me • Computer Systems Engineering Degree, Escuela Politécnica Nacional, Ecuador • MSc. Forensic Computing and Security, University of Derby, UK • Lecturer of Information Security in the Faculty of Systems Engineering, Escuela Politécnica Nacional, Ecuador • Digital Forensics Investigator at Sakura Consulting Group, Ecuador • IEEE member, ACM member First International Conference on eDemocracy & eGovernment
Topics • E-Government – Some Security Issues • Our Research Approach • Authentication and Auditing Model • Salting-Based Authentication Module (SAM) - SAM – User Registration - SAM – User Authentication • Data Base Intrusion Detection Module (DB-IDM) • Conclusions and Further Research • References
E-Government – Some Security Issues • Governmental information and services for citizens are widely available through eGovernment platforms • However... - Internet is the underlying platform - Information exchange is exposed to data tampering and unauthorised access - PKI – what about over reliance on digital certificates?
E-Government – Some Security Issues • First of all: - Security cannot be addressed using a holistic approach - I.e. your problem is maybe just the tip of the iceberg! – you are not seeing the whole thing yet! - Securing eGovernment implementations is challenging as it depends on many factors, such as: ‣ Software/hardware architecture ‣ Network requirements ‣ Compliance and auditing needs ‣ ….
Our Research Approach • Therefore: - It is better to narrow the scope of eGovernment security by means of incidents associated to a specific eGovernment service: - Service: The Ecuadorean Electoral Database - Incidents reported [1]: ‣ Suspicions of data tampering ‣ Suspicions of unauthorised access - Questions: ‣ Whether it is true or not, then: • What has been done to prevent these issues? • If something was done, can we enhance it to respond the Ecuadorean needs? • Is it possible to obtain intrusion evidence for further investigations?
Our Research Approach • Analysing Previous Work: - The most relevant for solving our questions were developed in 2010: ‣ A model for securing eGovernment web sites, based on SSL and PKI [2]: • Certificate management using a centralized Certifying Authority (CA) • Key Escrow supported by a LDAP-based directory server with the purpose of providing user information and retrieve both, credentials and certificates ‣ Secure Scheme for Client/Server eGovernment Systems [3]: • A client-server architecture to authenticate and validate users • Users are required to provide a certificate to prove identity along with their private key • An authentication service validates user credentials, certificate revocation and user rights to access the requested service.
Our Research Approach • Issues with the previous models: - A Directory Service requires a pre-defined hierarchy to describe an organization, but governmental services are not static [4] - A centralized CA is an important effort to support certificate issuing and revocation – if there is no CA nationwide, each governmental institution should set up their own CA - Both approaches are acceptable if the services to be accessed must not be available to all the citizens, yet visible to a few privileged ones.
Our Research Approach • Issues with the previous models: - Both over rely on digital certificates - it is going to be required as many certificates as citizens in the country - Fake digital certificates can be used to deceive users to access phishing sites[5] [6] - Although both solve authentication problems, unauthorised access to the back-end cannot be prevented
Our Research Approach • Proposal: - Design an architectural solution to tackle authentication and authorisation problems - Avoid using digital-certificate-based models as they are not a scalable solution for a large number of citizens - Produce evidence and audit trails in databases that are accessed without authorisation, which hinders the possibility to carry out effective digital investigations
Authentication and Auditing Model
Salting-Based Authentication Module (SAM) 1. SSL protection for in-transit credentials – digital certificates are used to ensure trusted client- server connections 2. Centralised Authentication Service (AS)  User Registration  User Authentication
SAM - User Registration
SAM - User Authentication
Data Base Intrusion Detection Module (DB-IDM) • Previous Models prevent unauthorised access using role-based controls at application level • DB-IDM protects database from insiders. I.e. when data tampering is attempted
Data Base Intrusion Detection Module (DB-IDM) 1. NIDS – Snort registers login attempts to the Application Database Server 2. Database Login Audit Logs –used for correlation analysis in between login attempts and successful login events 3. Both components generate audit trails and evidence sources for digital investigations
Conclusions and Further Research • An authentication and auditing architecture is proposed as digital certificate protection is not enough to provide access control and prevent unauthorised access to databases • Access control can be achieved by implementing a centralised Authentication Service in charge of user authentication and user registration • Securing passwords through salting is proposed, enhancing its security by randomizing salts on every session request • Unauthorised access to databases can be prevented by combining database auditing through login logs and intrusion detection by implementing a NIDS in passive detection mode • Further research is focused on generating and analysing evidence sources for investigating user credential misuse
References [1] Ecuador Inmediato, “Manipulación de Base de Datos del CNE, provino desde el propio organismo electoral,” ecuadorinmediato.com, 7 October 2012. [Online]. Available: http://www.ecuadorinmediato.com/index.php?module=Noticias&func=news_user_view&id=182966&u mt=manipulacion_base_datos_del_cne_provino_desde_propio_organismo_electoral_revela_perito_inf ormatico. [Accessed 23 January 2014 (In Spanish)] [2] W. Zhong, “Research on e-Government Security Model,” in International Conference on eBusiness and eGovernment, Guangzhou, China, 2010. [3] Z. Feng and Y. Zhu, “Design and Implementation of a Secure Scheme for the C/S mode E- Government system,” in Second International Workshop on Education Technology and Computer Science, Wuhan, China, 2010. [4] A. Nilsson, “Management of Technochange in an Interorganizational e-Governmen tProject,” in 41st International Conference on System Sciences, Hawaii, US, 2008. [5] Microsoft, “Improperly Issued Digital Certificates Could Allow Spoofing,” Security TechCenter, 9 December 2013. [Online]. Available: http://technet.microsoft.com/en-us/security/advisory/2916652. [Accessed 4 February 2014]. [6] P. Paganini, “Turkey – Another story on use of fraudulent digital certificates,” Security Affairs, 4 January 2013. [Online]. Available: http://securityaffairs.co/wordpress/11512/cyber-crime/turkey- another-story-on-use-of-fraudulent-digital-certificates.html. [Accessed 4 February 2014].
• THANK YOU - denys.flores@epn.edu.ec - denys.flores@sakuracg.com.ec

Recommended

Pki Digital Id Itmc University Wisconsin
Pki Digital Id Itmc University WisconsinPki Digital Id Itmc University Wisconsin
Pki Digital Id Itmc University WisconsinNicholas Davis
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationPeter Choi
 
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)Pace IT at Edmonds Community College
 
A New Research and Design for Grid Portal Security System
A New Research and Design for Grid Portal Security SystemA New Research and Design for Grid Portal Security System
A New Research and Design for Grid Portal Security Systemijfcstjournal
 
Cryptography in user authentication
Cryptography in user authenticationCryptography in user authentication
Cryptography in user authenticationRishikesh Jha
 
Uma webinar 2014 03-20
Uma webinar 2014 03-20Uma webinar 2014 03-20
Uma webinar 2014 03-20kantarainitiative
 
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET Journal
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET Journal
 

Recommended

Pki Digital Id Itmc University Wisconsin
Pki Digital Id Itmc University WisconsinPki Digital Id Itmc University Wisconsin
Pki Digital Id Itmc University WisconsinNicholas Davis
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationPeter Choi
 
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)Pace IT at Edmonds Community College
 
A New Research and Design for Grid Portal Security System
A New Research and Design for Grid Portal Security SystemA New Research and Design for Grid Portal Security System
A New Research and Design for Grid Portal Security Systemijfcstjournal
 
Cryptography in user authentication
Cryptography in user authenticationCryptography in user authentication
Cryptography in user authenticationRishikesh Jha
 
Uma webinar 2014 03-20
Uma webinar 2014 03-20Uma webinar 2014 03-20
Uma webinar 2014 03-20kantarainitiative
 
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET Journal
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET Journal
 
Digital Certificate Verification based on blockchain ethereum
Digital Certificate Verification based on blockchain ethereumDigital Certificate Verification based on blockchain ethereum
Digital Certificate Verification based on blockchain ethereumnurhaniffah1
 
IRJET- Blockchain based Certificate Issuing and Validation
IRJET- Blockchain based Certificate Issuing and ValidationIRJET- Blockchain based Certificate Issuing and Validation
IRJET- Blockchain based Certificate Issuing and ValidationIRJET Journal
 
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...IJCSIS Research Publications
 
Blockchain Poc for Certificates and Degrees
Blockchain Poc for Certificates and DegreesBlockchain Poc for Certificates and Degrees
Blockchain Poc for Certificates and DegreesCyberBahn Federal Solutions
 
Continuous and Transparent User Identity Verification for Secure Internet Ser...
Continuous and Transparent User Identity Verification for Secure Internet Ser...Continuous and Transparent User Identity Verification for Secure Internet Ser...
Continuous and Transparent User Identity Verification for Secure Internet Ser...1crore projects
 
Blockchain PoC For Education
Blockchain PoC For EducationBlockchain PoC For Education
Blockchain PoC For EducationSanjeev Raman
 
PACE-IT, Security + 5.1: Summary of Authentication Services
PACE-IT, Security + 5.1: Summary of Authentication ServicesPACE-IT, Security + 5.1: Summary of Authentication Services
PACE-IT, Security + 5.1: Summary of Authentication ServicesPace IT at Edmonds Community College
 
Secured and transperant voting system using biometics
Secured and transperant voting system using biometicsSecured and transperant voting system using biometics
Secured and transperant voting system using biometicsSYEDBABJI
 
Information Leakage Prevention Using Public Key Encryption System and Fingerp...
Information Leakage Prevention Using Public Key Encryption System and Fingerp...Information Leakage Prevention Using Public Key Encryption System and Fingerp...
Information Leakage Prevention Using Public Key Encryption System and Fingerp...CSCJournals
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityCloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityShakas Technologies
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)Pace IT at Edmonds Community College
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability Adz91 Digital Ads Pvt Ltd
 
(2007) Privacy Preserving Multi-Factor Authentication with Biometrics
(2007) Privacy Preserving Multi-Factor Authentication with Biometrics(2007) Privacy Preserving Multi-Factor Authentication with Biometrics
(2007) Privacy Preserving Multi-Factor Authentication with BiometricsInternational Center for Biometric Research
 
Existing system
Existing systemExisting system
Existing systemmadhukarreddy007
 
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...ijtsrd
 
Cloud computing
Cloud computingCloud computing
Cloud computingAli Raza
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityCloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityIGEEKS TECHNOLOGIES
 
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSIJNSA Journal
 
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...Syeful Islam
 
Threats of E-Commerce in Database
Threats of E-Commerce in DatabaseThreats of E-Commerce in Database
Threats of E-Commerce in DatabaseMentalist Akram
 
Factores de-la-comunicacion 2012
Factores de-la-comunicacion 2012Factores de-la-comunicacion 2012
Factores de-la-comunicacion 2012Angelitho Bustamante Valladares
 
Реалізація нового КПК України у 2013 році (моніторинговий звіт)
Реалізація нового КПК України у 2013 році (моніторинговий звіт)Реалізація нового КПК України у 2013 році (моніторинговий звіт)
Реалізація нового КПК України у 2013 році (моніторинговий звіт)Centre of Policy and Legal Reform
 

More Related Content

What's hot

Digital Certificate Verification based on blockchain ethereum
Digital Certificate Verification based on blockchain ethereumDigital Certificate Verification based on blockchain ethereum
Digital Certificate Verification based on blockchain ethereumnurhaniffah1
 
IRJET- Blockchain based Certificate Issuing and Validation
IRJET- Blockchain based Certificate Issuing and ValidationIRJET- Blockchain based Certificate Issuing and Validation
IRJET- Blockchain based Certificate Issuing and ValidationIRJET Journal
 
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...IJCSIS Research Publications
 
Continuous and Transparent User Identity Verification for Secure Internet Ser...
Continuous and Transparent User Identity Verification for Secure Internet Ser...Continuous and Transparent User Identity Verification for Secure Internet Ser...
Continuous and Transparent User Identity Verification for Secure Internet Ser...1crore projects
 
Blockchain PoC For Education
Blockchain PoC For EducationBlockchain PoC For Education
Blockchain PoC For EducationSanjeev Raman
 
Secured and transperant voting system using biometics
Secured and transperant voting system using biometicsSecured and transperant voting system using biometics
Secured and transperant voting system using biometicsSYEDBABJI
 
Information Leakage Prevention Using Public Key Encryption System and Fingerp...
Information Leakage Prevention Using Public Key Encryption System and Fingerp...Information Leakage Prevention Using Public Key Encryption System and Fingerp...
Information Leakage Prevention Using Public Key Encryption System and Fingerp...CSCJournals
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityCloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityShakas Technologies
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)Pace IT at Edmonds Community College
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability Adz91 Digital Ads Pvt Ltd
 
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...ijtsrd
 
Cloud computing
Cloud computingCloud computing
Cloud computingAli Raza
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityCloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityIGEEKS TECHNOLOGIES
 
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSIJNSA Journal
 
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...Syeful Islam
 
Threats of E-Commerce in Database
Threats of E-Commerce in DatabaseThreats of E-Commerce in Database
Threats of E-Commerce in DatabaseMentalist Akram
 

What's hot (20)

Digital Certificate Verification based on blockchain ethereum
Digital Certificate Verification based on blockchain ethereumDigital Certificate Verification based on blockchain ethereum
Digital Certificate Verification based on blockchain ethereum
 
IRJET- Blockchain based Certificate Issuing and Validation
IRJET- Blockchain based Certificate Issuing and ValidationIRJET- Blockchain based Certificate Issuing and Validation
IRJET- Blockchain based Certificate Issuing and Validation
 
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
 
Blockchain Poc for Certificates and Degrees
Blockchain Poc for Certificates and DegreesBlockchain Poc for Certificates and Degrees
Blockchain Poc for Certificates and Degrees
 
Continuous and Transparent User Identity Verification for Secure Internet Ser...
Continuous and Transparent User Identity Verification for Secure Internet Ser...Continuous and Transparent User Identity Verification for Secure Internet Ser...
Continuous and Transparent User Identity Verification for Secure Internet Ser...
 
Blockchain PoC For Education
Blockchain PoC For EducationBlockchain PoC For Education
Blockchain PoC For Education
 
PACE-IT, Security + 5.1: Summary of Authentication Services
PACE-IT, Security + 5.1: Summary of Authentication ServicesPACE-IT, Security + 5.1: Summary of Authentication Services
PACE-IT, Security + 5.1: Summary of Authentication Services
 
Secured and transperant voting system using biometics
Secured and transperant voting system using biometicsSecured and transperant voting system using biometics
Secured and transperant voting system using biometics
 
Information Leakage Prevention Using Public Key Encryption System and Fingerp...
Information Leakage Prevention Using Public Key Encryption System and Fingerp...Information Leakage Prevention Using Public Key Encryption System and Fingerp...
Information Leakage Prevention Using Public Key Encryption System and Fingerp...
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityCloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability
 
(2007) Privacy Preserving Multi-Factor Authentication with Biometrics
(2007) Privacy Preserving Multi-Factor Authentication with Biometrics(2007) Privacy Preserving Multi-Factor Authentication with Biometrics
(2007) Privacy Preserving Multi-Factor Authentication with Biometrics
 
Existing system
Existing systemExisting system
Existing system
 
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditabilityCloud assisted mobile-access of health data with privacy and auditability
Cloud assisted mobile-access of health data with privacy and auditability
 
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICSENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
ENHANCED AUTHENTICATION FOR WEB-BASED SECURITY USING KEYSTROKE DYNAMICS
 
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
An Algorithm for Electronic Money Transaction Security (Three Layer Security)...
 
Threats of E-Commerce in Database
Threats of E-Commerce in DatabaseThreats of E-Commerce in Database
Threats of E-Commerce in Database
 

Viewers also liked

Реалізація нового КПК України у 2013 році (моніторинговий звіт)
Реалізація нового КПК України у 2013 році (моніторинговий звіт)Реалізація нового КПК України у 2013 році (моніторинговий звіт)
Реалізація нового КПК України у 2013 році (моніторинговий звіт)Centre of Policy and Legal Reform
 
The choral director’s cookbook: Insights and inspired recipes for beginners a...
The choral director’s cookbook: Insights and inspired recipes for beginners a...The choral director’s cookbook: Insights and inspired recipes for beginners a...
The choral director’s cookbook: Insights and inspired recipes for beginners a...kinetteadams
 
Indian Religion, The People's Spirit and Thoughts
Indian Religion, The People's Spirit and ThoughtsIndian Religion, The People's Spirit and Thoughts
Indian Religion, The People's Spirit and ThoughtsIshwor Bhusal
 
Доклад для Конгресса по Деревянному Домостроению 2015
Доклад для Конгресса по Деревянному Домостроению 2015Доклад для Конгресса по Деревянному Домостроению 2015
Доклад для Конгресса по Деревянному Домостроению 2015sslash65
 
Web 2016 (05/13) Programare Web – Dezvoltarea aplicațiilor Web via Node.js
Web 2016 (05/13) Programare Web – Dezvoltarea aplicațiilor Web via Node.jsWeb 2016 (05/13) Programare Web – Dezvoltarea aplicațiilor Web via Node.js
Web 2016 (05/13) Programare Web – Dezvoltarea aplicațiilor Web via Node.jsSabin Buraga
 
Web 2016 (02/13) Programare Web – Protocolul HTTP. Cookie-uri. Sesiuni Web
Web 2016 (02/13) Programare Web – Protocolul HTTP. Cookie-uri. Sesiuni WebWeb 2016 (02/13) Programare Web – Protocolul HTTP. Cookie-uri. Sesiuni Web
Web 2016 (02/13) Programare Web – Protocolul HTTP. Cookie-uri. Sesiuni WebSabin Buraga
 
DTTTT – Design Thinking Think Tank Talk
DTTTT – Design Thinking Think Tank TalkDTTTT – Design Thinking Think Tank Talk
DTTTT – Design Thinking Think Tank TalkBert Bräutigam
 
Halstead's software science - ananalytical technique
Halstead's software science - ananalytical techniqueHalstead's software science - ananalytical technique
Halstead's software science - ananalytical techniqueVishnupriya T H
 
Army Public School and College Girls, Humayun Road, Rawalpindi
Army Public School and College Girls, Humayun Road, RawalpindiArmy Public School and College Girls, Humayun Road, Rawalpindi
Army Public School and College Girls, Humayun Road, Rawalpindidfcpakistan
 
A comparative review of various approaches for feature extraction in Face rec...
A comparative review of various approaches for feature extraction in Face rec...A comparative review of various approaches for feature extraction in Face rec...
A comparative review of various approaches for feature extraction in Face rec...Vishnupriya T H
 
Sampling design, sampling errors, sample size determination
Sampling design, sampling errors, sample size determinationSampling design, sampling errors, sample size determination
Sampling design, sampling errors, sample size determinationVishnupriya T H
 
Introduction to Triz (TIPS)
Introduction to Triz (TIPS)Introduction to Triz (TIPS)
Introduction to Triz (TIPS)Vishnupriya T H
 
Dezvoltator Web?! – ...în 2016
Dezvoltator Web?! – ...în 2016Dezvoltator Web?! – ...în 2016
Dezvoltator Web?! – ...în 2016Sabin Buraga
 

Viewers also liked (16)

Factores de-la-comunicacion 2012
Factores de-la-comunicacion 2012Factores de-la-comunicacion 2012
Factores de-la-comunicacion 2012
 
Реалізація нового КПК України у 2013 році (моніторинговий звіт)
Реалізація нового КПК України у 2013 році (моніторинговий звіт)Реалізація нового КПК України у 2013 році (моніторинговий звіт)
Реалізація нового КПК України у 2013 році (моніторинговий звіт)
 
The choral director’s cookbook: Insights and inspired recipes for beginners a...
The choral director’s cookbook: Insights and inspired recipes for beginners a...The choral director’s cookbook: Insights and inspired recipes for beginners a...
The choral director’s cookbook: Insights and inspired recipes for beginners a...
 
Programa de geografía americana
Programa de geografía americanaPrograma de geografía americana
Programa de geografía americana
 
Indian Religion, The People's Spirit and Thoughts
Indian Religion, The People's Spirit and ThoughtsIndian Religion, The People's Spirit and Thoughts
Indian Religion, The People's Spirit and Thoughts
 
Доклад для Конгресса по Деревянному Домостроению 2015
Доклад для Конгресса по Деревянному Домостроению 2015Доклад для Конгресса по Деревянному Домостроению 2015
Доклад для Конгресса по Деревянному Домостроению 2015
 
Web 2016 (05/13) Programare Web – Dezvoltarea aplicațiilor Web via Node.js
Web 2016 (05/13) Programare Web – Dezvoltarea aplicațiilor Web via Node.jsWeb 2016 (05/13) Programare Web – Dezvoltarea aplicațiilor Web via Node.js
Web 2016 (05/13) Programare Web – Dezvoltarea aplicațiilor Web via Node.js
 
Web 2016 (02/13) Programare Web – Protocolul HTTP. Cookie-uri. Sesiuni Web
Web 2016 (02/13) Programare Web – Protocolul HTTP. Cookie-uri. Sesiuni WebWeb 2016 (02/13) Programare Web – Protocolul HTTP. Cookie-uri. Sesiuni Web
Web 2016 (02/13) Programare Web – Protocolul HTTP. Cookie-uri. Sesiuni Web
 
DTTTT – Design Thinking Think Tank Talk
DTTTT – Design Thinking Think Tank TalkDTTTT – Design Thinking Think Tank Talk
DTTTT – Design Thinking Think Tank Talk
 
Voices in the city
Voices in the city Voices in the city
Voices in the city
 
Halstead's software science - ananalytical technique
Halstead's software science - ananalytical techniqueHalstead's software science - ananalytical technique
Halstead's software science - ananalytical technique
 
Army Public School and College Girls, Humayun Road, Rawalpindi
Army Public School and College Girls, Humayun Road, RawalpindiArmy Public School and College Girls, Humayun Road, Rawalpindi
Army Public School and College Girls, Humayun Road, Rawalpindi
 
A comparative review of various approaches for feature extraction in Face rec...
A comparative review of various approaches for feature extraction in Face rec...A comparative review of various approaches for feature extraction in Face rec...
A comparative review of various approaches for feature extraction in Face rec...
 
Sampling design, sampling errors, sample size determination
Sampling design, sampling errors, sample size determinationSampling design, sampling errors, sample size determination
Sampling design, sampling errors, sample size determination
 
Introduction to Triz (TIPS)
Introduction to Triz (TIPS)Introduction to Triz (TIPS)
Introduction to Triz (TIPS)
 
Dezvoltator Web?! – ...în 2016
Dezvoltator Web?! – ...în 2016Dezvoltator Web?! – ...în 2016
Dezvoltator Web?! – ...în 2016
 

Similar to eDem&eGov 2014

Securing e-Government Web Portal Access Using Enhanced Authentication System
Securing e-Government Web Portal Access Using Enhanced Authentication SystemSecuring e-Government Web Portal Access Using Enhanced Authentication System
Securing e-Government Web Portal Access Using Enhanced Authentication SystemHamdi Jaber
 
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008Denny Lee
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
 
Threats of Database in ECommerce
Threats of Database in ECommerceThreats of Database in ECommerce
Threats of Database in ECommerceMentalist Akram
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the HourTechdemocracy
 
Eds user authenticationuser authentication methods
Eds user authenticationuser authentication methodsEds user authenticationuser authentication methods
Eds user authenticationuser authentication methodslapao2014
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdfdhanywahyudi17
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applicationskanimozhin
 
Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems Maganathin Veeraragaloo
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsTechcello
 
Next Generation Internet
Next Generation InternetNext Generation Internet
Next Generation InternetSabiha M
 
Web Security Overview
Web Security OverviewWeb Security Overview
Web Security OverviewNoah Jaehnert
 
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce ApplicationControls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce ApplicationMufaddal Nullwala
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and ComplianceBankingdotcom
 
Guidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domainGuidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domainIvano Malavolta
 
IRJET- Survey on Blockchain based Digital Certificate System
IRJET- Survey on Blockchain based Digital Certificate SystemIRJET- Survey on Blockchain based Digital Certificate System
IRJET- Survey on Blockchain based Digital Certificate SystemIRJET Journal
 

Similar to eDem&eGov 2014 (20)

Securing e-Government Web Portal Access Using Enhanced Authentication System
Securing e-Government Web Portal Access Using Enhanced Authentication SystemSecuring e-Government Web Portal Access Using Enhanced Authentication System
Securing e-Government Web Portal Access Using Enhanced Authentication System
 
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
 
DigitalKYC_Modules.pdf
DigitalKYC_Modules.pdfDigitalKYC_Modules.pdf
DigitalKYC_Modules.pdf
 
Threats
ThreatsThreats
Threats
 
Threats of Database in ECommerce
Threats of Database in ECommerceThreats of Database in ECommerce
Threats of Database in ECommerce
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
 
Eds user authenticationuser authentication methods
Eds user authenticationuser authentication methodsEds user authenticationuser authentication methods
Eds user authenticationuser authentication methods
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdf
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applications
 
Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems
 
Compliance & Identity access management
Compliance & Identity access management Compliance & Identity access management
Compliance & Identity access management
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS Applications
 
Next Generation Internet
Next Generation InternetNext Generation Internet
Next Generation Internet
 
Web Security Overview
Web Security OverviewWeb Security Overview
Web Security Overview
 
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce ApplicationControls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and Compliance
 
Guidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domainGuidelines for the technological development in the e-health application domain
Guidelines for the technological development in the e-health application domain
 
Cybersecurity update 12
Cybersecurity update 12Cybersecurity update 12
Cybersecurity update 12
 
IRJET- Survey on Blockchain based Digital Certificate System
IRJET- Survey on Blockchain based Digital Certificate SystemIRJET- Survey on Blockchain based Digital Certificate System
IRJET- Survey on Blockchain based Digital Certificate System
 

More from Denys A. Flores, PhD

Conozca cómo evadir el ataque de los hackers
Conozca cómo evadir el ataque de los hackersConozca cómo evadir el ataque de los hackers
Conozca cómo evadir el ataque de los hackersDenys A. Flores, PhD
 
Memorias del Campus Party Quito 2014
Memorias del Campus Party Quito 2014Memorias del Campus Party Quito 2014
Memorias del Campus Party Quito 2014Denys A. Flores, PhD
 
Memorias del Campus Party Quito 2013
Memorias del Campus Party Quito 2013Memorias del Campus Party Quito 2013
Memorias del Campus Party Quito 2013Denys A. Flores, PhD
 

More from Denys A. Flores, PhD (8)

D flores trust-com19-pres
D flores trust-com19-presD flores trust-com19-pres
D flores trust-com19-pres
 
Conozca cómo evadir el ataque de los hackers
Conozca cómo evadir el ataque de los hackersConozca cómo evadir el ataque de los hackers
Conozca cómo evadir el ataque de los hackers
 
Memorias del Campus Party Quito 2014
Memorias del Campus Party Quito 2014Memorias del Campus Party Quito 2014
Memorias del Campus Party Quito 2014
 
eDem&eGov 2013
eDem&eGov 2013eDem&eGov 2013
eDem&eGov 2013
 
Memorias del Campus Party Quito 2013
Memorias del Campus Party Quito 2013Memorias del Campus Party Quito 2013
Memorias del Campus Party Quito 2013
 
TrustCom-16 - Paper ID 227
TrustCom-16 - Paper ID 227TrustCom-16 - Paper ID 227
TrustCom-16 - Paper ID 227
 
WPCCS 16 Presentation
WPCCS 16 PresentationWPCCS 16 Presentation
WPCCS 16 Presentation
 
Database forensics
Database forensicsDatabase forensics
Database forensics
 

Recently uploaded

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Recently uploaded (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

eDem&eGov 2014

  • 1. First International Seminar on eDemocracy and eGovernment. Quito - Ecuador An Authentication and Auditing Architecture for Enhancing Security on eGovernment Services Denys A. Flores, MSc. Escuela Politécnica Nacional, Ecuador First International Conference on eDemocracy & eGovernment
  • 2. First International Seminar on eDemocracy and eGovernment. Quito - Ecuador About me • Computer Systems Engineering Degree, Escuela Politécnica Nacional, Ecuador • MSc. Forensic Computing and Security, University of Derby, UK • Lecturer of Information Security in the Faculty of Systems Engineering, Escuela Politécnica Nacional, Ecuador • Digital Forensics Investigator at Sakura Consulting Group, Ecuador • IEEE member, ACM member First International Conference on eDemocracy & eGovernment
  • 3. Topics • E-Government – Some Security Issues • Our Research Approach • Authentication and Auditing Model • Salting-Based Authentication Module (SAM) - SAM – User Registration - SAM – User Authentication • Data Base Intrusion Detection Module (DB-IDM) • Conclusions and Further Research • References
  • 4. E-Government – Some Security Issues • Governmental information and services for citizens are widely available through eGovernment platforms • However... - Internet is the underlying platform - Information exchange is exposed to data tampering and unauthorised access - PKI – what about over reliance on digital certificates?
  • 5. E-Government – Some Security Issues • First of all: - Security cannot be addressed using a holistic approach - I.e. your problem is maybe just the tip of the iceberg! – you are not seeing the whole thing yet! - Securing eGovernment implementations is challenging as it depends on many factors, such as: ‣ Software/hardware architecture ‣ Network requirements ‣ Compliance and auditing needs ‣ ….
  • 6. Our Research Approach • Therefore: - It is better to narrow the scope of eGovernment security by means of incidents associated to a specific eGovernment service: - Service: The Ecuadorean Electoral Database - Incidents reported [1]: ‣ Suspicions of data tampering ‣ Suspicions of unauthorised access - Questions: ‣ Whether it is true or not, then: • What has been done to prevent these issues? • If something was done, can we enhance it to respond the Ecuadorean needs? • Is it possible to obtain intrusion evidence for further investigations?
  • 7. Our Research Approach • Analysing Previous Work: - The most relevant for solving our questions were developed in 2010: ‣ A model for securing eGovernment web sites, based on SSL and PKI [2]: • Certificate management using a centralized Certifying Authority (CA) • Key Escrow supported by a LDAP-based directory server with the purpose of providing user information and retrieve both, credentials and certificates ‣ Secure Scheme for Client/Server eGovernment Systems [3]: • A client-server architecture to authenticate and validate users • Users are required to provide a certificate to prove identity along with their private key • An authentication service validates user credentials, certificate revocation and user rights to access the requested service.
  • 8. Our Research Approach • Issues with the previous models: - A Directory Service requires a pre-defined hierarchy to describe an organization, but governmental services are not static [4] - A centralized CA is an important effort to support certificate issuing and revocation – if there is no CA nationwide, each governmental institution should set up their own CA - Both approaches are acceptable if the services to be accessed must not be available to all the citizens, yet visible to a few privileged ones.
  • 9. Our Research Approach • Issues with the previous models: - Both over rely on digital certificates - it is going to be required as many certificates as citizens in the country - Fake digital certificates can be used to deceive users to access phishing sites[5] [6] - Although both solve authentication problems, unauthorised access to the back-end cannot be prevented
  • 10. Our Research Approach • Proposal: - Design an architectural solution to tackle authentication and authorisation problems - Avoid using digital-certificate-based models as they are not a scalable solution for a large number of citizens - Produce evidence and audit trails in databases that are accessed without authorisation, which hinders the possibility to carry out effective digital investigations
  • 12. Salting-Based Authentication Module (SAM) 1. SSL protection for in-transit credentials – digital certificates are used to ensure trusted client- server connections 2. Centralised Authentication Service (AS)  User Registration  User Authentication
  • 13. SAM - User Registration
  • 14. SAM - User Authentication
  • 15. Data Base Intrusion Detection Module (DB-IDM) • Previous Models prevent unauthorised access using role-based controls at application level • DB-IDM protects database from insiders. I.e. when data tampering is attempted
  • 16. Data Base Intrusion Detection Module (DB-IDM) 1. NIDS – Snort registers login attempts to the Application Database Server 2. Database Login Audit Logs –used for correlation analysis in between login attempts and successful login events 3. Both components generate audit trails and evidence sources for digital investigations
  • 17. Conclusions and Further Research • An authentication and auditing architecture is proposed as digital certificate protection is not enough to provide access control and prevent unauthorised access to databases • Access control can be achieved by implementing a centralised Authentication Service in charge of user authentication and user registration • Securing passwords through salting is proposed, enhancing its security by randomizing salts on every session request • Unauthorised access to databases can be prevented by combining database auditing through login logs and intrusion detection by implementing a NIDS in passive detection mode • Further research is focused on generating and analysing evidence sources for investigating user credential misuse
  • 18. References [1] Ecuador Inmediato, “Manipulación de Base de Datos del CNE, provino desde el propio organismo electoral,” ecuadorinmediato.com, 7 October 2012. [Online]. Available: http://www.ecuadorinmediato.com/index.php?module=Noticias&func=news_user_view&id=182966&u mt=manipulacion_base_datos_del_cne_provino_desde_propio_organismo_electoral_revela_perito_inf ormatico. [Accessed 23 January 2014 (In Spanish)] [2] W. Zhong, “Research on e-Government Security Model,” in International Conference on eBusiness and eGovernment, Guangzhou, China, 2010. [3] Z. Feng and Y. Zhu, “Design and Implementation of a Secure Scheme for the C/S mode E- Government system,” in Second International Workshop on Education Technology and Computer Science, Wuhan, China, 2010. [4] A. Nilsson, “Management of Technochange in an Interorganizational e-Governmen tProject,” in 41st International Conference on System Sciences, Hawaii, US, 2008. [5] Microsoft, “Improperly Issued Digital Certificates Could Allow Spoofing,” Security TechCenter, 9 December 2013. [Online]. Available: http://technet.microsoft.com/en-us/security/advisory/2916652. [Accessed 4 February 2014]. [6] P. Paganini, “Turkey – Another story on use of fraudulent digital certificates,” Security Affairs, 4 January 2013. [Online]. Available: http://securityaffairs.co/wordpress/11512/cyber-crime/turkey- another-story-on-use-of-fraudulent-digital-certificates.html. [Accessed 4 February 2014].
  • 19. • THANK YOU - denys.flores@epn.edu.ec - denys.flores@sakuracg.com.ec