Veilige indentifikasietegnieke vir gebruikers van rekenaarstelsels

Rensleigh, Christopher William

07 October 2014

M.Com. (Informatics) / Please refer to full text to view abstract

Computer networks - Security measures

Computer security

Smartcard technology

Magnetic stipe card

Economic analysis of travelling:studies on travel behaviour in Finland

Pekkarinen, S. (Saara)

09 December 2005

Abstract A great deal of research in transportation economics has been motivated by the need to solve traffic congestion problems and to diminish negative environmental effects of road transport. The question, whether the economic measures are efficient, motivates this dissertation on the value of travel time, the rules of optimal pricing and the demands for public transportation and private car use. Three concepts of the marginal value of travel time (MVT) are specified in this thesis. The first concept involves only the direct disutility of the travel time to work in addition to the utility of market goods and leisure. The second concept also includes the disutility from the time spent at work. The third concept furthermore takes into account the effect of the length of working hours, travel time, cost and income. The length of travel time, gender, family structure and flexibility of working hours have different effects on empirical MVTs, but travel costs and income affect them in a similar fashion. The pricing decisions of the firms providing bus services are analysed with and without public subsidies. The consumption externality, i.e. the quantity demanded by other users, affects the individual bus demand. The results indicate that under uniform pricing, a socially optimal subsidy equals the increase in consumer's surplus minus the fare revenue lost from current users due to lower fare. Under nonlinear pricing, the optimal pricing can be achieved when the regulator sets the subsidy so that it is inversely proportional to the network elasticity. The welfare loss due to increasing tax burden and the opportunity cost of providing cash fare service is also taken into account in the optimal pricing rule. A model of bus demand with asymmetric information on the characteristics of bus users is developed. The model allows for habit formation and network effects. The latter effect is due to the positive influence of the aggregate demand for Regional Bus Cards (RBC) on an individual's own demand. The empirical results indicate that in RBC services positive network effects are present and the elasticity of network size is less than one, which implies that the regional bus card is an impure public good. The own price elasticity of RBC in the short run is within the range of -0.3 and -1.1. The demand for RBC cards is more elastic than demand for RBC trips or passenger kilometres. The estimated price elasticity of urban bus demand is in line with that of RBC. A reasonably high cross-price elasticity of RBC trips and the ticket of 40 trips but a lower reverse elasticity were found. A weakly separable demand for car mileage from car ownership and labour supply was rejected as was the exogeneity of car ownership in the mileage model. Therefore, the price elasticity of car mileage with respect to fuel price was estimated from the two equation model of car mileage with endogenous car ownership. The estimated parameters of the Tobit model are consistent but slightly higher than those estimated from the least squares. The fuel price elasticity varies from -0.2 to -0.9 with exogenous and endogenous car ownership, respectively. The findings of this study can be applied in the analysis and implementation of different pricing and subsidy schemes for public transportation, as well as in the evaluation of the effectiveness of economic instruments for managing the growth of private car use.

car mileage

car ownership

nonlinear pricing

regional bus card demand

urban bus demand

value of travel time

Structural Design of an RFID-Based System : a way of solving some election problems in Africa

Bassey, Isong, Adedigba, Adetayo

January 2008

In this thesis work, two major problems confronting elections system in Africa; multiple registrations and diversion/shortages of election materials, taking the Nigerian content into consideration is addressed. These problems have been described as being so corrosive in nature such that ICTs in the form of eVoting if fully implemented will only compound or exacerbate the current situation due to poor ICTs awareness in the continent. However, in order to contain these problems with some form of ICTs tools along side the traditional election system, we proposed an RFID-based framework where voter’s identification and election materials are RFID-based. We believe this will enhance effective and efficient identification and tracking. Operations similar to the chain supply and inventory management are utilized. Also benefits resulting from the adoption of this framework; national ID card, national register, etc. are addressed. / isongb77@yahoo.com adetayoadedigba@yahoo.com

ICTs

RFID

Election Problems

EPC code

ID card

Human Computer Interaction

Secure Software and Communication on Handheld Devices / Säker programvara och kommunikation med handdatorer

Hussain, Musharrif, Mahmood, Sulman

January 2007

Some applications on mobile handheld devices are involved in exchanging critical information e. g. sending positioning data of heavy-good vehicles as a basis for road toll. This information must not be accessed or modified illegitimately; however, there is the risk that can be accessed or modified by modifying the application or during communication of the handheld device with its counterpart. This thesis report investigates concepts to shelter software from modification and how the communication of these applications running on a handheld device over public mobile network can be made more secure. This work was performed by carefully identifying relevant literature and developing the concept that how a smart card can enhance the security of the software running on it particularly for handheld devices. It also discusses the issues and threats to smart cards. Furthermore it proposes a solution based on the specified scenario. The security of the software comprises on two layers; one layer is for analysis prevention, making it hard to understand the behaviour of the program both at static and dynamic levels. The other layer is responsible for verifying the integrity of the software to ensure that it is not modified. The software is installed on smart card which acts as an extra security layer. The communication relies on the security features of the public mobile network with some enhancement. In order to shelter the communication via public Internet, a border based VPN solution is deployed between the public mobile network and the remote server using the network assisted approach. This thesis will serve as basis for designing a secure communication path for Swedish road toll system. / Some applications on mobile handheld devices are involved in exchanging critical information e. g. sending positioning data of heavy-good vehicles as a basis for road toll. This information must not be accessed or modified illegitimately; however, there is the risk that can be accessed or modified by modifying the application or during communication of the handheld device with its counterpart. This thesis report investigates concepts to shelter software from modification and how the communication of these applications running on a handheld device over public mobile network can be made more secure. This work was performed by carefully identifying relevant literature and developing the concept that how a smart card can enhance the security of the software running on it particularly for handheld devices. It also discusses the issues and threats to smart cards. Furthermore it proposes a solution based on the specified scenario. The security of the software comprises on two layers; one layer is for analysis prevention, making it hard to understand the behaviour of the program both at static and dynamic levels. The other layer is responsible for verifying the integrity of the software to ensure that it is not modified. The software is installed on smart card which acts as an extra security layer. The communication relies on the security features of the public mobile network with some enhancement. In order to shelter the communication via public Internet, a border based VPN solution is deployed between the public mobile network and the remote server using the network assisted approach. This thesis will serve as basis for designing a secure communication path for Swedish road toll system. / +46 762733374 +46 737038932

handheld devices

smart card

public mobile network

Computer Sciences

Datavetenskap (datalogi)

Telecommunications

Telekommunikation

The Extensive Subject File a Study of User Expectations in a Theological Library

White, Cecil R. (Cecil Ray)

08 1900

This study is concerned with determining how library patrons decide which entries to select from a subject card file which consists of numerous bibliographic records. Patrons are expected to select certain records based on elements that are objective (displayed directly by the record and requiring little or no interpretation) or subjective (recognized because of the user's special knowledge of the field).

subject card files

user expectations

Subject catalogs -- Use studies.

Subject headings.

Theological libraries.

Elektroniska signaturer : hur upplevs dess påstådda brister?

Franzen, Jonas

January 2002

För att informationsöverföring över publika nät ska kunna utföras på ett säkert sätt krävs identifiering, signering och kryptering, vilka är grundstenarna i en elektronisk signatur. Dessa delar i kombination ger oss bl.a. säker e-handel. Som plattform för detta ligger PKI (Public Key Infrastructure), vilket är samlingsnamnet för lösningar där man med hjälp av en speciell krypteringsteknologi skapar system för identifiering, kryptering och integritetskontroll (Halvarsson & Morin, 2000). Systemen kan användas för att till exempel skapa elektroniska signaturer för olika typer av avtal, säkra elektroniska transaktioner, identifiering av användare, säker e-post, och olika typer av säker kommunikation över publika nätverk. Tekniken lovordas till stor del, men även dess brister förs fram av kritikerna. Det gäller exempelvis rutiner för utgivande av certifikat, vem ett certifikat verkligen tillhör etc. Detta arbete syftar till att ta reda på huruvida de påstådda bristerna upplevs hos sakkunniga i ämnet genom litteraturstudier och intervjuer. Resultatet pekar på att brister föreligger, men att de inte upplevs vara i den omfattning som kritikerna menar.

PKI

digitala signaturer

elektroniska signaturer

smart card

certifikat

Information Systems

Smartcard based heart-beat service for M2M communication

Erlandsson, Marcus

January 1984

This study concerns machine-to-machine (M2M) applications that use smartcards. More specifically,The Subscriber Identity Module (SIM) smart card is used for the purpose of monitoring a continuousnetwork connection between a host device and a server. Multicom Security is a security company thatoffers several secure communication connection services (e.g. payment transactions, alarm signals). Themonitoring of these connections is carried out with continuous heart-beat messages sent from thedevice to a server. Today they provide this heart-beat service through logic in their own manufactureddevices, but they have a desire to place the logic on a SIM card in order to be able to move such serviceswith this card and not with a device. Such services can then also be offered on devices not necessarilymanufactured by Multicom Security.The work consisted of investigation of current telecommunication standards, papers regardingsmartcard applications and the current monitoring service, in order to consider possible solutions toimplement a proof of concept of such solution and evaluate it. One aspect of the study was to checkwhether the implemented solution was general and would work in different mobile equipments and alsoto determine the limitations of such smartcard applications.Three solutions were considered for implementation of which one was successfully implemented andtested. The successful heart-beat application was developed using a network subscription enabled JavaCard smart card and using SMS as bearer for the heart-beat messages. By evaluating the solution withbasic tests of functionality, robustness, performance and compatibility the solution was considered to begeneral and compliant with most new mobile equipments. The evaluation was performed in realenvironment with the application running on an actual SIM card with network subscription tested indifferent mobile devices such as cell phones, built-in communication modules and alarm control panels.An alternative solution based on GRPS instead of SMS was also realized but the tests could not becarried out completely due to lack of access to the SIM card implementation by the card provider.

SIM Toolkit

Smartcard

Java Card

GPRS

SMS

heart-beat

Computer Engineering

Datorteknik

Design and Implementation of a Secure In-app Credit Card Payment System

Bjurling, Patrik

January 2014

Smartphones are often used in order to make purchases today and mobile payments are estimated to continue growing in numbers the following years. This makes mobile payment systems attractive to companies as a new business platform. It also increases the number of malicious users trying to exploit the systems for financial gain. This thesis is conducted for the company TaxiCaller which desires to integrate mobile payments into their existing service. It discusses the current security standards for mobile payments and evaluates existing mobile payment solutions. The focus of the evaluation is on the security of the solutions and vulnerabilities, as well as mitigations of identified vulnerabilities, are discussed. Based on the evaluation, a mobile payment solution is designed and implemented. This system fully integrates with TaxiCaller’s existing system. A threat analysis of the implemented mobile payment solution is performed to provide confidence in the security. This thesis also provides an insight into the ecosystem of mobile payments including the stakeholders, the regulations, the security standards and difficulties during implementations.

Android

Credit card

Java

Mobile payment

Security

Smartphone

Computer and Information Sciences

Data- och informationsvetenskap

Moderna Betalningsmetoder / Modern Payment Methods

Ali, Hanna, Borchani, Nedia

January 2017

The purpose of the study is to examine the challenges of digital payments, the risks they pose and the impact they have in society. Technology is constantly changing, companies need to keep in pace with technology in order to provide accurate and actual financial information. Therefore it is important to examine the digital transactions impact on accounting.The issue that has been chosen to be studied is to identify the challenges that banks and companies that provide digital payment solutions face and how they work with these challenges.The method that was chosen to achieve the study was the qualitative method and the empirical material were obtained by semistructured interviews. Six respondents participated in the study, four banks and two companies that provides digital payment solutions. The results are analysed with the help of previous research and chosen theoretical concepts of mobile payment, card payment, risks and safety, cost-effectiveness and acceptance of payment services.The result of the theoretical and empirical study implies that higher requirements are placed on banks and companies, they have to follow laws and directives in order to increase the security of digital payments. The study is in swedish. / Avsikten med studien är att undersöka de digitaliserade betalningssättens utmaningar, vilka risker de medför samt den inverkan de har i samhället. Tekniken förändras ständigt, därmed finns det ett behov av att företag håller jämna steg med digitaliseringen för att tillhandahålla korrekt och aktuell finansiell information. Därför finns det en väsentlig betydelse att undersöka de digitala transaktionernas inverkan på redovisning. Den problematik som har valt att studeras är vilka utmaningar som de digitaliserade betalningstjänsterna står inför samt hur banker och övriga företag som tillhandahåller digitala betalningslösningar arbetar med dessa utmaningar. Den valda metodansatsen är en kvalitativ metod och det empiriska materialet är insamlat av semistrukturerade intervjuer. I studien deltog sex respondenter, varav fyra banker samt två företag som tillhandahåller digitala betalningslösningar. Resultatet analyseras med hjälp av tidigare forskning och begreppen mobila betalningar, kortbetalningar, risker och säkerhet, kostnadseffektivitet samt acceptans av betalningstjänster. Teorin samt praktiken har medfört att det ställs högre krav på företag och banker, både från nationella samt internationella riktningar. Då de måste följa lagar och direktiv för att öka säkerheten kring digitaliserade betalningsalternativ.

Mobile payments

card payments

digital accounting

fraud.

Mobila betalningar

kortbetalningar

digital bokföring

bedrägeri

Business Administration

Företagsekonomi

The Effect of a Multi-Component Consultation Intervention on the Pragmatic Language Skills of Students with Symptoms of Attention Deficit Hyperactivity Disorder

Cooper, Brittney M

03 July 2014

The purpose of this research was to determine if a multi-component consultation intervention was effective in improving pragmatic performance in students with ADHD. Participants for this study consisted of 7 children for whom 3 data points were obtained by a parent or 2 data points by a teacher. Changes in pragmatic performance were measured by comparing reports provided by parents or teachers pre- and post- intervention. Descriptive analysis procedures were completed to summarize changes in pragmatic behavior. Results revealed the mean overall change in pragmatic behavior for children in the MCC condition (Χ=1.133) was greater than the change seen in the CAU condition (.334) after 2 months of intervention as per parent reported data. Data indicated improvement in each behavior but incongruence between teachers and parents was found. Results support the hypothesis that the multi-component consultation intervention is effective in improving the pragmatic language performance of children with ADHD.

ADHD

Daily Report Card

Attention deficit hyperactivity disorder

classroom intervention

integrity