Impact of access control and copyright in e-learning from user's perspective in the United Kingdom

Akmayeva, Galina

January 2017

The widespread adoption of E-Learning has largely been driven by the recommendations of educational technologists seeking to convey the benefits of E-Learning as a valuable accessory to teaching and possible solution for distance-based education. Research in the E-Learning domain has mainly focused on providing and delivering content andinfrastructure. Security issues are usually not taken as central concern in most implementations either because systems are usually deployed in controlled environments, or because they take the one-to-one tutoring approach, not requiring strict security measures. The scope of this research work is to investigate the impact of Access Control and Copyright in E-Learning system. An extensive literature review, theories from the field of information systems, psychology and cognitive sciences, distance and online learning, as well as existing E-Learning models show that research in E-learning is still hardly concerned with the issues of security. It is obvious that E-learning receives a new meaning as technology advances and business strategies change. The trends of learning methods have also led to the adjustment of National Curriculum and standards. However, research has also shown that any strategy or development supported by the Internet requires security and is therefore faced with challenges. This thesis is divided into six Chapters. Chapter 1 sets the scene for the research rationale and hypotheses, and identifies the aims and objectives. Chapter 2 presents the theoretical background and literature review. Chapter 3 is an in-depth review of the methods and methodology with clear justification of their adaptation and explains the underlying principles. Chapter 4 is based on the results and limitations obtained from the six case studies observations supported with literature review and ten existing models, while Chapter 5 is focused on the questionnaire survey. Chapter 6 describes the proposed Dynamic E-Learning Access Control and Copyright Framework (DEACCF) and the mapping of the threats from the Central Computing and Telecommunications Agency (CCTA) Risk Analysis and Management Method (CRAMM) to Annualised Loss Expectancy (ALE). Chapter 7 presents the conclusions and recommendations, and the contribution to knowledge with further development plans for future work.

Cryptography and Computer Communications Security. Extending the Human Security Perimeter through a Web of Trust

Adeka, Muhammad I.

January 2015

This work modifies Shamir’s algorithm by sharing a random key that is used to lock up the secret data; as against sharing the data itself. This is significant in cloud computing, especially with homomorphic encryption. Using web design, the resultant scheme practically globalises secret sharing with authentications and inherent secondary applications. The work aims at improving cybersecurity via a joint exploitation of human factors and technology; a human-centred cybersecurity design as opposed to technology-centred. The completed functional scheme is tagged CDRSAS. The literature on secret sharing schemes is reviewed together with the concepts of human factors, trust, cyberspace/cryptology and an analysis on a 3-factor security assessment process. This is followed by the relevance of passwords within the context of human factors. The main research design/implementation and system performance are analysed, together with a proposal for a new antidote against 419 fraudsters. Two twin equations were invented in the investigation process; a pair each for secret sharing and a risk-centred security assessment technique. The building blocks/software used for the CDRSAS include Shamir’s algorithm, MD5, HTML5, PHP, Java, Servlets, JSP, Javascript, MySQL, JQuery, CSS, MATLAB, MS Excel, MS Visio, and Photoshop. The codes are developed in Eclipse IDE, and the Java-based system runs on Tomcat and Apache, using XAMPP Server. Its code units have passed JUnit tests. The system compares favourably with SSSS. Defeating socio-cryptanalysis in cyberspace requires strategies that are centred on human trust, trust-related human attributes, and technology. The PhD research is completed but there is scope for future work. / Petroleum Technology Development Fund (PTDF), Abuja, Nigeria.

Databáze specifikací bezpečnostních protokolů / Specifications Database of Security Protocols

Hadaš, Petr

Unknown Date

This paper describes four tools for verification security protocols Athena, Casper, Isabelle and Murphi. Each tool is briefly characterized and implementation of protocol Needham Schroeder. One part of this paper is comparing of selected tools. The second part of this paper describes in detail a tool Athena and mentions examples of verified protocols. By each protocol is stated a specifications of communication, a detected attack and results of own verification. At the end compares this paper verification results with already publicated attacks.

Cryptography and computer communications security : extending the human security perimeter through a web of trust

Adeka, Muhammad I.

January 2015

This work modifies Shamir’s algorithm by sharing a random key that is used to lock up the secret data; as against sharing the data itself. This is significant in cloud computing, especially with homomorphic encryption. Using web design, the resultant scheme practically globalises secret sharing with authentications and inherent secondary applications. The work aims at improving cybersecurity via a joint exploitation of human factors and technology; a human-centred cybersecurity design as opposed to technology-centred. The completed functional scheme is tagged CDRSAS. The literature on secret sharing schemes is reviewed together with the concepts of human factors, trust, cyberspace/cryptology and an analysis on a 3-factor security assessment process. This is followed by the relevance of passwords within the context of human factors. The main research design/implementation and system performance are analysed, together with a proposal for a new antidote against 419 fraudsters. Two twin equations were invented in the investigation process; a pair each for secret sharing and a risk-centred security assessment technique. The building blocks/software used for the CDRSAS include Shamir’s algorithm, MD5, HTML5, PHP, Java, Servlets, JSP, Javascript, MySQL, JQuery, CSS, MATLAB, MS Excel, MS Visio, and Photoshop. The codes are developed in Eclipse IDE, and the Java-based system runs on Tomcat and Apache, using XAMPP Server. Its code units have passed JUnit tests. The system compares favourably with SSSS. Defeating socio-cryptanalysis in cyberspace requires strategies that are centred on human trust, trust-related human attributes, and technology. The PhD research is completed but there is scope for future work.

005.8

Electromagnetic Physical Security: Addressing Exploitation Risks and Building Trust

Md Faizul Bari (20373786)

10 December 2024

<p dir="ltr">Unintentional electromagnetic emission (called emanation) from electronic devices and cables contains a significant correlation with the source signal and can be used to recover otherwise confidential data. In our work, EM emanation has been exploited to recover keystrokes from USB keyboards. Also, such emission has been utilized to form a covert channel for data exfiltration from air-gapped devices without being detected by IDS. To protect sensitive information, an automated emanation detection system has been proposed by developing two emanation detection algorithms (CNN-based and harmonic-based) through the characterization of emanation signals from a wide range of devices. Apart from emanation, data theft can happen due to the failure of access control methods. Traditional wireless devices are susceptible to various spoofing attacks as they only use digital signature-based authentication systems, ignoring the physical signatures completely. To circumvent that, RF-PUF was proposed to use device-specific signatures to be used for trust augmentation in traditional methods. By forming an extensive experimental dataset, we established RF-PUF as a strong PUF with a low-power overhead that outperformed the state-of-the-art methods and is robust against typical attacks. For real-time authentication, we proposed DIRAC, which forms dynamic device clusters and incrementally learns as more device data becomes available. Since our root of trust is in the physical signature of the ICs, they also need to be secured. However, counterfeited ICs may jeopardize that goal. We have proposed RF-PSF, which uses device-specific physical properties to authenticate its process technology which is a big part of the cloned IC detection.</p>

Circuits and systems

Engineering electromagnetics

Hardware security

System and network security

EM Emanation

RF-PUF

RF-PSF

Side Channel Analysis

Covert Channel

Data exfiltration

PWM

Keystroke Recovery

authentication security

Incremental learning

Dynamic Clusters

Counterfeit IC

Computational Harmonic Detector

Emanation

Compromising Emanation

TEMPEST investigators