A Secure Web-based Result Computation and Transcript Processing System for Federal Polytechnic Ukana (Published)
In this era of digital transformation, educational establishments must manage student records effectively while maintaining data security. This work describes how Federal Polytechnic Ukanadeveloped a safe, web-based transcript and results computation system by utilizing Agile methodology, which improved responsiveness and flexibility throughout the project. Iterative development, which allowed for constant feedback and quick adjustments to requirements that changed, was made possible by the Agile methodology. Ensuring data integrity, confidentiality, and accessibility, the system is designed to make managing academic records easier. It has an intuitive interface for both administrators and students withrole-based access control, secure authentication procedures, and data encryption to stop illegal access and data breaches are important parts of the system. The system’s design, implementation, and potential advantages in terms of improved data security and operational efficiency are all covered in this paper. The system’s successful implementation at Federal Polytechnic Ukana indicates that it can be scaled up to meet the needs of educational institutions looking to enhance their result management procedures.
Keywords: Security, agile software development methodology, result computation, transcript
Human and Technology Components in Data/Information Security (Published)
This paper reviewed the relationship between human and technology components in data/information security, looking into how humans and technological components affect the security of data/information. The paper considered information resources, importance of data/information, data/information security, human factors in data/information security, technological components in data/information security, importance of human and technology components in data/information security, and risk assessment. The paper concluded that effective management of humans and technology is indispensable in order to ensure protection to data. It was recommended, among others, that organizations should train their workers on the importance of data/information security; ensure that workers comply with laid down regulations regarding data/information security; and Computer Science community should, as a matter of urgency, conduct researches in aspects that explore the human factors and technology in cybersecurity from a multidisciplinary perspective.
Keywords: Security, data/information, human factor, technology factor, threat
A Smart Contract-based Blockchain Solution in IoT Networks (Published)
The emergence and growing use of advanced technologies has opened up new possibilities for addressing the security challenges of resource-constrained IoT net- works. As IoT devices exchange sensitive data, secure key management is essential for IoT network security, particularly during the key revocation phase. However, current IoT key management solutions require improvements due to the resource limitations of IoT devices. Despite these limitations, existing key revocation solutions still have several areas for improvement, including high communication overheads. Therefore, a decentralized and efficient solution is necessary to address these issues in IoT networks, with a focus on security. This paper proposes a new solution for key revocation based on Blockchain technology using smart contracts to minimize communication overhead and energy consumption in IoT networks. The paper presents a security and performance analysis to assess its correctness. The results indicate that our proposal outperforms other solutions by having a reduced communication overhead of 93.55%, 91.87%, and 99.75% compared to other solutions during the compromising, leaving, and draining cases, respectively. This demonstrates that our solution is efficient and suitable for IoT networks.
Keywords: Blockchain, Internet of Things (IoT), Security, Wireless Sensor Networks (WSNs)., key revocation
Operational approach to kernel system protection under Windows Server 2019: Optimization, QoS and Performance (Published)
Computer Sciences has become the culmination of all human activity these days, but it is also the worst fear that no epidemic has inspired today. And despite this, everyone concedes that the use of computers (especially through the Internet) now occupies the first place, even essential, in everyday life. Each of us uses a computer to work, to exchange information, to make purchases, etc. Unfortunately, malicious activity targeting computers is steadily increasing and trying to exploit vulnerabilities that are growing in number with ever-increasing complexity. In view of this, the present research has set itself the objective of mending the adequacy (optimization, dynamics and performance) of operating systems to their various deployment environments by emancipating a priori approaches, generally lacking in their capacity. to surpass future needs especially for the correction of security vulnerabilities, focusing on the functionalities of the hardware environment.
Keywords: Approach, Deployment, Dynamics, Performance, QOS, Security, System, kernel, operational, optimization, windows server 2019
A Review on Distributed Denial-of-Service Attacks on Internet of Things (Published)
The term IoT (Internet of Things) refers to physical things or objects having different types of sensors, ability to process, software and other technologies that helps to connect and exchange data with other systems over the internet. Whether it comes to simple coffee machine or big things like car or health care, agriculture, smart cities etc., IoT has developed a person’s living with his minimal involvement. Since, these IoT devices and other components used with it are having less memory, less computational capability makes them vulnerable to many types of attacks. The most common type of attack that takes place on it is DoS/DDoS, where an authorized user is restricted from accessing some service on internet. This paper focuses on security requirements at different IoT layers, issues related to DDoS attack and provides review on its countermeasures.
Keywords: DDoS, DoS, Security, internet of things
An Energy-Efficient ECC Scheme for Wireless Sensor Networks (Published)
The field of wireless sensor networks (WSNs) combines sensing, computation, and communication into a single tiny device called a sensor. Sensors are equipped with RF radio, processor, memory and hardware. They are also battery powered and therefore have severe energy, bandwidths and memory constraints, and low computational capability. Communication over WSNs is still known to be attack-prone because the constraints of sensors hinder the development of secure modern cryptographic solutions. The Elliptic Curve Cryptography (ECC) technique and the Rivest Shamir Adleman (RSA) algorithm are the two most popular public key cryptographic schemes deployed over wireless networks. The effectiveness of the ECC technique over RSA has been demonstrated in this research. While ECC with very large key sizes is thought to be computationally expensive, it is possible to use smaller primes, or smaller finite fields, with elliptic curves and achieve a level of security comparable to that for much larger integer mod n. Measurements have been made to prove that ECC algorithms can be executed within the memory limits of sensor nodes. An enhanced ECC scheme with collision resistant hash functions is proposed in this research.
Keywords: ECC, RSA, Security, Wireless Sensor Networks, communication, sensors
A Framework for Security of Data in Telemedicine (Published)
One of the challenges of telemedicine as observed in the literature is the issue of insecurity of data. This has come with its attendant lack of confidentiality and data integrity, the attributes most needed in medical records. An attempt to proffer solution to this problem is in the design of a framework comprising Rivest, Shamir and Adleman (RSA) cipher combined with the F4 frequency domain steganography algorithm. The framework is demonstrated with a simulated scenario. Complicated though this integration seems to be, the foolproof security offered outweighs the computational complexity.
Keywords: Confidentiality, Cryptography, F4, Integrity, RSA, Security, Steganography, telemedicine
Securing Multi-Agent Based Network Monitoring Platform against Malicious Agent Attack (Published)
This research paper examined the security threat issues against agents/multi-agent based system platform by malicious agent attackers in a network environment. Several techniques like fault isolation or sandboxing, access control to host resources, digital signatures, strong authentication, proof carrying code and message encryption were suggested by different research scholars as a means of mitigating the menace but however, no strong evidence on their application / implementation were mentioned. This research work used a 2 Factor or Double Data Encryption Standard (DES) approach to encrypt / decrypt messages between agents in our proposed network monitoring platform to prevent malicious agent from hijacking the exact network data content during communication. Java programming language was used to implement the 2DES algorithm in the security mechanism proposed. The system was tested for its effectiveness and efficiency in both non-production and production network environment. Results revealed detection rate to be high and with a very minimal false alarm rate. The proposed system is highly recommended for usage in any local area network environment.
Keywords: 2DES Algorithm, Agents, Java, LAN, Security
Three – Level Password Authentication (Published)
Authentication is one of the most important security service provided to system by the different authentication schemes or algorithms which must be provided so that only authorized persons can have right to use or handle that system and data related to that information system securely. Techniques used include token based, biometric based as well as knowledge based. Despite these, no single mechanism is efficient and effective to provide adequate security for computing resources such as programs, files, messages, printers, internet, etc. A 3 – level authentication is proposed in this paper that is more confidential for ensuring adequate security.
Keywords: Authentication, Authentication Techniques, Information Systems, Security
3CAuth – A Novel Multi-Factor Authentication Scheme using QR-Code (Review Completed - Accepted)
A multi-factor authentication scheme for remote authentication has been proposed in the paper which provides enough protection on personal credentials of the user. A critical analysis of the scheme shows that it can resist most of the possible attacks and is particularly useful at times of peak loads on servers. The scheme can easily integrate intoany framework offering Internet services to add security guarantee. The same has been brought out by integration with a multi-layered framework designed to handle peak loads on the server ensuring concurrency and availability as well. This integration is seen to clearly enhance the QoS in terms of making right admittance to right resources.
Keywords: 3CAuth, Authentication, Multi-layered Filtering, Multiphase admission control, Peak load, QR-Code, Security, Smart-card