The main goal of this paper is to present methods and tools for secure software development. The process of creating secure software involves analysis, design and implementation based on multi criteria decision making risk assessment. The results of this study give readers some proposals how to produce secure software systems and conduct cost-benefit analysis.
Digital cryptocurrencies especially privacy-oriented cryptocurrencies over the past years have experienced significant growth in terms of usage. The increased usage of privacy-oriented cryptocurrencies due to the offered privacy and anonymity, allows a cybercriminal to commit illegal transactions that are harder to trace back than Bitcoin. In this paper, we provide a forensic overview of the privacyoriented cryptocurrencies Monero, Verge, Dash, and Zcash. We analyse forensics experiments with these cryptocurrencies and make some assumptions and conclusions related to the analysed experiments.
The use of ID-1 cards is in an extremely large increase nowadays starting from identity cards, bank cards, driving licenses, membership cards, etc. In some of the uses, the security of the card and the data that the card holds are very important. Some of the security elements are defined in the production of the card and some during the personalization of the data on the card. Laser card engraving is a high-security feature that is applied during the process of personalizing the data on the card. In this article, we will present h ow to implement the digital signature in the data personalization using laser engraving and QR barcodes to minimize the costs of cards and to ensure the data on cards are not modified.
The paper focuses on the security of fiber optic infrastructures. The main purpose of the paper is present the vibration detection system for unauthorized access to the fiber optic infrastructure detection. For this purpose, measurement of vibrations using the interferometric method and the measurement based on state of polarization changes evaluation is presented. For the measurement own designed systems were used. Both systems are theoretically described and the principles of use are explained. The measurement was performed at an experimental workplace in a laboratory at the university Based on evaluation measurement both systems are compared in term of sensitivity.
Nowadays with the advancement of technologies and the direct impact of Covid-19 on business processes, more and more services are provided to the end users electronically. This is a convenient method for both providers of these services and consumers, but this trend also leads to several vulnerabilities in the protection of computer server systems and networks, through which communication between the customer and the provider is carried out at a technological level. Impact on computer or network systems is presented.
With the evolution of the digital world and the constant interaction in the real time world, even the casual user must be constantly aware of all possible threats and all possible protection actions or at least follow the trends. The vulnerabilities’ definit ions depend on their attacking area but with the huge space of data we never know what exactly is happening and to what is the harmed area. This article is going to provide a basic definition on the term cybersecurity and some of the most common threats along with giving some real vulnerabilities with their impact for the past decade. And as each action needs the actor, at the end there are some of the most popular academies which provide qualitative education to those who want.
Giving the right access, limiting resources, and recognizing a user’s identity are important steps that need to be taken into consideration before entering a certain network. These steps are executed by authentication and authorization. In this paper, we put our focus on authentication algorithms HOTP and TOTP as two algorithms for generating one-time passwords. A one-time password is an automatically generated string of characters – a password that is meant to be used only once. This password is only valid for one login session or transaction. Due to its randomness and usage (only once), it leads to higher security outputs, and that is why this type of password is used in authentication algorithms. We will analyse both algorithms and their working way and will present the obtained results and their usage in practice. The main characteristic is that the HOTP algorithm uses only hash functions and the TOTP algorithm uses time above the hash. To check when each algorithm is better to use, we need to know the given environment and circumstances. In this paper, we will try to answer the question” Which one is better at a particular time?”. Depending on many factors that we analyse through the sections, we are going to make conclusions that will be useful for future planning of good security passwords.
Error-correcting codes are widely used in modern coding theory, and their applications in networks and communication cannot be omitted. Together with the error detecting codes, they are the core of every possible transmission and communication. In coding theory, information theory and telecommunications, error-correcting codes are used to control errors in data which are transmitted over different communication channels. Convolutional block codes are one of the most popular error-correcting codes which are applied in many networks. On the other side, Random Codes Based on Quasigroups (RCBQ) are cryptcodes defined elsewhere. These codes provide a correction of a certain number of errors in the transmitted data and an information security in one algorithm. There are a few modifications of RCBQ, but here we will consider performances of Cut-Decoding algorithm. In this paper, we investigate and compare the bit error probability (BER) of these two codes for rate 1/4 and different values of bit-error probability in the binary symmetric channel. From the obtained experimental results, we conclude that for lower bit-error probability in the binary symmetric channel, the RCBQs are slightly better than convolutional codes. The advantage of RCBQs is that they have some cryptographic properties, but convolutional codes are faster than RCBQs.
Risk assessments are not a one-off action, but there are no formal guidelines on when and how often a risk assessment should be carried out. Changing factors affect the risk assessment parameters. The strongest influence of these changes is the probabil ity of an accident. The article describes the main parameters of a model that is built on the basis of an asset and the incident scenarios defined for it. An analysis of the changes in the probability of an accident has been made. Dependencies are derived to determine the appropr iate periods for checking the risk factors. These periods must ensure an acceptable level of risk, which is within acceptable levels for the organization.
The article deals with the steganography system which hides text inside images without losing data in components of RGB model The secret message is hidden in the cover image using Least Significant Bit (LSB) algorithm. The comparative results for the proposed algorithm are very promising for blue components of image. To evaluate steganography system properties are used the measures like Signalto- Noise Ratio (SNR), Peak Signal-to-Noise Ratio (PRSN), Mean Squared Error (MSE) and Structural Similarity Index for measuring (SSIM). The aim of the study is to determine whether there is a change in the qualitative characteristics of the stego image, when it is hidden the same information, but in a different color channel, to determine which color channel shows the most invisibility to others and is it advisable to be used in the transmission of confidential information.
Risk assessments are not a one-off action, but there are no formal guidelines on when and how often a risk assessment should be performed. Changing factors affect the risk assessment parameters. The strongest influence of these changes is the probability of an accident. Examining changes in the likelihood of an accident will allow for more accurate planning of periods for checking ri sk factors and assessing risk. In this way, the assessed risk will reflect the changes that have taken place and will lead to more adequate risk management. The analysis of the influence of the changing risk factors is made with the help of a model, which is built on the basis of one asset and the accident scenarios determined for it. The model examines the characteristics of changes in the risk factors for the asset. Th e probability distribution for the random number of changes is determined. The results of the amended conditions are also random. They are expressed in a change in the level of probability of an accident. For these random variables, the main probabilistic characteristics are d etermined and dependencies are derived that can be used for analysis.
The e-cash methodology has its advantages compared to other payment systems and it has brought big changes to the way business is being conducted. Money becomes an intangible item and travels electronically across the world in a widely open network that might expose it to risks. This means that secure end-to-end connections are needed and many different cryptographic algorithms are used to achieve it. In this paper we will go through the main metrics that characterize them and the main properties of the e-cash system. Finally, a review of a compact e-cash scheme with practical and complete tracing will be given.