Master of Information Systems Security Management (MISSM) and Master of Information Systems Assurance Management (MISAM) Project Reports (Concordia University of Edmonton)
Items in this Collection
- 3Bukatov, Sergey
- 2Kaur, Amandeep
- 2Lindskog, Dale
- 1Adegoke, Babajide Seyi
- 1Adeniyi, Oluwatola
- 1Ahamed, Waheeda Syed Shameem
A concern was raised that some domains associated with harmful internet communication may use the means of Privacy/Proxy registration to obscure their identity, making it more difficult to investigate and possibly shut down. Our goal is to investigate the degree/scope of this abuse. To conduct...
A survey of payment token vulnerabilities towards stronger security with fingerprint based encryption on Samsung PayDownload
The use of payment tokens, based on EMV® specifications and the Payment Card Industry token standard, both propels the spread of mobile payment technologies and improves the security of Mobile Payments including protection of the original payment information and primary account numbers. However,...
Single Packet Authorization (SPA) is the technique used to guard camouflaged network services against unauthorized users. SPA hides specific ports from the external world to reduce attacks at TLS ports until a cryptographically protected packet is received and authorized by the transport layer....
An analysis of the effectiveness of black-box web application scanners in detection of stored XSSI vulnerabilitiesDownload
Stored Cross-Site Scripting (XSS) vulnerabilities are difficult to detect and state-of-the-art black-box scanners have low detection rates. Both Bau et al. and Doupé et al. investigated black- box web application security scanners, and this paper extends their analyses of state-of-the-art...
An evaluation of a government organization's information systems access control process: Issues and proposed solutions based on Role-Based Access Control MethodologyDownload
This research paper reviews and evaluates a bona fide government organization's information systems security access control and audit process. From this review, the research paper will identify three major areas of concern with the existing access control process. The first is Systems...
Enterprises are migrating towards cloud solutions for every possible business function. The obvious reason for this paradigm shift is that cloud technology allows enterprises to have more agile, scalable and reliable cloud services available to their employees and customers at all times. Due to...
We propose an Internet ccTLD (country code Top Level Domain) Security Governance Framework and a maturity index for measuring the level of Security Governance within the ccTLD registrars. This basic conceptual structure will permit to assess risk management and maturity/effectiveness across ccTLD...
Mobile banking applications are at high risk of cyber attacks due to security vulnerabilities in their underlying operating systems. Android is the most popular operating system with feature like openness and customization. The Inter-Process Communication mechanism in Android enables applications...
Connected devices are penetrating the market with an unprecedented speed. Networks that carry Internet of Things (IoT) traffic need highly adaptable tools for traffic analysis in order to detect and suppress malicious agents. This has prompted researchers to explore the various benefits machine...
This paper presents an insight into attacks on Supervisory Control and Data Acquisition (SCADA) systems specifically focusing on systems that use the Modbus TCP protocol. A penetration testing approach is adopted using a novel penetration testing tool to (i) test the effectiveness and efficiency...