Computer and Information Sciences - Publications

Permanent URI for this collection

https://dspace.uohyd.ac.in/handle/1/9

Browse

Browsing Computer and Information Sciences - Publications by Author "Ahamad, Shaik Shakeel"
  • Item
    A secure and optimized mobile payment framework with formal verification
    ( 2012-12-01) Ahamad, Shaik Shakeel ; Sastry, V. N. ; Udgata, Siba K.
    In this paper we propose a Secure and Optimized Mobile Payment Framework based on Universal Integrated Circuit Card (UICC) (a) which summarizes a mobile payment in relation to several different participants, (b) a procedure of personalizing UICC by the client c) a procedure of provisioning and personalization (Mutual Authentication, Key Agreement Protocol & a procedure for ensuring non repudiation without adopting WPKI) of Mobile Payments Application (which is on UICC) by the Bank d) a mobile payment protocol is proposed between the personalized Mobile Payment Application on UICC and the Bank Server which ensures all the security properties. All the proposed protocols have been successfully verified using AVISPA and Scyther Tools. Copyright 2012 ACM.
  • Item
    A secure and optimized proximity mobile payment framework with formal verification
    ( 2017-06-19) Ahamad, Shaik Shakeel ; Sastry, V. N. ; Udgata, Siba K.
    In this paper the authors propose a Secure and Optimized Proximity Mobile Payment (SOPMP) Framework using NFC (Near Field Communication) technology, WPKI (Wireless Public Key Infrastructure), UICC (Universal Integrated Circuit Card). The novelty of this proposed mobile payment framework is messages are exchanged in the form of Digital Signature with Message Recovery (DSMR) and merchant sends Invoice in the form of Digital Invoice Certificate (DIC) (which is digitally signed by the merchant). The communication link between mobile phone and merchant POS (Point Of Sale) is NFC. Digital Signature with Message Recovery based on ECDSA eliminates the need of adopting PKI cryptosystems thereby reducing the consumption of resources i.e. it consumes less computational and communication cost. DSMR eliminates the need of certificates validation and removes the hurdle of PKI thereby reducing storage space, communication cost and computational cost. The authors proposed protocol ensures Authentication, Integrity, Confidentiality and Non Repudiation, achieves Identity protection from merchant and Eavesdropper, achieves Transaction privacy from Eavesdropper and Payment Gateway, achieves Payment Secrecy, Order Secrecy, forward secrecy, and prevents Double Spending, Overspending and Money laundering. In addition to these our proposed protocol withstands Replay, Man in the Middle and Impersonation attacks. The security properties of the proposed protocol have been verified using AVISPA and Scyther Tools and presented with results.
  • Item
    A Secure and Reliable Mobile Banking Framework
    ( 2014-01-01) Ahamad, Shaik Shakeel ; Sastry, V. N. ; Udgata, Siba K. ; Nair, Madhusoodhnan
    In this paper we propose a secure mobile banking framework which ensures reliable end to end communication channel and end to end application security from the UICC to the Remote Bank Server via Mobile Equipment. SSL/TLS ensures secure connection from the UICC to the Remote Bank Server, TCP provides end to end reliable communication and Bearer Independent Protocol (BIP) provides and manages the link layer in achieving end to end reliable communications between the UICC and the Remote Bank Server. All the digital signatures are generated in a tamper proof hardware i.e. UICC at the client side and Hardware Security Module at the Bank side. So all the signatures generated in the framework are qualified signatures. Bank server is supported by Communication Manager, Synchronization Manager, Security Manager, Concurrency Manager, Backup Manager, Archives Manager and Error and Exception Handling Manager in order to ensure end to end security at the communication layer and at the application layer. © Springer International Publishing Switzerland 2014.
  • Item
    A Secure Lightweight and Scalable Mobile Payment Framework
    ( 2014-01-01) Ahamad, Shaik Shakeel ; Udgata, Siba K. ; Nair, Madhusoodhnan
    Existing SIP-based mobile payment solutions do not ensure all the security properties. In this paper we propose a Secure Lightweight and Scalable Mobile Payment Framework (SLSMP) using Signcryption scheme with Forward Secrecy (SFS) based on elliptic curve scheme which combines digital signature and encryption functions (Hwang et al., 2005) [5]. It takes lower computation and communication cost to provide security functions. SLSMP is highly scalable which is attributed to SIP for data exchange. This paper uses WPKI, UICC as Secure Element and depicts system architecture and detailed protocol of SIP based mobile payment solution. Our proposed framework is suitable for both micro and macro payments. Our proposed protocol ensures End to End security i.e. ensures Authentication, Integrity, Confidentiality and Non Repudiation properties, achieves Identity protection from merchant and Eavesdropper, achieves Transaction privacy from Eavesdropper and Payment Gateway, achieves Payment Secrecy, Order Secrecy, forward secrecy, prevents Double Spending, Overspending and Money laundering. © Springer International Publishing Switzerland 2014.
  • Item
    A secure mobile payment framework in MANET environment
    ( 2013-01-01) Ahamad, Shaik Shakeel ; Sastry, V. N. ; Udgata, Siba K.
    In this paper the authors propose a Secure Mobile Payment Framework in Multi hop Cellular Network environment (which is an integration of cellular networks and mobile ad hoc networks) using Mobile Agent technology and Digital Signature with Message Recovery (DSMR) mechanism based on ECDSA mechanism. Secure communication in Multi hop Cellular Networks is a nontrivial task because of lack of infrastructure, no prior trust relationships among nodes due to the absence of a centralized authority. Mobile Agent technology and Digital Signature with Message Recovery based on ECDSA mechanism provides secure mobile payments in Multi hop Cellular Networks. Mobile Agent technology has many benefits such as bandwidth conservation, reduction of latency, reduction of completion time, Asynchronous (disconnected) communications. Digital Signature with Message Recovery based on ECDSA eliminates the need of adopting PKI cryptosystems. The proposed protocol ensures Authentication, Integrity, Confidentiality and Non Repudiation, achieves Identity protection from merchant and Eavesdropper, achieves Transaction privacy from Eavesdropper and Payment Gateway, achieves Payment Secrecy, Order Secrecy, forward secrecy, prevents Double Spending, Overspending and Money laundering. The security properties of the proposed protocol have been verified successfully using BAN Logic, AVISPA and Scyther Tools and presented with results. Copyright © 2013, IGI Global.
  • Item
    Enhanced mobile SET protocol with formal verification
    ( 2012-12-01) Ahamad, Shaik Shakeel ; Sastry, N. N. ; Udgata, Siba K.
    In this paper we propose an Enhanced Mobile SET (EMSET) protocol with formal verification using Mobile Agent technology and Digital Signature with Message Recovery based on ECDSA mechanism. Mobile Agent technology and Digital Signature with Message Recovery (DSMR) based on ECDSA mechanism provides in proposing EMSET protocol in Mobile Networks. Mobile Agent technology has many benefits such as bandwidth conservation, reduction of latency, reduction of completion time, Asynchronous (disconnected) communications. Digital Signature with Message Recovery based on ECDSA eliminates the need of adopting PKI cryptosystems. Our proposed protocol EMSET ensures Authentication, Integrity, Confidentiality and Non Repudiation, achieves Identity protection from merchant and Eavesdropper, achieves Transaction privacy from Eavesdropper and Payment Gateway, achieves Payment Secrecy, Order Secrecy, forward secrecy, and prevents Double Spending, Overspending and Money laundering. In addition to these our proposed protocol withstands Replay, Man in the Middle and Impersonation attacks. The security properties of the proposed protocol have been verified using Scyther Tool and presented with results. © 2012 IEEE.
  • Item
    Formal verification of secure payment framework in MANET for disaster areas
    ( 2018-04-06) Ahamad, Shaik Shakeel ; Sastry, V. N. ; Udgata, Siba K.
    In this chapter, the authors propose a secure payment framework in mobile ad hoc network for disaster areas. In order to enable transactions in a disaster area using existing payment systems, we need infrastructure to communicate such as wired networks and base stations for cellular networks which are damaged by natural disasters. The authors propose to use mobile agent technology and digital signature with message recovery (DSMR) mechanism based on ECDSA mechanism to enable transactions in a disaster area using ad hoc networks.
  • Item
    Secure and optimized mobile based merchant payment protocol using signcryption
    ( 2012-01-01) Ahamad, Shaik Shakeel ; Sastry, V. N. ; Udgata, Siba K.
    The authors propose a Secure and Optimized Mobile based Merchant Payment (SOMMP) Protocol using Signcryption scheme with Forward Secrecy (SFS) based on elliptic curve which consumes less computational and communication cost. In SOMMP client sends message in the form of TransCertC (Transaction Certificate) which is aX.509 SLC (X. 509 Short Lived Certificate) thereby reducing the client interactions with the engaging parties thereby reducing the consumption ofresources (from Client s perspective) which are very scarce in Resource Constrained Devices like Mobile Phones. In SOMMP protocol WSLC (WPKI Short Lived Certificate) eliminates the need of certificates validation and removes the hurdle of PKI thereby reducing storage space, communication cost and computational cost. Their proposed SOMMP ensures Authentication, Integrity, Confidentiality and Non Repudiation, achieves Identity protection from merchant and Eavesdropper, achieves Transaction privacy from Eavesdropper and Payment Gateway, achieves Payment Secrecy, Order Secrecy, forward secrecy, and prevents Double Spending, Overspending and Money laundering. In addition to these SOMMP withstands Replay, Man in the Middle and Impersonation attacks. The security properties of the proposed SOMMP protocol have been verified using BAN Logic, AVISPA and Scyther Tools and presented with results. Copyright © 2012, IGI Global.
  • Item
    Secure mobile payment framework based on uicc with formal verification
    ( 2014-01-01) Ahamad, Shaik Shakeel ; Sastry, V. N. ; Udgata, Siba K.
    In this paper, we propose a secure mobile payments framework based on universal integrated circuit card (UICC) by defining: a) a procedure of personalising UICC by the client; b) a procedure of provisioning and personalisation (mutual authentication and key agreement protocol) of mobile payments application (which is on UICC) by the bank; and c) a mobile payment protocol between the personalised mobile payment application on UICC and the bank server. Our provisioning and personalisation procedure is compared with recent works and found to be better in terms of generating client's credentials, implementation of WPKI in UICC, personalisation of mobile payment application by the bank and end to end security. Our mobile payment protocol originating from mobile payment application to the bank is also compared with recent works and found to be better in terms of confidentiality, authentication, integrity and nonrepudiation, preventing double spending, over spending and money laundering, and withstands replay, man in the middle (MITM) and impersonation attacks. Proposed protocols are experimentally verified using BAN logic and scyther tool. © 2014 Inderscience Enterprises Ltd.