Implementasi BGP dan Resource Public Key Infrastructure menggunakan BIRD untuk Keamanan Routing

The validity of the routing advertisements sent by one router to another is essential for Internet connectivity. To perform routing exchanges between Autonomous Systems (AS) on the Internet, a protocol known as the Border Gateway Protocol (BGP) is used. One of the most common attacks on routers running BGP is prefix hijacking. This attack aims to disrupt connections between AS and divert routing to destinations that are not appropriate for crimes, such as fraud and data breach. One of the methods developed to prevent prefix hijacking is the Resource Public Key Infrastructure (RPKI). RPKI is a public key infrastructure (PKI) developed for BGP routing security on the Internet and can be used by routers to validate routing advertisements sent by their BGP peers. RPKI utilizes a digital certificate issued by the Certification Authority (CA) to validate the subnet in a routing advertisement. This study aims to implement BGP and RPKI using the Bird Internet Routing Daemon (BIRD). Simulation and implementation are carried out using the GNS3 simulator and a server that acts as the RPKI validator. Experiments were conducted using 4 AS, 7 routers, 1 server for BIRD, and 1 server for validators, and there were 26 invalid or unknown subnets advertised by 2 routers in the simulated topology. The experiment results show that the router can successfully validated the routing advertisement received from its BGP peer using RPKI. All invalid and unknown subnets are not forwarded to other routers in the AS where they are located such that route hijacking is prevented.

AN ANALYSIS OF TRANSACTIONS IN E-PAYMENT SYSTEM USING MOBILE AGENTS

Commercial interactions between merchants and customers pose a significant concern as they are associated with a large volume of data and complex information, especially when there is a need for switching requirements. This paper presents an agent-based analysis of e-payment transactions with the switching operations. The model adopts an inter-bank transaction network and consists of a terminal point of sale (POI) and three essential players in e-payment: customer, bank (merchant), and the Switch. This study analyses the various payment interactions using agent technology. The agent coordinates movement while the negotiation protocol serves as an internal control of the payment agreements, while the interactive hosts are the platforms that determine the status of transactions. Each agent host is equipped with a Certification Authority (CA) to secure communication between the merchant and the customer. Different transactions that agents could make are examined with formal descriptions. The implementation is achieved in Jade and compares with the object serialization mechanism. The simulation results show higher quality adaptation of agent systems and evidence of agentisation of e-transaction with Switch.

A Semidecentralized PKI System Based on Public Blockchains with Automatic Indemnification Mechanism

The PKI framework is a widely used network identity verification framework. Users will register their identity information with a certification authority to obtain a digital certificate and then show the digital certificate to others as an identity certificate. After others receive the certificate, they must check the revocation list from the CA to confirm whether the certificate is valid. Although this architecture has a long history of use on the Internet, significant doubt surrounds its security. Because the CA may be attacked by DDoS, the verifier may not obtain the revocation list to complete the verification process. At present, there are many new PKI architectures that can improve on the CA’s single point of failure, but since they still have some shortcomings, the original architecture is still used. In this paper, we proposed a semidecentralized PKI architecture that can easily prevent a single point of failure. Users can obtain cryptographic evidence through specific protocols to clarify the responsibility for the incorrect certificate and then submit the cryptographic evidence to the smart contract for automatic judgment and indemnification.

SDVCA – A Robust and Secure Data Communication Protocol for Manet

The existence of intruders is a threat factor in any network. Degradation of the network operation occur which include delay in transmission, reduced network energy level, low throughput and many. In heterogeneous networks, the threat is complex since it has several interconnected devices working with different operating systems. To solve the trust dispute in the network a Robust and Secure Data Communication Protocol for MANET termed as Software Defined networking enabled Virtual Certification Authority (SDVCA) is proposed. In MANET, the nodes forward information among them. To control the data flow in a MANET the network has to establish a controller node and forwarder nodes for transmitting or forwarding data. The forwarder node carries out the operation of router. The VCA provides authentication certificate for all the network nodes. Without this authentication, the node will be declared as an untrusted intruder. No data will be transferred to or through them. Hence a trusted network is formed and efficient safe data transfer is achieved. In the proposed scheme, the control logic of MANET is moved from forwarding plane (node) to control plane (node) for improving the network performance. A social network model in MANET is designed to create controller-based architecture. This controller node will function as a host and also as a pathway of connecting different social networks in MANET architecture. The results provide improved performances and the network has better throughput, and lesser end to end delay when compared with the existing techniques.

Research on Data Security Audit in Cloud Computing for Big Data Environment

The modernization of industrial industry cannot be separated from the development of big data.In order to meet this challenge, cloud data integrity audit has been proposed in recent years and received extensive attention. Based on the in-depth study of the impact of different cloud storage data types on the audit scheme, this paper proposes an audit scheme based on Dynamic Hash table.Based on this, this paper explores a variety of cloud storage audit algorithms for different data types to deal with different security challenges.Facing a series of data security problems brought by cloud computing, this paper analyzes the concept, working principle and characteristics of cloud computing, and discusses the data security risks brought by cloud computing from four aspects. At the same time, this paper elaborates the data security strategy from five aspects: data transmission, data privacy, data isolation, data residue and data audit. In this paper, we propose to adopt end-to-end data encryption technology, build private cloud or hybrid cloud, share table architecture, destroy encrypted data related media, and introduce third-party certification authority for data audit.

Konsep Cyber Notary Dalam Menjamin Keautentikan Terhadap Transaksi Elektronik

The purpose of this paper is to analyze the application form of the concept of cyber notary in guaranteeing the authenticity of electronic transactions and to examine notary arrangements in guaranteeing the authenticity of electronic transactions. This is a departure from the vagueness of norms in Article 15 paragraph (3) of the Law on Notary Position, regarding the need for legal norms on the function and role of notaries in electronic business transactions. This paper uses a normative legal research method because the focus of the study departs from the obscurity of norms. The form of application of the concept of cyber notary in guaranteeing the authenticity of electronic transactions is that the parties keep coming and dealing with the notaries. However, the parties immediately read the draft deed on their respective computers, after agreeing, the parties immediately signed the deed electronically at the notary's office. Notary arrangements in guaranteeing the authenticity of electronic transactions play a role in the issuance of electronic certificates through Electronic Certification Providers. The role of a notary for Certification Authority and in issuing Electronic Certificates through Electronic Certification Providers. Tujuan penulisan ini adalah untuk menganalisa bentuk penerapan dari konsep cyber notary dalam menjamin keautentikan terhadap transaksi elektronik dan mengkaji pengaturan notaris dalam menjamin keautentikan terhadap transaksi elektronik. Hal tersebut beranjak dari adanya kekaburan norma dalam Pasal 15 ayat (3) Undang Undang Jabatan Notaris, akan kebutuhan norma hukum terhadap fungsi dan peran notaris dalam transaksi bisnis elektronik. Tulisan ini menggunakan metode penelitian hukum normatif karena fokus kajian beranjak dari kekaburan norma. Bentuk penerapan dari konsep cyber notary dalam menjamin keautentikan terhadap transaksi elektronik adalah para pihak tetap datang dan berhadapan dengan para notarisnya. Hanya saja, para pihak langsung membaca draft aktanya di masing-masing komputer, setelah sepakat, para pihak segera menandatangani akta tersebut secara elektronik di kantor Notaris. Pengaturan notaris dalam menjamin keautentikan terhadap transaksi elektronik berperan dalam penerbitan sertifikat elektronik melalui lembaga Penyelenggara Sertifikasi Elektronik. Peran notaris untuk Certification Authority maupun dalam penerbitan Sertifikat Elektronik melalui Penyelenggara Sertifikasi Elektronik.

Lightweight Digital Certificate Management and Efficacious Symmetric Cryptographic Mechanism over Industrial Internet of Things

The certificate authority, a trusted entity, issues digital certificates which contain identity credentials to help Industrial Internet of Things (IIoT) devices to represent their authenticity in a secure means. The crucial challenge of a digital certificate is to how design a secure certification authority management system that can counteract cyberattacks on the IIoT network. Moreover, current IIoT systems are not capable of implementing complex mathematical operations due to their constrained power capacity and processing capability. This paper proposes an effective, secure symmetric cryptographic mechanism (ESSC) based on the certificate authority management and Elliptic Curve Diffie Hellman (ECDH) to share a digital certificate among IIoT devices. The proposed certificate authority is used to securely exchange the shared secret key and to resolve the problem of spoofing attacks that may be used to impersonate the identity of the certificate authority. Also, ESSC uses the shared secret key to encrypt the sensitive data during transmission through the insecure communication channel. This research studies the adversary model for ESSC on IIoT and analyzes the cybersecurity of ESSC in the random oracle model. The findings that result from the experiments show that ESSC outperforms the baseline in terms of communication, computation, and storage costs. ESSC thus provides an adequate lightweight digital certificate management and cryptographic scheme which can help in the detection and prevention of several cyberattacks that can harm IIoT networks.

A Provable and Secure Patient Electronic Health Record Fair Exchange Scheme for Health Information Systems

In recent years, several hospitals have begun using health information systems to maintain electronic health records (EHRs) for each patient. Traditionally, when a patient visits a new hospital for the first time, the hospital’s help desk asks them to fill in relevant personal information on a piece of paper and verifies their identity on the spot. This patient will find that many of her personal electronic records are in many hospital’s health information systems that she visited in the past, and each EHR in these hospital’s information systems cannot be accessed or shared between these hospitals. This is inconvenient because this patient will again have to provide their personal information. This is time-consuming and not practical. Therefore, in this paper, we propose a practical and provable patient EHR fair exchange scheme for each patient. In this scheme, each patient can securely delegate the information system of a current hospital to a hospital certification authority (HCA) to apply migration evidence that can be used to transfer their EHR to another hospital. The delegated system can also establish a session key with other hospital systems for later data transmission, and each patient can protect their anonymity with the help of the HCA. Additionally, we also provide formal security proofs for forward secrecy and functional comparisons with other schemes.

Digital Certificate Verification Scheme for Smart Grid using Fog Computing (FONICA)

Smart Grid (SG) infrastructure is an energy network connected with computer networks for communication over the internet and intranets. The revolution of SGs has also introduced new avenues of security threats. Although Digital Certificates provide countermeasures, however, one of the issues that exist, is how to efficiently distribute certificate revocation information among Edge devices. The conventional mechanisms, including certificate revocation list (CRL) and online certificate status protocol (OCSP), are subjected to some limitations in energy efficient environments like SG infrastructure. To address the aforementioned challenges, this paper proposes a scheme incorporating the advantages and strengths of the fog computing. The fog node can be used for this purpose with much better resources closer to the edge. Keeping the resources closer to the edge strengthen the security aspect of smart grid networks. Similarly, a fog node can act as an intermediate Certification Authority (CA) (i.e., Fog Node as an Intermediate Certification Authority (FONICA)). Further, the proposed scheme has reduced storage, communication, processing overhead, and latency for certificate verification at edge devices. Furthermore, the proposed scheme reduces the attack surface, even if the attacker becomes a part of the network.

Characteristics of Notary Deeds for Transactions Through Electronic Media

These technological advances have caused enormous changes to business people who will indirectly use modern technological advances. This development will undoubtedly bring changes to the Notary duties and authorities' implementation as public official authorized to do authentic deeds. A new dynamic of society changes due to globalization and developments in information technology that require Notary services in carrying out existing legal actions, facilitated by current information technology. However, Notaries are still hampered by the absence of legal instruments that protect and regulate Notaries in carrying out these actions. This is a challenge for the Notary profession in responding to globalization in information technology, meaning that the Notary's duties as public officials develop along with the times. This research is normative research with a statutory approach. The results obtained from this research are that the Notary Public must involve a third party called the Certification Authority, to secure and legitimize documents into electronic transactions. The Notary deed to be used remains an authentic deed and has perfect evidentiary power. Still, suppose the process does not involve the party. In that case, the Notary deed is classified as an underhand deed, and has the power of proof as to the deed underhand, even though it is made and signed either directly or digitally by the Notary.Keywords: Notary, Electronic Transaction, Notary Deeds