Conceptual Design and Implementation of FIDO2 compatible Smart Card for Decentralized Financial Transaction System
- URL: http://arxiv.org/abs/2408.04977v1
- Date: Fri, 9 Aug 2024 10:08:10 GMT
- Title: Conceptual Design and Implementation of FIDO2 compatible Smart Card for Decentralized Financial Transaction System
- Authors: Anisha Ghosh, Aditya Mitra, Sibi Chakkaravarthy Sethuraman, Aswani Kumar Cherukuri,
- Abstract summary: Existing passwordless and password-based peer to peer transactions in online banking systems are vulnerable to advanced forms of digital attacks.
This paper proposes a novel and robust peer to peer transaction system which employs best cloud security practices, proper use of cryptography and trusted computing to mitigate common vulnerabilities.
- Score: 0.2678472239880052
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: With challenges and limitations associated with security in the fintech industry, the rise to the need for data protection increases. However, the current existing passwordless and password-based peer to peer transactions in online banking systems are vulnerable to advanced forms of digital attacks. The influx of modern data protection methods keeps better records of the transactions, but it still does not address the issue of authentication and account takeovers during transactions. To the address the mentioned issue, this paper proposes a novel and robust peer to peer transaction system which employs best cloud security practices, proper use of cryptography and trusted computing to mitigate common vulnerabilities. We will be implementing FIDO2 compatible Smart Card to securely authenticate the user using physical smart cards and store the records in the cloud which enables access control by allowing access only when an access is requested. The standard incorporates multiple layers of security on cloud computing models to ensure secrecy of the said data. Services of the standard adhere to regulations provides by the government and assures privacy to the information of the payee or the end-user. The whole system has been implemented in the Internet of Things scenario.
Related papers
- Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC)
ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic.
We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - Advocate -- Trustworthy Evidence in Cloud Systems [39.58317527488534]
The rapid evolution of cloud-native applications, characterized by dynamic, interconnected services, presents significant challenges for maintaining trustworthy and auditable systems.
Traditional methods of verification and certification are often inadequate due to the fast-past and dynamic development practices common in cloud computing.
This paper introduces Advocate, a novel agent-based system designed to generate verifiable evidence of cloud-native application operations.
arXiv Detail & Related papers (2024-10-17T12:09:26Z) - Cyber-Physical Authentication Scheme for Secure V2G Transactions [6.649289493897674]
The rapid adoption of electric vehicles (EVs) globally has catalyzed the need for robust cybersecurity measures within vehicle-to-grid (V2G) networks.
This paper proposes a cyber-physical authentication protocol and trading smart contract tailored to plug and charge (PnC) operations within blockchain-based V2G systems.
arXiv Detail & Related papers (2024-09-21T04:03:26Z) - Prichain II: CloudGuardian Cloud Security Proposal with Blockchain [0.0]
Between 2022 and 2023, there has been an increase of around 48% in cloud security threats.
We propose integrating the network's blockchain technology with a database located in the cloud.
arXiv Detail & Related papers (2024-07-29T12:52:27Z) - FACOS: Enabling Privacy Protection Through Fine-Grained Access Control with On-chain and Off-chain System [11.901770945295391]
We propose a permissioned blockchain-based privacy-preserving fine-grained access control on-chain and off-chain system, namely FACOS.
Compared to similar work that only stores encrypted data in centralized or non-fault-tolerant IPFS systems, we enhanced off-chain data storage security and robustness.
arXiv Detail & Related papers (2024-06-06T02:23:12Z) - Enc2DB: A Hybrid and Adaptive Encrypted Query Processing Framework [47.11111145443189]
We introduce Enc2DB, a novel secure database system following a hybrid strategy on and openGauss.
We present a micro-benchmarking test and self-adaptive mode switch strategy that can choose the best execution path (cryptography or TEE) to answer a given query.
We also design and implement a ciphertext index compatible with native cost model and querys to accelerate query processing.
arXiv Detail & Related papers (2024-04-10T08:11:12Z) - A Dual-Level Cancelable Framework for Palmprint Verification and Hack-Proof Data Storage [28.712971971947518]
Existing systems often use cancelable technologies to protect templates, but these technologies ignore the potential risk of data leakage.
We propose a dual-level cancelable palmprint verification framework in this paper.
arXiv Detail & Related papers (2024-03-05T06:09:35Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - Architecture of Smart Certificates for Web3 Applications Against
Cyberthreats in Financial Industry [2.795656498870966]
This study addresses security challenges associated with the current internet, specifically focusing on emerging technologies as blockchain and decentralized storage.
It also investigates the role of Web3 applications in shaping the future of the internet.
arXiv Detail & Related papers (2023-11-03T14:51:24Z) - Blockchain-enabled Data Governance for Privacy-Preserved Sharing of Confidential Data [1.6006586061577806]
We propose a blockchain-based data governance system that employs attribute-based encryption to prevent privacy leakage and credential misuse.
First, our ABE encryption system can handle multi-authority use cases while protecting identity privacy and hiding access policy.
Second, applying the Advanced Encryption Standard (AES) for data encryption makes the whole system efficient and responsive to real-world conditions.
arXiv Detail & Related papers (2023-09-08T05:01:59Z) - Regulation conform DLT-operable payment adapter based on trustless -
justified trust combined generalized state channels [77.34726150561087]
Economy of Things (EoT) will be based on software agents running on peer-to-peer trustless networks.
We give an overview of current solutions that differ in their fundamental values and technological possibilities.
We propose to combine the strengths of the crypto based, decentralized trustless elements with established and well regulated means of payment.
arXiv Detail & Related papers (2020-07-03T10:45:55Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.