University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Enhancing online banking transaction authentication by using tamper proof & cloud computing.

Elhag, Hatim (2016) Enhancing online banking transaction authentication by using tamper proof & cloud computing. Doctoral thesis, University of Surrey.

[img]
Preview
Text
Enhancing Online Banking Authentication Right by using Tamper Proof & Cloud Computing.pdf - Version of Record
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (7MB) | Preview
[img]
Preview
Text
Author_Deposit_Agreement.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (165kB) | Preview

Abstract

The recent information technology development has vastly helped in accelerating and facilitating the banking services and operations in general. In spite of this accelerated development in the banking sector, the risk of invading electronic banking systems is evident. This is manifested in many harmful functions such as unauthorised money transfer, disclosure of client information, denial of online banking services as well as various threats linked with online banking at different lineages especially through authentication of the client online. This thesis utilizes cloud computing in the banking system from technological and economic perspectives, and the possible benefits that a cloud computing provider gives. The definitions and functions of enterprise architecture both for cloud computing and the financial sector are discussed, then the new architecture model that I developed by merging the cloud and e-banking architectures is thoroughly explained. This study presents a novel, unique tamper proof USB, sustained with an operating system dedicated to serve the bank’s clients. This device is realised by embedding the bank application in this tamper proof USB while creating an isolation layer in the client’s PC when the client plugs in this USB. The modified operating system platform is based on the puppy Linux operating system. It has the capability to multiplex physical resources at the granularity of an entire operating system while being able to provide isolation between different operating systems. This tamper proof device is supported by four authentication measures which are; unique tamper proof ID, User account, password and fingerprint with a client secure socket layer. Moreover, I designed two different channels, one with cloud for authentication and transferring an encrypted session key while the other channel is used for communication between the client and the bank after re-authentication accompanied by a one-time password and finger printer image authentication parameter plus session key. The simulation testbed is used to solve the fundamental flow of the mechanism in sufficient detail, using Network Miner to parse libpcap files to do a live packet capture of the network traffic between cloud provider and the client; using Foglight monitoring tools to utilise the simulated server. Netwalk tools are used to represent the percentage of IP usage and Kali Linux, wireshark for penetration testing. Key words: online transaction, Security, tamper proof devices, cloud computing, architecture model

Item Type: Thesis (Doctoral)
Divisions : Theses
Authors :
AuthorsEmailORCID
Elhag, Hatimh.elhag@surrey.ac.ukUNSPECIFIED
Date : 29 January 2016
Funders : University of Surrey
Contributors :
ContributionNameEmailORCID
Thesis supervisorCruickshank, Haithamh.cruickshank@surrey.ac.ukUNSPECIFIED
Thesis supervisorUNSPECIFIEDUNSPECIFIEDUNSPECIFIED
Depositing User : Hatim Elhag
Date Deposited : 09 Feb 2016 10:41
Last Modified : 09 Feb 2016 10:41
URI: http://epubs.surrey.ac.uk/id/eprint/809463

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year


Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800