Abstract

Abstract

Blockchain as an innovative technology has increased application usage of distributed and decentralized systems in different fields. With the rapid growth of applications using blockchain technology, there is a need to develop consensus models that ensure data and system integrity. In decentralized systems, the integrity of data cannot be realized without proper and secured consensus models of protocols. In the blockchain era, many applications use different consensus protocols, each of them has its advantages and disadvantages. The decision to apply a specific protocol to any application depends on many factors. Selecting a proper consensus protocol it is a difficult task for the system analyst, the selection must be based on all pros and cons of different protocols compared to the selected protocol and application purpose.

In this paper, we present an overview of consensus protocols, especially focused on POW (Proof-of-Work), POS (Proof of Stake) and LBFTas most used protocols in cryptocurrencies such as Bitcoin, Etherum, etc. We reviewed the Bitcoin protocol POW, Etherum protocol POS, Libra Protocol LBFT and finally we summarized the open challenges and suggest future research on the known phenomenon 51% attack.

Keywords: Protocol, Bitcoin, Etherum, Cryptocurrency, synchronization, decentralized, distributed, integrity, probability

Abstract

Everything that happens in a society is transmitted and reflected indirectly in its schools. The education system in post-war Kosovo underwent radical changes, and the reform and adaptation movements affected all the links of the education system. The political, social and economic status of post-war Kosovo, as well as insufficient staffing capabilities for implementing educational reform, represent a serious challenge in the process of practical implementation of educational reform. In such transitions there are drives to transfer the experiences of the most advanced educational systems of western countries. The application of these reforms brought much disappointments, objections and dilemmas. This paper, apart from the chronological critical review of the changes the education system in Kosovo went through, compares the positive experiences of neighboring countries such as Albania, Macedonia, Serbia and Croatia, and German-speaking countries such as Germany and Austria, i.e. practices that these countries have followed to overcome the challenges that arise in education reforms. In the Kosovo context, based on the steps taken at each stage of the process, we conclude that the initiation of changes in the Kosovo education system started in disregard of the context in which these schools operate. In conclusion, the paper provides recommendations for stakeholders in the education system in order to meet the increasing demands of the society.

Keywords

Kosovo, school, reform, transition, development.

Abstract

 The liberalization of the higher education market and the growth of higher education service providers in the last two decades has demanded from such providers to demonstrate the quality of their activities. Research shows that universities were used to seeing excellence as a self-evident key indicator of quality in higher education, but now this self-evident indicator has been transformed into a control mechanism. In Kosovo, the concept of quality assurance through the Kosovo Accreditation Agency is relatively new, but this concept is becoming increasingly integral and important part of each higher education institution. Mechanisms for external and internal quality assurance have been established in the formal sense, the legal basis on which the quality assurance system is organized, i.e. the quality assurance requirements and standards, is well defined and applicable. This paper presents the challenges of quality assurance (external and internal), by comparing the fulfillment of these criteria over the years, then by comparing with the European quality assurance standards and guidelines as well as the good practices of some developed countries. The paper presents the conclusions, lessons learned during these years, and finally recommendations for higher education system actors to overcome these challenges.

Keywords

Higher education, quality assurance, accreditation, challenges, Kosovo.

Abstract

With all features and resources, such as: social actors, social relations, content, communication, and ratings that todays’ social networks like Facebook, LinkedIn, Twitter, Google+, etc. offer to users, it still appears that at given point we have to refine and optimize our own accounts within the limits of a certain social network. In line with this trend, in this paper we present a model for efficient management of friends list in Facebook, as one of the limited resource in this social network. In order to get users data from Facebook, a web scraping technique combined with reverse image search has been adopted to ensure users authenticity. The activity between nodes (friends) on a social network is calculated based on their interactions in terms of likes, comments, shares and posts between each other. This approach led us into designing and implementing an algorithm based in these collaborative metrics, named “weight of relationship”. This algorithm calculates weights between friends on a network, and the results are evaluated by comparing these weights with respondent answers, conducted through personalized questionnaire. Consequently, this methodology brings feasible results, with an average accuracy of 71% on recommending which friends should be removed, thus releasing the space for incoming new friends. An app named RateMyFriends is developed based on presented approach.

Keywords

Social networks; algorithm; efficiency; Web scraping; application

Abstract

Local Loop Unbundling (LLU) is a process which allows the competitive Network Service Providers (NSPs) to use the telecom’s incumbent infrastructure to provide the services to their subscribers. In logical LLU, as the traffic passes through the incumbent network infrastructure, security and privacy of the NSP subscribers is of a serious concern. In this paper, we have presented a novel approach to address these concerns, by implementing the encryption on the Point to Point Protocol over Ethernet (PPPoE), in the broadband network, between the NSP Customer Premises Equipment (CPE) and Broadband Network Gateway (BNG) router. First, encryption algorithm is negotiated using the existing protocol Encryption Control Protocol (ECP), during the PPP establishment phase, and after that the PPP packet payload is encrypted using the Advanced Encryption Standard AES, 128 bit version. The encryption key is derived using the first 128 bits of the SHA256 hash of sum of the three key variables: PPPoE SESSION_ID, CPE MAC Address, and CPE serial number, which makes this encryption key unique. The proposed solution is compared to existing protocols.

Keywords

AES, BNG, ECP, PPPoE, SHA256

Abstract

Nowadays all organizations tend to shift their daily business processes into web. This shifting requires from web developer’s detailed knowledge about security techniques, such as Structured Query Language (SQL) injection and Cross Site Scripting Attack (XSS), otherwise the data managed and protected by web application could be exposed to not authorized parties. This paper aims to link and measure the impact of security techniques used by web developers for avoiding the vulnerabilities in web applications. We conducted a survey about the level of applicability of security techniques during web development and conducted a penetration testing for more than 110 local web sites. We discovered many vulnerabilities in these web sites and we linked the results with survey outcome.

Keywords

Web security, security scanners, Web vulnerabilities, SQL injection, XSS attack

Abstract

The raw analog data generated from almost any noise source in nature has a normal distribution of values. Cryptography applications usually require true random number generators (TRNGs) to output random data streams that have a uniform distribution of values. Since TRNGs use a noise source to generate the random data, and that source usually has a normal distribution, the TRNG has to convert the distribution. If the TRNG is implemented in a low power device such as a microcontroller, the algorithm for distribution conversion needs to be lightweight and efficient in terms of using as much of the raw data as possible. Current market implementations convert the analog data into digital data by employing a comparator or a Schmitt trigger. This method wastes a large amount of random input data, lowering the throughput of the TRNG. This paper presents a novel algorithm that enables distribution conversion in low power devices. The low memory requirements and efficient processing make it suitable for implementation in microcontrollers or other low power cryptographic devices. The algorithm is also flexible, allowing for any size of noise samples.

Keywords

Algorithm, distribution, random, security, TRNG

Abstract

Short Message Service (SMS) is the oldest application for exchanging messages between communicating parties in cellular network used by mobile phones. These messages are encrypted over-the-air with A5/1 algorithm and stored as clear text at network operator. Recent developments have shown that this algorithm is not secure any more. Compromising an access to network operator registers gains access to SMS also. For assuring privacy the SMS application must provide end-to-end encryption. In this paper we present an efficient solution for encrypting SMS between communicating parties using Advanced Encryption Standard (AES) algorithm in Android environment. Furthermore we compare the proposed solution we existing ones in market listing strengthens and limitations.

Keywords

Encryption, Privacy, SMS, AES, and Android.

Abstract

We all are witnessing the exponential growth of website sophisticated attacks in different areas and from various sources. This paper presents a research on the vulnerabilities of different web sites that are operational today in Kosovo. It focuses in the process of testing the web sites for different attack possibilities and their weakness in respect to possible “cybernetics” attackers. An advanced software tool, called “Acunetix”, is the main apparatus in this whole process of researching and fact gathering. It is worth mentioning that the whole “inspection” is made only for research purposes. First part of this paper presents definitions and approach used for this research. Second part contains the facts and results regarding vulnerabilities and weak points that are gathered. A conclusion about the vulnerabilities that are found on this research, accompanied with statistical records, is presented at the end of the paper.

Abstract

Civil Registry Information System serves as an essential data source for all e-government services. Searching for a citizen’s data in Civil Registry Database is usually done by providing unique keywords such as name. Due to the similar pronunciation of some Albanian language consonants, for example gj [ɟ] and xh [d͡ ʒ], problems arise in finding citizens data, names of which are similarly pronounced, despite different spelling. This paper presents a novel approach for string matching algorithm based on Albanian names. For this paper Levenshtein distance, American Soundex and modified Soundex results are compared on a database of 271.000 citizens of Prishtina municipality. The modified Soundex algorithm accommodates basic rules of pronunciation in Albanian language and its accuracy and efficiency is better than Levenshtein distance and American
Soundex.

Keywords

String matching, Levenshtein, Soundex, Civil Registry

Abstract

Security and privacy are central issues for the acceptance of online payment methods in particular and growth of the Internet market in general. Public Key Infrastructure and X.509 certificates have been established as the most trustworthy methods for assuring security in online transactions. In this work is a new approach proposed for increasing security by avoiding privacy violation using X.509 version 3 certificate private extensions and storing the certicate and its corresponding private key in the smartcard. The private key never leaves the smartcard and it can be used for encryption/decryption only after successful personal identication number presentation.

Keywords

X.50g v3 identity and. attribute certificates, privacy, security encryption, digital signature, non-repudiation, online transaction, smartcards, SET.