The OAuth 2.0 authorization framework is one of the most commonly used authorization frameworks. In its specification many implementation details are loosely defined, including the relationship between resource servers and authorization servers. This paper presents an approach for establishing trust between servers by using the authorization server as a broker, and examines an implementation for secure exchange of scholarship information between parties. To specify access rights, claims such as roles and capabilities are assigned to resource servers. These claims are asserted by the authorization server in form of access tokens. Instead of relying on shared databases, the issued access tokens are used to exchange messages between resource servers. This approach is useful in scenarios where applications have no shared infrastructure or are implemented by different parties.
Authorization, OAuth, Trust, Security
Digitalization of public services has already changed the way how we interact with government. The electronic signature, based on public key cryptography, has strengthened the trust towards this transformation. With the recent appearance of the electronic seal, this digital transformation is complete. The new European Union regulation for electronic Identification, Authentication and trust Services (eIDAS) has repealed the old directive and provides a regulatory environment. In the meantime, a novel technology based in cryptography rose as an alternative to fulfill these objectives – the blockchain. This paper, analyses the properties of the electronic seal, based on eIDAS regulation, with and without blockchain technology. The developed application uses local X.509 digital certificates and the MultiChain platform for the creation and deployment of private blockchains. At the end of the paper an overview of this comparison is provided, using different documents, pointing out the pros and cons of each technology.
Digital signature, electronic seal, eIDAS, blockchain, cryptography
Recently crowdsourcing is being established as the new platform for capturing ideas from multiple users, i.e., the crowd. Many companies have already shifted their approach towards utilising the power of the crowd. Transparency and quality of election process is the main factor for acknowledging the general election results. Voters, crowd feedback can be utilised to maintain a desired election process transparency and quality. This paper presents an efficient solution using crowdsourcing techniques for increasing transparency and the quality of election processes through a simple feedback web form in polling stations. These polling stations are securely connected to central election commission monitoring room, where the overall transparency and quality in national scale can be monitored. The survey conducted with more than 600 respondents shows that this approach will be acceptable from citizens and will increase the overall transparency, quality, and acceptance of election results.
crowdsourcing, crowd voting, privacy, security
Information technology (IT) systems have great potential to improve the efficiency and methods of operation in each government organization, providing added convenience and flexibility. Currently, most of government law enforcement agencies have digitized their methods of work by advancing their user services. With this new approach, have come new threats, therefore, it is necessary to develop and implement standard policies to enhance information security and privacy on all classified information systems. In this paper a novel solution is presented for protection of information up to the record level encryption by applying the Advanced Encryption Standard (AES) algorithm using derived symmetric master key. The master key is unique per each record and is calculated in the client application. The uniqueness of the derived master key is assured by applying the exclusive or operation of the key of each record and the unique key of the client. Furthermore, this paper includes a critical approach on existing cryptographic methods and proposes additional methods to protect information, such us authentication, access control, and audit.
Information security, Privacy, Encryption, Decryption, Access control, Audit
Applications that requires true random number generator (TRNG), which uses raw analog data generated from any noise source in nature, must convert the source normal distribution to uniform distribution. Many up to date implementations convert the raw analog data into digital data by employing a comparator or a Schmitt trigger. This method wastes a large amount of random input data, lowering the throughput of the TRNG. In new national electronic identity card (eID) beyond the true identity of his bearer and to address the increasing concern of user privacy while doing business in Internet an additional pseudo profile is set. This pseudo profile uses 20-byte random value generated by database server, using a script during personalization process. In this paper, we present a novel algorithm that enables efficient distribution conversion in low power devices. The low memory requirements and efficient processing make it suitable for implementation low power cryptographic devices but also in complex personalization systems. Furthermore, we compare the random data generated by our efficient TRNG vs. those generated by database server.
eID, privacy, security, random, TRNG
Teachers’ contribution in the process of improving the contemporary school performance is manifold and permanent. This study elaborates the contribution of the Kosovan teachers towards the improvement of the quality of work in primary and lower secondary school. Data were collected from 1080 teachers working in schools located in different areas in Kosovo. The data processing was done through the descriptive statistics method with the aim of extracting the characteristics of the data (average standard deviation) and the inferential statistics method in the function of the validity scale of assumptions that result from the data. The research results indicate that today, the Kosovan teachers enjoy more opportunities to influence the policies for the functionalisation and improvement of the work at school, whereas teachers with a higher level of education are more sceptical concerning the issues of influencing the policies of functionalisation and improvement of the work at school.
reform; Kosovo; teacher commitment; school performance; school improvement; decision-making.
Personal mobile devices currently have access to a significant portion of their user’s private sensitive data and are increasingly used for processing mobile payments. Consequently, securing access to these mobile devices is a requirement for securing access to the sensitive data and potentially costly services. Face authentication is one of the promising biometrics-based user authentication mechanisms that has been widely available in this era of mobile computing. With a built-in camera capability on smartphones, tablets, and laptops, face authentication provides an attractive alternative of legacy passwords for its memory-less authentication process, which is so sophisticated that it can unlock the device faster than a fingerprint. Nevertheless, face authentication in the context of smartphones has proven to be vulnerable to attacks. In most current implementations, a sufficiently high-resolution face image displayed on another mobile device will be enough to circumvent security measures and bypass the authentication process. In order to prevent such bypass attacks, gesture recognition together with location is proposed to be additionally modeled. Gestures provide a faster and more convenient method of authentication compared to a complex password. The focus of this paper is to build a secure authentication system with face, location and gesture recognition as components. User gestures and location data are a sequence of time series; therefore, in this paper we propose to use unsupervised learning in the long short-term memory recurrent neural network to actively learn to recognize, group and discriminate user gestures and location. Moreover, a clustering-based technique is also implemented for recognizing gestures and location.
authentication; face; smartphones; gestures; location; LSTM; neural network
In the beginning of Bologna’s process and creation of European Higher Education Area (EHEA), great importance has been to the transparency, increase of quality and concurrency between institutions of higher education. Nowadays, hot topic in higher education institutions in Europe are real-time learning outcomes, they are analyzed, projected and are evaluated today in all Europe and abroad. Traditional models and methods of success expression in learning and the degree of qualification is substituted with modern online systems. This paper proposes best practices for competence based teaching in higher education by using eCompetence software. The way these competences are organized, activities which are related to these competences and course contents which will help us to continuously evaluate students and prepare them for the labor market. Our results suggest that by implementing competence based teaching system in university evaluation and competence gaining would be more productive and would better prepare students for labor market. Consequently, this paper draws attention on provision of implementation of such a system in higher education by providing competence matrix, a competence software, and evaluation process.
Competence, E-learning, Evaluation, Competence Management System
Energy and spectral efficiency are the main challenges in 5th generation of mobile cellular networks. In this paper, we propose an optimization algorithm
to optimize the energy efficiency by maximizing the spectral efficiency. Our simulation results show a significant increase in terms of spectral efficiency as well as energy efficiency whenever the mobile user is connected to a low power indoor base station. By applying the proposed algorithm, we show the network performance improvements up to 9 bit/s/Hz in spectral efficiency and 20 Gbit/Joule increase in energy efficiency for the mobile user served by the indoor base station rather than by the outdoor base station.
Energy efficiency, 5G, radio resources, power allocation, optimization convexity
Today, we are witnessing increased demand for more speed and capacity in the Internet, and more processing power and storage in every end user device. Demand for greater performance is present in every system. Electronic devices and their hosted applications need to be fast, but not to lose their main security features. Authentication and encryption are the main processes in the security aspect, and are required for a secure communication. These processes can be executed in different devices, among them PCs, microprocessors, microcontrollers, biometric cards or mobile devices. Biometric identity cards are becoming increasingly popular, challenging traditional PC devices. This paper compares two processing systems, the efficiency of encryption and signatures on the data executed in national identity biometric card versus PC, known also as the match-on-card versus the match-off-card. It considers how different parameters impact the process and the role they play on the overall process. The results, executed with a predefined set of test vectors, determine which processing system to use in a certain situation. Final conclusions and recommendations are given taking into consideration the efficiency and security of the data.
cryptography; digital signature; match-on-card; match-off-card; eID biometric card
The mobile networks use femtocells as low power nodes to improve indoor coverage and thus achieve a high network capacity. In this paper, we focus on a combination of macrocells and femtocells in Long Term Evolution (LTE) networks. To achieve a high LTE network performance, we investigate the influence of power allocated to Evolved NodeB (eNodeBs) and Home Evolved NodeB (HeNodeBs) respectively. Using the Round Robin scheduling, while decreasing the eNodeBs transmit power and increasing the HeNodeBs transmit power, improve the user’s throughput significantly. We further demonstrate, by simulations, that applying other scheduling algorithms under the low eNodeBs transmit power and high eNodeBs, results in a significantly increased performance of LTE network.
Scheduling, transmit power, HetNet, LTE, resource block
Quality of election process is a main factor for acknowledging the general election results. In this sense a feedback from voters is critical to maintain a desired process quality. Crowdsourcing is establishing as standard platform to capture feedback and new ideas from the participating stakeholders. This paper presents an efficient solution using crowdsourcing techniques for improving the quality of election processes through a simple feedback web form in polling stations. These polling stations are securely connected to Central Election Commission monitoring room, where the overall quality in national scale can be monitored. The survey conducted with more 600 respondents shows that this approach will be acceptable from citizens and will improve the total quality and acceptance of election results.
Crowdsourcing; crowd voting; privacy; security;
Authentication and privacy are central issues for acceptance of any e-Voting system in particular and growth of e-Services in general. This paper aims to: (i) to analyze the appropriate architecture and propose new efficient architecture of electronic voting system in Kosovo, and (ii) to analyze the threat vectors and their avoidance in such system. The novelty of implemented solution is based on using dynamic queue list generated based on voters arrivals and identification at the polling station. The proposed architecture enables citizens to cast their vote in any polling station, in opposite to paper form voting where citizen is linked to his predefined polling station. The national election commission configures the smart card, as part of electronic voting infrastructure, to allow decryption of number of records that matches the number of voters in final country wide voting list. The communication between polling stations and central server is encrypted with server’s public key stored in digital certificate and every casted vote is digitally signed by ballot box private key. The developed model is used to compare the costs and efficiency of e-Voting against the traditional paper based voting system in Kosovo.
Digital Signature, Privacy, Security, Smart Cards, e-Voting, X.509 Digital Certificates
In this paper is presented a novel approach for fulfilling the data security criteria in a Student Lifecycle Management System at the University of Prishtina. The four main criteria of data security such as: privacy, authentication, integrity and non-repudiation are fulfilled through carefully selected security policies. Student data privacy is achieved using the Secure Socket Layer protocol for web communication with web server. Each user, being student, academic or administrative staff is provided with unique user name and initial password in the Student Lifecycle Management System. Data integrity and non-repudiation are fulfilled using digital signatures. The novelty of implemented solution is based on extending the subject name in X.509 digital certificates and using this certificate for securing student grades, which is in full compliance with the Kosovo Law on Information Society. Public Key Infrastructure and X.509 digital certificates have been established as the most trustworthy methods for assuring data security criteria in modern software applications. Security policy enforces that digital certificate and its associated private key shall be stored in a smart card. Access to private key stored in a smart card is protected by Personal Identification Number, known only by smart card holder. This implementation was installed at the Faculty of Electrical and Computer Engineering and has successfully passed a six semester testing period and students were, for the first time in the history of the University of Prishtina, able to apply online to take an exam.
Digital Signature, Privacy, Security, Smart Cards, X.509 Digital Certificates