Enhanced Security Model for Information and Online Transaction Processing System Using Mandatory Access Control (MAC) Mechanism
DOI:
https://doi.org/10.26438/ijcse/v9i5.2230Keywords:
MAC, OOHDM, MLS, BLMAbstract
With the increasing popularity of the internet as well as the evolving acceptance of cashless policy, information and online transaction processing systems are generally more susceptible to direct attack and abuse than their offline counterparts. Various security techniques have previously been developed to regularly assess the vulnerability of these systems and provide security to users. However, a number of these security techniques have proved to have bottlenecks thereby, putting sensitive financial information, services and products at risk of cyber-attacks. In this work, an enhanced security model that improves the security of the online transaction processing system is designed. This algorithm combines the features of Multilevel Security (MLS) and the Bell-Lapadulla model (BLM) to ensure the secure state of the system. Additionally, Mandatory Access Control (MAC) mechanism was used to enhance the security of the sensitive information/data shared during the online transaction processing. The methodology adopted was Object Oriented Hypermedia and Design Methodology (OOHDM) which is well suited for analyzing and designing objects that make up the new security enhanced system. Microsoft Visual Studio 2010 was used as our development environment. The programming language used was PHP and Java Script, while MySQL Server 2008 was used in the development of the database engine. Enhancing the security requirement(s) of the system was considered. The results showed that the enhanced security model using Mandatory Access Control (MAC) mechanism offered a highly secured system where users and organizations felt protected while carrying out transactions online.
References
[1] Agbo, A. (2016). Cyber Security Made Easy: Cyber Security Threats and Solutions. Business Journal, 16(1), 18-27, 2016.
[2] Chen, D.; Cong, J.; Gurumani, S.; Hwu, W.; Rupnow, K. & Zhang, Z. (2016). Cyber-Physical Systems: Theory & Applications. Journal of the Institution of Engineering and Technology, 1 (1), 70-77, 2016.
[3] Allan, K. (2015). Cyber Security and the Internet of Things. Indian Journal of Computer Science and Engineering, 3(4), 356-365, 2015.
[4] Burden, F. & Palmer, W. (2014). Controlling Threats: Computing & Control Engineering. New York: Momentum Press, 29-35, 2014.
[5] Bottino, J. & Hughes, V. (2015). Understanding and Managing Cybercrime. Boston: Allyn & Bacon, 202-244, 2015.
[6] Geers, K. (2011). From Cambridge to Lisbon: the quest for strategic cyber defense. Journal of Homeland Security and Emergency Management, 8 (1), 1-16, 2011.
[7] Anthony, R. J. (2007). Policy-centric Integration and Dynamic Composition of Autonomic Computing Techniques. International Conference on Autonomic Computing (ICAC), IEEE, 103-116, 2007.
[8] McLean, Reddy, G. N. & Reddy, G. J. U. (2014). A Study of Cyber Security Challenges and Its Emerging Trends on Latest Technologies. International Journal of Engineering and Technology, 4 (1), 48-51, 2014.
[9] Reddy, G. N. & Reddy, G. J. U. (2014). A Study of Cyber Security Challenges and Its Emerging Trends on Latest Technologies. International Journal of Engineering and Technology, 4 (1), 48-51, 2014.
[10] Calhoun, C. D. & Nichols, J. I. (2015). Developing a Comprehensive Cyber Security Curriculum with a Collaborative Learning Environment. National Cyber Security Institute Journal, 2 (2), 1-56, 2015.
[11] Boardman, A. & Sauser, M. (2016). Computer Security Issues & Trends. California: Sogeti and IBM, 105-119, 2016.
[12] Bayuk, J. L.; Healey, J.; Rohmeyer, P.; Sachs, M. H.; Schmidt, J. & Weiss, J. (2012). Cyber Security Policy Guidebook. New Jersey: John Wiley & Sons, Inc., 1056-1088, 2012.
[13] Li, Z.; Jin, D.; Hannon, C.; Shahidehpour, M. & Wang, J. (2016). Assessing and Mitigating Cyber Security Risks. Journal of the Institution of Engineering and Technology, 1 (1), 60-69, 2016.
[14] Oltramari, A.; Cranor, L. F.; Walls, R. J. & McDaniel, P. (2016). Building an Ontology of Cyber Security. International Symposium on Information, Computer, and Communications Security, 1(1), 54-61, 2016.
[15] Liang, F.; Cole, F. & Mark, H. (2017). Security of Virtual Working on Cloud Computing Platforms. Journal of the Institution of Engineering and Technology, 2(1), 79-87, 2017.
[16] Amurthy, P. K. & Redddy, M. S. (2012). Implementation of ATM Security by Using Fingerprint Recognition and GSM. International Journal of Electronics Communication and Computer Engineering, 3 (1), 83-86, 2012.
[17] Onyesolu, M. O. & Ezeani, M. I. (2012). ATM Security Using Fingerprint Biometric Identifier: An Investigative Study. International Journal of Advanced Computer Science and Applications, 3 (5), 67-74, 2012.
[18] Allan, K. (2015). Cyber Security and the Internet of Things. Indian Journal of Computer Science and Engineering, 3(4), 356-365, 2015.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.
