Tag Archives: Mohammad Jabed Morshed Chowdhury

Towards Security Risk-oriented Mal Activity Diagram

Author
Mohammad Jabed Morshed Chowdhury
Lecturer
Computer Science and Engineering
Daffodil International University

ABSTRACT 

Recently security has became one of the major concern in Information System (IS) development. Different security modeling language or security extension is used to model security features of IS. Mal Activity Diagram (MAD) is used at the design stage to represent security aspect. But it cannot model all the security risk management concepts. Without full coverage of concepts, it is not possible to model an IS efficiently and correctly. In this paper, first we propose a meta model for MAD which will help developers or other stakeholders to understand and use MAD correctly. Then we propose syntactic and semantic extensions of MAD to model all the risk management concepts. We have used this meta model and extension in a case study. This study shows that the meta model and extensions help us to correctly identify and model different security components of the system.

For details please see the attached file:

CAPTCHA Based on Human Cognitive Factor

Author
Mohammad Jabed Morshed Chowdhury
Computer Science and Engineering
Daffodil International University
Narayan Ranjan Chakraborty
Computer Science and Engineering
Daffodil International University

Abstract—

A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is an automatic security mechanism used to determine whether the user is a human or a malicious computer program. It is a program that generates and grades tests that are human solvable, but intends to be beyond the capabilities of current computer programs. CAPTCHA should be designed to be very easy for humans but very hard for machines. Unfortunately, the existing CAPTCHA systems while trying to maximize the difficulty for automated programs to pass tests by increasing distortion or noise have consequently, made it also very difficult for potential users. To address the issue, this paper addresses an alternative form of CAPTCHA that provides a variety of questions from mathematical, logical and general problems which only human can understand and answer correctly in a given time. The proposed framework supports diversity in choosing the questions to be answered and a user-friendly framework to the users. A user-study is also conducted to judge the performance of the developed system with different background. The study shows the efficacy of the implemented system with a good level of user satisfaction over traditional CAPTCHA available today.

For details please see the attached file:

CAPTCHA Based on Human Cognitive Factor

Author
Mohammad Jabed Morshed Chowdhury
Narayan Ranjan Chakraborty

For details please see the following link:

http://thesai.org/Downloads/Volume4No11/Paper_20-CAPTCHA_Based_on_Human_Cognitive_Factor.pdf

Comparison of e-Voting Schemes: Estonian and Norwegian Solutions

Author
Mohammad Jabed Morshed Chowdhury
Daffodil International University

ABSTRACT

An increasing number of elections have been performed using Online Voting including Estonia, Canada, Norway and Switzerland. In October 2005, Estonia organized countrywide remote e-voting. Every Estonian citizen got the opportunity to cast their vote via Internet from all over the world. Approximately 2% of actual voters made use of this opportunity. Different countries are also working on to develop their own e-voting system. Inspired by the recent development, Norwegian government has also decided to develop e-voting system in the country. Norway’s internet voting pilot project held in 2011 and countrywide e-voting will be held in 2017. Due to these experiences, the technical research topics have changed: While voting protocols have been well analyzed in the past, but little research has been done on the performed system. This paper will investigate the security and trustworthiness of the performed online voting. For this paper study and examine Estonian and Norwegian online voting system.

For details please see the attached file:

Identity Federations: A New Perspective for Bangladesh

Author
Md. Sadek Ferdous
Computing Science,
University of Glasgow, Glasgow, Scotland
Mohammad Jabed Morshed Chowdhury
Chief Technical Officer
Centre For Technology Development, Dhaka,
Md. Moniruzzaman
Computer Science,
University of Calgary, Canada
Abstract- 
With a view to provide more effective, enhanced and accessible services to their citizens, Governments around the globe have started different web services under the initiative of eGovernment. Many such services extensively utilise the Federated Identity framework due to its huge number of benefits. This paper analyses how different e-initiatives in Bangladesh can take advantage of this technology by illustrating use-cases in two different domains. As the online service and the e-Governance paradigm in Bangladesh are relatively new and evolving rapidly, we believe that this is the high-time to consider the benefits this technology can bring for the Government as well as the citizen.
For details please see the attached file:

Aligning Mal-activity Diagrams and Security Risk Management for Security Requirements Definitions

Author
Mohammad Jabed Morshed Chowdhury
University of Tartu,
Raimundas Matulevičius
Norwegian University of Science and Technology, Norway,
Guttorm Sindre
Abstract
Security engineering is one of the important concerns during system development. It should be addressed throughout the whole system development process. There are several languages for security modelling that help dealing with security risk management at the requirements stage. [Question/problem] In this paper, we are focusing on Malactivity diagrams that are used from requirement engineering to system design stage. More specifically we investigate how this language supports information systems security risks management (ISSRM). [Principal ideas/results] The outcome of this work is an alignment table between the Mal-activity diagrams language constructs to the ISSRM domain model concepts. [Contribution] This result may help developers understand how to model security risks at the system requirement and design stages. Also, it paves the way for
interoperability between the modelling languages that are analysed using the same conceptual framework, thus facilitating transformation between these modelling approaches.
 

For details please see the attached file:

s

A New Symmetric Key Encryption Algorithm based on 2-d Geometry

Author
Mohammad Jabed Morshed Chowdhury
Programmer
Prime Ministers’ Office,
Tapas Pal
Programmer
Tripad Labs
Abstract
Symmetric Key Cryptography is one of the prominent means of secure data transfer through unreliable channel. It requires less overhead than Public Key Cryptosystem. We present here, a new algorithm based on 2-d geometry using property of circle, and circle-centered angle. It is a block cipher technique but has the advantage of producing fixed size
encrypted messages in all cases. It incorporates low computational complexity with fairly high confidentiality.
For details please see the attached file:

NordSec 2010 Conference — Poster Session and Competition

Author
Mohammad Jabed Morshed Chowdhury
Senior Lecturer
Computer Science and Engineering
Daffodil International University

The conference includes a poster session that will be held on Wednesday evening. The posters will also be available for audience during the session breaks on Thursday and Friday. The poster session is open to everyone. However, the poster competition is open only for posters where the author(s) are students; see below for more details about the competition. Authors submitting a poster may also submit a short paper on the same topic.

For details please see the following link:

http://www.cse.tkk.fi/en/research/nordsec2010/poster.php