Nor Fazlida Mohd Sani - Academia.edu (original) (raw)
Uploads
Papers by Nor Fazlida Mohd Sani
Lecture Notes in Electrical Engineering, 2013
2014 International Symposium on Biometrics and Security Technologies (ISBAST), 2014
2012 International Conference on Advanced Computer Science Applications and Technologies (ACSAT), 2012
Procedia Computer Science, 2014
In this work, we explore the authentication and verification of key exchange protocol using Messa... more In this work, we explore the authentication and verification of key exchange protocol using Message Authentication Code (MAC). We propose a new MAC scheme model using input-output automata to protect the integrity of the secret key in the key exchange protocol. Our scheme was devised in reference to the Diffie-Hellman communication protocol model. We divided our MAC protocol into three stages of communication sequences in order to simplify the model and the design of automata machine. In the final result, we combined all stages and represented the protocol as Cryptographic MAC Protocol in the regular language. We have shown that the cryptographic MAC protocol for key exchange protocol can be implemented using finite input-output automata with some small modification of the finite state machine. The proposed protocol would be useful for implementation in a lightweight or a secure smart devices communication in the wireless sensor nodes (WSN) network.
2009 16th Asia-Pacific Software Engineering Conference, 2009
Service-oriented architecture (SOA) is a new architectural style for developing distributed busin... more Service-oriented architecture (SOA) is a new architectural style for developing distributed business applications. Nowadays, those applications are realized through web services, which are later grouped as web service compositions. Web service compositions language, like the BPELWS 2.0 standard, are extensions of imperative programming languages. Additionally, it presents a challenge for traditional white-box testing, due to its inclusion of specific instructions, concurrency, fault compensation and dynamic service discovery and invocation. In fact, there is a lack of unit testing approaches and tools, which has resulted in inefficient practices in testing and debugging of automated business processes. Therefore, we performed a systematic review study to analyze 27 different studies for unit testing approaches for BPEL. This paper aims to focus on a comprehensive review to identify a categorization, a description of test case generation approaches, empirical evidence, current trends in BPEL studies, and finally to end with future work for other researchers.
Lecture Notes in Electrical Engineering, 2013
2008 International Symposium on Information Technology, 2008
The purpose of this paper is to present and describe the representation of an object-oriented pro... more The purpose of this paper is to present and describe the representation of an object-oriented programming code in the program understanding system. The program's representation that has been used and will be discussed is an Object-oriented Control Flow Graph ...
2012 International Conference on Information Retrieval & Knowledge Management, 2012
Providing an automated transformation tools to derive UML design diagrams including use cases, ac... more Providing an automated transformation tools to derive UML design diagrams including use cases, activity diagrams from use case requirements is important step of model driven development. This is important because use cases are commonly used for structuring and documenting requirements while activity diagram used to show the flow of the system. However, this step is less preferred by the developer
A secure network depends in part on user authentication and regrettably the authentication system... more A secure network depends in part on user authentication and regrettably the authentication systems currently in use are not completely safe. However, the user is not the only party that needs to be authenticated to ensure the security of transactions on the Internet. Existing OTP mechanism cannot guarantee reuse of user's account by an adversary, re-use stolen user's device which is used in the process of authentication, and non-repudiation. This paper proposed mechanism of multi factor for secure electronic authentication. It intends to authenticate both of user and mobile device and guarantee non-repudiation, integrity of OTP from obtaining it by an adversary. The proposal can guarantee the user’s credentials by ensuring the user’s authenticity of identity and checking that the mobile device is in the right hands before sending the OTP to the user. This would require each user having a unique phone number and a unique mobile device (unique International Mobile Equipment Identity (IMEI)), in addition to an ID card number. By leveraging existing communication infrastructures, the mechanism would be able to guarantee the safety of electronic authentication, and to confirm that it demonstrates excellence in non-repudiation, authenticate user and mobile device which are used in the process of authentication, certification strength and also in comparison and analysis through experimenting with existing OTP mechanisms.
https://sites.google.com/site/ijcsis/
Lecture Notes in Electrical Engineering, 2013
2014 International Symposium on Biometrics and Security Technologies (ISBAST), 2014
2012 International Conference on Advanced Computer Science Applications and Technologies (ACSAT), 2012
Procedia Computer Science, 2014
In this work, we explore the authentication and verification of key exchange protocol using Messa... more In this work, we explore the authentication and verification of key exchange protocol using Message Authentication Code (MAC). We propose a new MAC scheme model using input-output automata to protect the integrity of the secret key in the key exchange protocol. Our scheme was devised in reference to the Diffie-Hellman communication protocol model. We divided our MAC protocol into three stages of communication sequences in order to simplify the model and the design of automata machine. In the final result, we combined all stages and represented the protocol as Cryptographic MAC Protocol in the regular language. We have shown that the cryptographic MAC protocol for key exchange protocol can be implemented using finite input-output automata with some small modification of the finite state machine. The proposed protocol would be useful for implementation in a lightweight or a secure smart devices communication in the wireless sensor nodes (WSN) network.
2009 16th Asia-Pacific Software Engineering Conference, 2009
Service-oriented architecture (SOA) is a new architectural style for developing distributed busin... more Service-oriented architecture (SOA) is a new architectural style for developing distributed business applications. Nowadays, those applications are realized through web services, which are later grouped as web service compositions. Web service compositions language, like the BPELWS 2.0 standard, are extensions of imperative programming languages. Additionally, it presents a challenge for traditional white-box testing, due to its inclusion of specific instructions, concurrency, fault compensation and dynamic service discovery and invocation. In fact, there is a lack of unit testing approaches and tools, which has resulted in inefficient practices in testing and debugging of automated business processes. Therefore, we performed a systematic review study to analyze 27 different studies for unit testing approaches for BPEL. This paper aims to focus on a comprehensive review to identify a categorization, a description of test case generation approaches, empirical evidence, current trends in BPEL studies, and finally to end with future work for other researchers.
Lecture Notes in Electrical Engineering, 2013
2008 International Symposium on Information Technology, 2008
The purpose of this paper is to present and describe the representation of an object-oriented pro... more The purpose of this paper is to present and describe the representation of an object-oriented programming code in the program understanding system. The program's representation that has been used and will be discussed is an Object-oriented Control Flow Graph ...
2012 International Conference on Information Retrieval & Knowledge Management, 2012
Providing an automated transformation tools to derive UML design diagrams including use cases, ac... more Providing an automated transformation tools to derive UML design diagrams including use cases, activity diagrams from use case requirements is important step of model driven development. This is important because use cases are commonly used for structuring and documenting requirements while activity diagram used to show the flow of the system. However, this step is less preferred by the developer
A secure network depends in part on user authentication and regrettably the authentication system... more A secure network depends in part on user authentication and regrettably the authentication systems currently in use are not completely safe. However, the user is not the only party that needs to be authenticated to ensure the security of transactions on the Internet. Existing OTP mechanism cannot guarantee reuse of user's account by an adversary, re-use stolen user's device which is used in the process of authentication, and non-repudiation. This paper proposed mechanism of multi factor for secure electronic authentication. It intends to authenticate both of user and mobile device and guarantee non-repudiation, integrity of OTP from obtaining it by an adversary. The proposal can guarantee the user’s credentials by ensuring the user’s authenticity of identity and checking that the mobile device is in the right hands before sending the OTP to the user. This would require each user having a unique phone number and a unique mobile device (unique International Mobile Equipment Identity (IMEI)), in addition to an ID card number. By leveraging existing communication infrastructures, the mechanism would be able to guarantee the safety of electronic authentication, and to confirm that it demonstrates excellence in non-repudiation, authenticate user and mobile device which are used in the process of authentication, certification strength and also in comparison and analysis through experimenting with existing OTP mechanisms.