Publications


The Cyberspace: Redefining A New World

Author(s): U. M. Mbanaso, PhDand E.S. Dandaura, PhD.  |  Published date:  May, 2015

<strong>Abstract:</strong> The cyberspace&nbsp; driven&nbsp; by information&nbsp; systems&nbsp; and the&nbsp; Internet&nbsp; is&nbsp; transforming&nbsp; our&nbsp; environment&nbsp; in extraordinary&nbsp; ways&nbsp; by&nbsp; enabling&nbsp; economic&nbsp; growth&nbsp; and&nbsp; providing&nbsp; new&nbsp; means&nbsp; by&nbsp; which&nbsp; people&nbsp; connect,&nbsp; interact and collaborate with one another. The continuous evolution of components of information and communications technology&nbsp; (ICT);&nbsp; advances&nbsp; in the underlying digital&nbsp; components&nbsp; (core&nbsp; electronics)and&nbsp; the&nbsp; corresponding reduction&nbsp; in&nbsp; costs suggest&nbsp; that&nbsp; the Internet is increasingly becoming more&nbsp; readily&nbsp; available&nbsp; and&nbsp; accessible worldwide.&nbsp; The&nbsp; outcome&nbsp; is&nbsp; that&nbsp; more&nbsp; and&nbsp; more&nbsp; people&nbsp; around&nbsp; the globe&nbsp; will&nbsp; ultimately&nbsp; rely&nbsp; on the effective functioning of&nbsp; the&nbsp; Internet to survive and&nbsp; prosper. This&nbsp; suggests&nbsp; an&nbsp; unremitting upsurge&nbsp; of the population&nbsp; of cyber citizens globally.Most countries no longer take these emerging trends in the virtual world casually. Aside the&nbsp; evolution of&nbsp; digital&nbsp; economy&nbsp; driven&nbsp; by the extensive&nbsp; use&nbsp; of&nbsp; information&nbsp; space&nbsp; or&nbsp; digital&nbsp; knowledge, most countries are working hard to dominate the information space. As the industrial revolution bifurcated the world, so also is the level of exploitation of the vast opportunities on cyberspace bifurcating nation states. This is simply due&nbsp; to&nbsp; the&nbsp; fact that traditional&nbsp; activities&nbsp; of&nbsp; all&nbsp; sorts&nbsp; are increasingly shifting&nbsp; to&nbsp; this&nbsp; new domain.Certainly, cyberspace&nbsp; has&nbsp; become&nbsp; a&nbsp; new focal&nbsp; point for&nbsp; innovations,&nbsp; enterprises,&nbsp; social&nbsp; networking,&nbsp; criminality and warfare.These&nbsp; factors&nbsp; are&nbsp; reshaping&nbsp; and&nbsp; redefining&nbsp; a&nbsp; new&nbsp; world.&nbsp; Most&nbsp; countries&nbsp; that&nbsp; have&nbsp; recognized cyberspace as the fifth domain, have,equally elevated their perception of the domain as an abstract virtual space to&nbsp; a&nbsp; more&nbsp; concrete&nbsp; space with&lsquo;physical boundaries&rsquo;. This&nbsp; paper&nbsp; explores&nbsp; the&nbsp; different&nbsp; levels&nbsp; at&nbsp; which cyberspace is bringing benefits and risks to mankind, and the factors responsible for the widening gap between &lsquo;developed&rsquo; and &lsquo;developing&rsquo; nations.

Download pdf


The Cyberspace and Intensification of Privacy Invasion

Author(s): U. Mbanaso, PhD and E.S. Dandaura, PhD  |  Published date:  Apr, 2015

<strong>Abstract: </strong>The widespread adoption of cyberspace for exceptional socio-economic activities, especially as it is connecting populations around the globe in ways never foreseen is raising fresh security issues.What is fueling this embracement, is the pervasiveness of social media and innovative mobile computing devices.&nbsp; This has not only&nbsp; changed&nbsp; our&nbsp; ways&nbsp; of&nbsp; life,&nbsp; but&nbsp; also&nbsp; blurs&nbsp; the&nbsp; lines&nbsp; that&nbsp; define&nbsp; the&nbsp; way&nbsp; governments&nbsp; run,&nbsp; business&nbsp; are conducted&nbsp; as&nbsp; well&nbsp; as&nbsp; the&nbsp; way&nbsp; we&nbsp; use&nbsp; and&nbsp; share information. Yet,&nbsp; these new&nbsp; ways&nbsp; of&nbsp; services&nbsp; and&nbsp; interactions, are&nbsp; raising new threats&nbsp; in terms&nbsp; of privacy,&nbsp; integrity,confidentiality&nbsp; and&nbsp; trust.&nbsp; Cyberspace transactions cut across national boundaries, in many cases,without any form of existing trust relationships of any sort. Again, the&nbsp; explosion&nbsp; in&nbsp; mobile&nbsp; computing&nbsp; is&nbsp; extending&nbsp; the influence of&nbsp; social&nbsp; web;&nbsp; the&nbsp; manner in which content&nbsp; is shared and accessed is now defining a symbol of new global status,affecting and merging the realm of personal and&nbsp; business&nbsp; life. Besides&nbsp; the&nbsp; threats&nbsp; from criminal&nbsp; minded&nbsp; people&nbsp; or&nbsp; group,&nbsp; deliberate&nbsp; efforts&nbsp; by&nbsp; states&nbsp; to dominate (or show supremacy) with the potential to halt other states economically, politically or militarily, lies intensified privacy&nbsp; invasion&nbsp; that&nbsp; is&nbsp; unfamiliar to&nbsp; the&nbsp; unsuspecting&nbsp; technology&nbsp; user.This&nbsp; paper explores&nbsp; the different levels&nbsp; at&nbsp; which users&nbsp; of cyberspace&nbsp; are exposed to privacy invasion, the consequences and&nbsp; manner in which some of the risks can be mitigated even as we continue to record steady upswing of mobile computing by cyberspace users.

Download pdf


Obligations of Trust for Privacy and Confidentiality in Distributed Transactions

Author(s): U.M.Mbanaso, G.S. Cooper, David Chadwick, Anne Anderson  |  Published date:  Nov, 2008

<strong>Abstract </strong><strong>Purpose</strong>&ndash; This paper describes a bilateral symmetric approach to authorization, privacy protection and obligation enforcement in distributed transactions. We introduce the concept of the Obligation of Trust (OoT) protocol as a privacy assurance and authorization mechanism that is built upon the XACML standard. The OoT allows two communicating parties to dynamically exchange their privacy and authorization requirements and capabilities, which we term a Notification of Obligation (NoB), as well as their commitments to fulfilling each others requirements, which we term Signed Acceptance of Obligations (SAO). We describe some applicability of these concepts and show how they can be integrated into distributed authorization systems for stricter privacy and confidentiality control.

Download pdf


Privacy Preserving Trust Authorization Framework Using XACML

Author(s): U.M. Mbanaso, G.S. Cooper, D.W.Chadwick and Seth Proctor  |  Published date:  Mar, 2015

<span style="left:81.7px;top:261.729px;font-size:16.2407px;font-family:serif;transform:scaleX(1.09681);"><strong>Abstract</strong></span><span style="left:142.1px;top:258.87px;font-size:19.45px;font-family:serif;transform:scaleX(0.999528);"><strong>:</strong> </span><span style="left:157.5px;top:261.729px;font-size:16.2407px;font-family:serif;transform:scaleX(1.01969);">Nowadays many organisations share sensitive </span><span style="left:81.6999px;top:280.929px;font-size:16.2407px;font-family:serif;transform:scaleX(0.967413);">services through open network systems and this raises the </span><span style="left:81.6999px;top:299.628px;font-size:16.2407px;font-family:serif;transform:scaleX(0.977711);">need for an authorization framework that can interoperate </span><span style="left:81.6999px;top:318.328px;font-size:16.2407px;font-family:serif;transform:scaleX(0.994893);">even when the parties have no pre-existing relationships. </span><span style="left:81.6999px;top:336.928px;font-size:16.2407px;font-family:serif;transform:scaleX(1.03011);">Trust Negotiation is the process used to establish these first </span><span style="left:81.6999px;top:355.529px;font-size:16.2407px;font-family:serif;transform:scaleX(0.984848);">relationships, through the transfer of attributes, embedded </span><span style="left:81.6999px;top:374.228px;font-size:16.2407px;font-family:serif;transform:scaleX(1.00441);">in digital credentials, between the two parties. However, </span><span style="left:81.6999px;top:392.829px;font-size:16.2407px;font-family:serif;transform:scaleX(0.943881);">these attributes may themselves be considered sensitive and </span><span style="left:81.6999px;top:411.429px;font-size:16.2407px;font-family:serif;transform:scaleX(0.98328);">so may need protection from disclosure. In some </span><span style="left:81.6999px;top:430.129px;font-size:16.2407px;font-family:serif;transform:scaleX(1.00738);">environments, the policies that govern the protected services </span><span style="left:81.6999px;top:448.729px;font-size:16.2407px;font-family:serif;transform:scaleX(0.973817);">may also be considered sensitive and their release to </span><span style="left:81.6999px;top:467.428px;font-size:16.2407px;font-family:serif;transform:scaleX(1.03445);">arbitrary strangers may leak confidential business </span><span style="left:81.6999px;top:486.029px;font-size:16.2407px;font-family:serif;transform:scaleX(0.963327);">information. Thus, the electronic services, the policies that </span><span style="left:81.6999px;top:504.629px;font-size:16.2407px;font-family:serif;transform:scaleX(0.968055);">control access to them, and the digital credentials used to </span><span style="left:81.6999px;top:523.329px;font-size:16.2407px;font-family:serif;transform:scaleX(1.00295);">gain access may all be sensitive and require access </span><span style="left:81.6999px;top:542.028px;font-size:16.2407px;font-family:serif;transform:scaleX(1.00308);">protections. This paper describes how to unify the protection </span><span style="left:81.6999px;top:560.528px;font-size:16.2407px;font-family:serif;transform:scaleX(0.975389);">of services, sensitive credentials and policies in a </span><span style="left:81.6999px;top:579.228px;font-size:16.2407px;font-family:serif;transform:scaleX(1.00288);">synchronised trustworthy manner. We propose a trust </span><span style="left:81.6999px;top:597.927px;font-size:16.2407px;font-family:serif;transform:scaleX(1.00231);">authorization framework (TAF) that builds on the </span><span style="left:81.6999px;top:616.427px;font-size:16.2407px;font-family:serif;transform:scaleX(0.935965);">capabilities of XACML to support the bilateral exchange of </span><span style="left:81.6999px;top:635.126px;font-size:16.2407px;font-family:serif;transform:scaleX(0.987627);">policies and credentials through trust negotiation. Our </span><span style="left:81.6999px;top:653.727px;font-size:16.2407px;font-family:serif;transform:scaleX(1.01388);">framework addresses privacy and trust issues, and considers </span><span style="left:81.6999px;top:672.426px;font-size:16.2407px;font-family:serif;transform:scaleX(1.01083);">services, credentials, and authorization policies protected </span><span style="left:81.6999px;top:691.027px;font-size:16.2407px;font-family:serif;transform:scaleX(0.983318);">resources whose access is subject to credential proof and </span><span style="left:81.6999px;top:709.627px;font-size:16.2407px;font-family:serif;transform:scaleX(1.0049);">trust level validation </span>

Download pdf