Papers by Manmohan Chaturvedi
2021 IEEE International Conference on Engineering, Technology & Education (TALE)
Use of online transactions through web based ap-plications has resulted in many vulnerabilities t... more Use of online transactions through web based ap-plications has resulted in many vulnerabilities that have been systemically analysed by Open Web Application Security Project (OWASP). We attempt to raise awareness of newly inducted web application developers through gamification of the relevant content pertaining to four of the top 10 vulnerabilities namely; SQL Injection, Cross-site Scripting (XSS), Broken Authentication and Sensitive Data Exposure. The mechanics of these games is also analysed using Learning Mechanics - Game Mechanics (LM-GM) framework to validate a balance of pedagogy and game play elements. These web playable games using Unity as game engine capture the player data from Unity analytics in a database for potential analysis of learning outcome.
2021 IEEE International Conference on Engineering, Technology & Education (TALE)
Use of online transactions through web based ap-plications has resulted in many vulnerabilities t... more Use of online transactions through web based ap-plications has resulted in many vulnerabilities that have been systemically analysed by Open Web Application Security Project (OWASP). We attempt to raise awareness of newly inducted web application developers through gamification of the relevant content pertaining to four of the top 10 vulnerabilities namely; SQL Injection, Cross-site Scripting (XSS), Broken Authentication and Sensitive Data Exposure. The mechanics of these games is also analysed using Learning Mechanics - Game Mechanics (LM-GM) framework to validate a balance of pedagogy and game play elements. These web playable games using Unity as game engine capture the player data from Unity analytics in a database for potential analysis of learning outcome.
india’s information policy has its roots into aftermath of the two early wars india fought after ... more india’s information policy has its roots into aftermath of the two early wars india fought after gaining independence from the British rule in 1947; one with Pakistan immediately after independence and the other one with China in 1962. today we see massive efforts on laying telecommunications networks, back-end computerisation, converging technologies, developing sound monitoring systems and heavy emphasis on e-governance. Figure 1 depicts very succinctly the decade-wise evolution of e-governance systems in india. it describes the indian experience of technology in the government in two phases. in the first phase (late 1960s to 1980’s), it was used for in-house government applications with principal focus on Central Government requirements in defence, research, economic and monetary planning and certain data intensive functions related to elections, census and tax administration. this phase (‘Pre-internet era’) saw only computerisation of basic processes for government offices, with...
An international cooperation approach to trust management that considers cultural differences app... more An international cooperation approach to trust management that considers cultural differences appears necessary if we would like to design multi-cultural trust models that can be understood and used by different cultures. The cultivation of trust is critical for the success of both the Internet economy and m-commerce. In this context, consumer trust is generally defined in a uniform manner, as if all participants behave in the same way. Current research indicates that culture has a major effect on the formation of consumer trust and the risks that consumers are willing to take. To ensure the successful uptake of m-commerce in emerging economies such as Brazil, India and South Africa, it is imperative to investigate culturally adapted trust requirements, properties and models. Countries in the EU, consisting of many different cultures, can also significantly benefit from this research. To this end, the BIC project has brought together researchers from different countries and cultures...
The article summarizes a presentation written for a panel session entitled "Multi-stakeholde... more The article summarizes a presentation written for a panel session entitled "Multi-stakeholderism: Avoiding the PRISM Paradigm", held during the CyFy 2013 conference during 14-15th October, 2013, organised by ORF and FICCI. The session was focusing on the impact of the Tunis Agenda 2005 thus far, in particular, towards Cybersecurity. The session purpose was to examine the levels of disenfranchisement of the private citizens and discover ways to mitigate and improve the current situation by agreeing a language, platform, modalities and format of multi-stakeholder dialogues as a way of effectively moving forward in the communication models between citizens and State.
International Journal of Computer Applications, 2013
Mobile cloud computing is computing of Mobile application through cloud. As we know market of mob... more Mobile cloud computing is computing of Mobile application through cloud. As we know market of mobile phones is growing rapidly. According to IDC, the premier global market intelligence firm, the worldwide Smartphone market grew 42.5% year over year in the first quarter of 2012.With the growing demand of Smartphone the demand for fast computation is also growing. Inspite of comparatively more processing power and storage capability of Smartphone's, they still lag behind Personal Computers in meeting processing and storage demands of high end applications like speech recognition, security software, gaming, health services etc. Mobile cloud computing is an answer to intensive processing and storage demand of real-time and high end applications. Being in nascent stage, Mobile Cloud Computing has privacy and security issues which deter the users from adopting this technology. This review paper throws light on privacy and security issues of Mobile Cloud Computing.
An international cooperation approach to trust management that considers cultural differences app... more An international cooperation approach to trust management that considers cultural differences appears necessary if we would like to design multi-cultural trust models that can be understood and used by different cultures. The cultivation of trust is critical for the success of both the Internet economy and m-commerce. In this context, consumer trust is generally defined in a uniform manner, as if all participants behave in the same way. Current research indicates that culture has a major effect on the formation of consumer trust and the risks that consumers are willing to take. To ensure the successful uptake of m-commerce in emerging economies such as Brazil, India and South Africa, it is imperative to investigate culturally adapted trust requirements, properties and models. Countries in the EU, consisting of many different cultures, can also significantly benefit from this research. To this end, the BIC project has brought together researchers from different countries and cultures to collaborate on topics related to culture and trust. The common denominators and differences found amongst cultures can provide deep insights than can be applied to the design of useful security and privacy applications. This paper reports on the project development, provides some of the research perspectives of participants, and invites collaboration from interested parties for future collaborations. A combination of bilateral and multilateral approach may emerge as we traverse the research path.
International Journal of Serious Games
Use of serious games to teach concepts of various important topics including Cybersecurity is gro... more Use of serious games to teach concepts of various important topics including Cybersecurity is growing. A figure of merit for the serious games could be learning outcome and user experience(UX). With enhanced learning outcome and user experience, the player is likely to favourably rate a game. The organisation supporting such games would also benefit from such efficient training process.We report an empirical comparison of two cybersecurity games namely ; Use of Firewalls for network protection and concepts of Structured Query Language (SQL) injections to get unauthorised access to online databases. We have designed these games in two versions. The version without using adaptive features provide a baseline to compare efficacy of the machine learning based adaptive game while comparing the learning outcomes and user experience (UX). The efficacy of the Machine Learning (ML) agent in providing the adaptability to the game play is based on classification of player to two categories viz....
Transforming Government: People, Process and Policy, 2014
Purpose – The purpose of this paper is to attempt to fill the need to identify critical informati... more Purpose – The purpose of this paper is to attempt to fill the need to identify critical information security issues at national level, both technical and social in the Indian context, and create a framework of these issues to provide interesting managerial insights about their hierarchy. Current literature advocates relevance of both technical and social issues in a potential framework to address national and organizational information security concerns. Such a framework can guide users in developing insight for strategy in the maize of important information security issues and their intricate interdependency. Design/methodology/approach – Delphi methodology is used to identify a set of topical issues with help from members of a cyber security group. These issues are further analyzed using Interpretive Structural Modeling (ISM) to impose order and direction to the complex relationships among them. Findings – The analysis using ISM creates a framework of these issues and provides int...
Industrial and Systems Engineering Series, 2014
The Indian government, like governments elsewhere in the world, has chosen mobile device as prefe... more The Indian government, like governments elsewhere in the world, has chosen mobile device as preferred platform to engage with citizens while offering various e-Governance services. Likewise there is huge market for mobile based e-Commerce applications across the globe. However uptake of these services is challenged by the security and privacy concerns of the end user. The limited processing power and memory of a mobile device dependent on inherently unreliable wireless channel for communication and battery for power leaves little scope for a reliable security layer. Thus there is a need for a lightweight secure framework that provides security with minimum communication and processing overhead on mobile devices. The security and privacy protection services can be achieved with the help of secure mobile-cloud application services. Taking support from a proximate cloud a security service could be devised for a mobile device which works as an interface and adaptively provides optimum s...
International Journal of Information Management Data Insights
Abstract Blockchain technology is increasingly finding traction in diverse areas such as finance,... more Abstract Blockchain technology is increasingly finding traction in diverse areas such as finance, supply-chain management, and cloud services because of its ability to provide robust cybersecurity inherent in its system of having decentralized data storage. The rising complexity in the architecture of popular blockchain platforms create barriers to correct adoption of the technology. It becomes imperative that pedagogical tools are inducted in the blockchain ecosystem to address this perceived or real impediments for the uptake of the technology. We propose one of the first such pedagogical tool for training in blockchain using an adversarial sandbox adaptive serious game approach for students and technology professionals. We further propose use of AI to enhance NPC interactivity based on player’s responses. We plan to evaluate this serious game on a subjective metrics that is based on a game experience questionnaire.
International Journal of Computer Applications, 2013
The adoption of mobile application is increasing at enormous rate due to their improved functiona... more The adoption of mobile application is increasing at enormous rate due to their improved functionality and features. Increased storage and computing power has augmented its utility. However, these mobile applications are still intrinsically limited by a relative lack of bandwidth, computing power, storage and energy compared to desktops. To overcome these limitations, the concept of Mobile Cloud Computing (MCC) providing abundant computing power and sufficient storage space besides large infrastructure has evolved. Cloud computing has its impact on all the stages of Software life cycle, including testing of mobile devices. In this paper we have reviewed Testing as a Service (TaaS) provided by Cloud computing. Testing of mobile application is more complex and time consuming as compared to traditional desktop applications. This paper reviews some published results in two major research fields ie cloud computing and TaaS and discusses architecture of cloud computing and TaaS in terms of necessity, features, emerging trends, benefits and gaps while focussing on security and privacy issues for mobile application. When we run our applications on the cloud, we are sharing our critical data with cloud and, therefore, security and privacy of data is a very serious issue to be considered.
International Journal of Computer Applications, 2013
India is progressively moving ahead in the field of Information technology. The concept of e-comm... more India is progressively moving ahead in the field of Information technology. The concept of e-commerce is already in place whereas e-governance is also on the same track. Similarly other sectors like health, judiciaries etc. are following the path. With the advent of information technology, malevolent people now have another option to cause damage to people by doing cyber attacks rather than physical damage, wherein the impact of cyber damage is equally devastating. As people are launching themselves into the e-world completely, the Cloud as a service is now shaping up the future. Since the cloud services are available through internet, it is the need of hour to prevent cyber attacks and at the same time trace the ill-willed persons for the sake of securing business, personal information and nation. Data Mining techniques and algorithms contribute tremendously to this task of assuring security of information on the cloud. In this paper, review of various data mining techniques and algorithms is presented which can help achieve security of information on cloud.
Transforming Government: People, Process and Policy, 2014
Purpose – The purpose of this paper is to attempt to fill the need to identify critical informati... more Purpose – The purpose of this paper is to attempt to fill the need to identify critical information security issues at national level, both technical and social in the Indian context, and create a framework of these issues to provide interesting managerial insights about their hierarchy. Current literature advocates relevance of both technical and social issues in a potential framework to address national and organizational information security concerns. Such a framework can guide users in developing insight for strategy in the maize of important information security issues and their intricate interdependency. Design/methodology/approach – Delphi methodology is used to identify a set of topical issues with help from members of a cyber security group. These issues are further analyzed using Interpretive Structural Modeling (ISM) to impose order and direction to the complex relationships among them. Findings – The analysis using ISM creates a framework of these issues and provides int...
2014 IEEE Conference on Norbert Wiener in the 21st Century (21CW), 2014
Need for cyber security infrastructure to protect the evolving ICT infrastructure in modern infor... more Need for cyber security infrastructure to protect the evolving ICT infrastructure in modern information society does not need any emphasis. ICT infrastructure is the thread through which all critical national infrastructures are woven together. Existence of a trustworthy cyber security infrastructure is a precondition for all E-governance and E-commerce initiatives being taken world over. Attempt is being made in this paper to present a snapshot of this infrastructure, likely trends and imperatives that emerge from this study in Indian context.
Uploads
Papers by Manmohan Chaturvedi