ebook img

Satellite Tracking Microwave Phased Array Antenna. PDF

100 Pages·2017·2.04 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Satellite Tracking Microwave Phased Array Antenna.

Addis Ababa University Addis Ababa Institute of Technology School of Electrical and Computer Engineering Secured and Usable Framework Design for Mobile Financial Service by asrar mohammed : A Thesis submitted to School of Electrical and Computer Engineering In Partial Fulfillment of the Requirements for the Degree of Master of Science in Telecommunication Engineering Addis Ababa, Ethiopia 2018 November, Declaration I, the undersigned, declare that the thesis comprises my own work in compliance with internationally accepted practices; I have fully acknowledged and referred all materials used in this thesis work. Asrar Mohammed Signature Name Addis Ababa University Addis Ababa Institute of Technology School of Electrical and Computer Engineering Telecommunication Engineering Graduate Program This is to certify that the thesis prepared by Asrar Mohammed, entitled Secured and Usable Framework Design for Mobile Financial Service and submitted in partial fulfill- ment of the requirements for the degree of Master of Science in Telecommunication Engineering (Telecommunication Information Systems Track) complies with the regu- lations of the University and meets the accepted standards with respect to originality and quality. Signed by the Examining Committee: Dr. Yalemzewd Negash Chair of School Dean Signature Date Dr. Murad Ridwan Advisor Signature Date Dr. Yalemzewd Negash Examiner Signature Date Dr. Surafel Lemma Examiner Signature Date Director of Post Graduate Signature Date Program ABSTRACT All systems do not require security at the same level. Sensitive information such as financial transactions require higher level of security in terms of confidential- ity, integrity and availability. Mobile Financial Service (MFS) is making financial transaction using mobile devices. Due to the inherent nature of MFS using wire- less technology, it makes the service susceptible to different attacks. Currently, in Ethiopia mobile financial service is mostly being provided using Unstructured Supplementary Service Data (USSD) technology. This study first identified many vulnerabilities and possible attacks that can be made on the current scheme by reviewing existing literatures. On top of this, analysis of existing MFS technolo- gies has been made. Accordingly, Subscriber Identification Module (SIM) based approach is suggested since it is more applicable for the case of Ethiopia. The newly designed framework is found to be better than the original model in terms of security (confidentiality and integrity). The study further investigated usability 37 of the existing and newly proposed models’ user interface with a sample of experts from ethio telecom and Commercial Bank of Ethiopia. Results from the experiment indicate that the current scheme took statistically significant time to completeagiventaskthantheproposedmodel.Thecurrentmodelispreferredby participants on some of usability parameters such as learnability, satisfaction and 946 ease of use. Overall, . % of the experts involved on the experiment preferred the proposed model due to its security (better authentication using One Time PIN (OTP) code). KEYWORDS Usability and Security, USSD, Mobile Banking Security, Secured Framework, Mo- bile Financial Service ACKNOWLEDGMENTS First of all, I would like to say “Al-hamdu lillahi rabbil ’alamin” (All the praises and thanks be to Allâh, the Lord of the Universe) for everything. Second, I would like to thank my advisor, Dr. Murad Ridwan, for his supervision, guidance, and valuable feedback throughout this thesis work. I also would like thank all my colleagues from ethio telecom information system department, IT expert from Commercial bank of Ethiopia especially Mr. Mesfin Belay and Mobile and Internet Banking Manager Mintesinot Siyum, who provide me valuable information and participated in doing the usability experiment. My special thanks goes to my entire family for their patience during the research work and encouraging me through moral support. Specially I would like to thank my respected wife Zebiba Hussien and my lovely daughters Tesnim Asrar and Sidra Asrar. The last but not the least, I would like to thank my company ethio telecom for giving me this opportunity and every support provided during my stay at the University. CONTENTS 1 introduction 1 11 2 . Statement of the Problem . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3 . Objective . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 3 . . General Objective . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 3 . . Specific Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 3 . Scope and Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 3 . . Scope of the Study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 4 . . Limitation of the Study . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 4 . Contributions of the research . . . . . . . . . . . . . . . . . . . . . . . . . 15 5 . Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 5 . . Literature Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 5 . . Data collection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 5 . . Experiment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154 7 . . Tools and Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 7 . Thesis Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 literature review 9 21 9 . Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 9 . Mobile Financial Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 10 . Overview of GSM Network . . . . . . . . . . . . . . . . . . . . . . . . . . 24 12 . Technologies for Mobile Financial Service . . . . . . . . . . . . . . . . . 241 13 . . Short Messaging Service . . . . . . . . . . . . . . . . . . . . . . . . . . . 242 13 . . Interactive Voice Response . . . . . . . . . . . . . . . . . . . . . . . . . . 243 14 . . Wireless Application Protocol . . . . . . . . . . . . . . . . . . . . . . . . 244 14 . . Mobile Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245 15 . . SIM Based Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . 246 16 . . Unstructured Supplementary Service Data . . . . . . . . . . . . . . . . 25 17 . Comparison of MFS Technology Options . . . . . . . . . . . . . . . . . . contents vii 251 17 . . Cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252 17 . . Phone Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 18 . . Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254 18 . . Usability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255 18 . . MNO Dependency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 19 . Mobile Financial Service in Ethiopia . . . . . . . . . . . . . . . . . . . . . 261 20 . . MFS Technology Option for Ethiopia . . . . . . . . . . . . . . . . . . . 27 22 . Theoretical Backgrounds on Security and Usability . . . . . . . . . . . . 271 22 . . Security Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272 24 . . Security Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273 25 . . Security Mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274 30 . . Definition of Usability . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275 30 . . Elements of Usability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 31 . Security Vulnerability in USSD . . . . . . . . . . . . . . . . . . . . . . . . 29 36 . Security in MFS Transaction . . . . . . . . . . . . . . . . . . . . . . . . . . 210 37 . Guidelines in Security and Usability Design . . . . . . . . . . . . . . . . 2101 37 . . Design for Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2102 40 . . Design for Usability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 related works 42 31 42 . Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 43 . Usability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 44 . Methodology and Approach . . . . . . . . . . . . . . . . . . . . . . . . . . 4 design and prototype implementation 46 41 46 . Proposed Framework for Mobile Financial Service . . . . . . . . . . . . . 411 47 . . Components of Proposed Framework . . . . . . . . . . . . . . . . . . . 412 48 . . Proposed Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413 48 . . Core Functions in the Proposed Framework . . . . . . . . . . . . . . . 42 51 . Prototype Design and Implementation . . . . . . . . . . . . . . . . . . . . 421 51 . . User Interface Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 52 . Comparison of Existing and Proposed Model . . . . . . . . . . . . . . . . 431 53 . . Comparison Based on Security . . . . . . . . . . . . . . . . . . . . . . . contents viii 432 54 . . Comparison Based on Usability . . . . . . . . . . . . . . . . . . . . . . . 5 result discussion and analysis 56 , 51 56 . Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511 56 . . Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512 60 . . Usability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 63 . Security Analysis of Proposed Model . . . . . . . . . . . . . . . . . . . . 521 63 . . Confidentiality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522 64 . . Integrity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 523 64 . . Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524 64 . . Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525 65 . . Non-repudiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 conclusion and future work 66 61 66 . Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 67 . Future Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . bibliography 69 a appendix test 74 a1 74 . Server Side Java Code to Simulate MFS Gateway . . . . . . . . . . . . . . a2 80 . Client Side Code Using Wireless Markup Language . . . . . . . . . . . a3 83 . User Interface Flow USSD and SIM based Approach . . . . . . . . . . . a4 83 . Questionnaire . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . a5 85 . Statistics Result Detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . a6 85 . USSD Simulator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . LIST OF FIGURES 21 10 Figure . GSM system architecture . . . . . . . . . . . . . . . . . . . . . 22 20 Figure . Current architecture of mobile financial service using USSD 23 21 Figure . Mobile device share in ethio telecom network . . . . . . . . . 24 24 Figure . Taxonomy of attacks with relation to security goals . . . . . 25 27 Figure . The general idea of symmetric-key cryptography . . . . . . . 26 28 Figure . The general idea behind asymmetric-key cryptography . . . 27 32 Figure . Security Vulnerability in USSD based MFS . . . . . . . . . . 28 5 34 Figure . GSM A encryption . . . . . . . . . . . . . . . . . . . . . . . . 29 35 Figure . Fake Base Station . . . . . . . . . . . . . . . . . . . . . . . . . 41 46 Figure . Components of proposed framework . . . . . . . . . . . . . . 42 48 Figure . General architecture of the proposed framework . . . . . . . 43 50 Figure . PIN postion and One Time PIN code . . . . . . . . . . . . . . 44 51 Figure . High level data transaction flow . . . . . . . . . . . . . . . . . 45 52 Figure . User interface designed for experiment . . . . . . . . . . . . . 46 55 Figure . UI input method SIM and USSD based design . . . . . . . . 51 57 Figure . Server ouput showing prototype test result . . . . . . . . . . 52 58 Figure . Packet sniffer output during USSD based communication . . 53 58 Figure . Packet sniffer output during SIM based communication . . . 54 59 Figure . Proposed model message integrity verification . . . . . . . . 55 Figure . Total mean time taken to complete a given task USSD vs 62 SIM based UI . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 62 Figure . Mean authentication time USSD vs SIM based UI . . . . . . 1 83 Figure A. USSD UI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 84 Figure A. SIM UI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 86 Figure A. Within-Subjects Effects of Mean Total Time taken . . . . . . . 4 87 Figure A. USSD simuluation initial request . . . . . . . . . . . . . . . . 5 88 Figure A. USSD simulation PIN input . . . . . . . . . . . . . . . . . . . list of tables x LIST OF TABLES 21 19 Table . Summary of comparison of MFS technology options . . . . . 51 57 Table . Comparison of current (USSD Based) and proposed model . 52 5 Table . Mean value of Users’ perception in relation to security ( 60 point Likert scale) . . . . . . . . . . . . . . . . . . . . . . . . . 53 Table . Mean total time taken (sec) to complete using USSD and UI 61 with simple and complex PIN . . . . . . . . . . . . . . . . . . 54 5 Table . Comparison of USSD UI and SIM UI (mean value in point 61 likert scale) on usability elements . . . . . . . . . . . . . . . .

Description:
SCHOOL OF ELECTRICAL AND COMPUTER ENGINEERING. Satellite Tracking Microwave Phased. Array Antenna. By. Eyob Habte. Advisor This thesis investigates both adaptive phased array antenna within microwave frequency spectrum .. 3.10.1.5 Signal to interference plus noise Ratio (SINR) .
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.