Refine your search
Collections
Co-Authors
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All
Saha, Amal
- Review of Considerations for Mobile Device Based Secure Access to Financial Services and Risk Handling Strategy for CIOs, CISOs and CTOs
Abstract Views :142 |
PDF Views:2
Authors
Amal Saha
1,
Sugata Sanyal
2
Affiliations
1 Tata Institute of Fundamental Research (TIFR), Mumbai, IN
2 Corporate Technology Office, Tata Consultancy Services, Mumbai, IN
1 Tata Institute of Fundamental Research (TIFR), Mumbai, IN
2 Corporate Technology Office, Tata Consultancy Services, Mumbai, IN
Source
International Journal of Advanced Networking and Applications, Vol 6, No 4 (2015), Pagination: 2427-2434Abstract
The information technology and security stakeholders like CIOs, CISOs and CTOs in financial services organization are often asked to identify the risks with mobile computing channel for financial services that they support. They are also asked to come up with approaches for handling risks, define risk acceptance level and mitigate them. This requires them to articulate strategy for supporting a huge variety of mobile devices from various vendors with different operating systems and hardware platforms and at the same time stay within the accepted risk level. These articulations should be captured in information security policy document or other suitable document of financial services organization like banks, payment service provider, etc. While risks and mitigation approaches are available from multiple sources, the senior stakeholders may find it challenging to articulate the issues in a comprehensive manner for sharing with business owners and other technology stakeholders. This paper reviews the current research that addresses the issues mentioned above and articulates a strategy that the senior stakeholders may use in their organization. It is assumed that this type of comprehensive strategy guide for senior stakeholders is not readily available and CIOs, CISOs and CTOs would find this paper to be very useful.Keywords
Root-Of-Trust, Device Fingerprinting, Web Application Firewall, Application Ipds, Information Security Policy Document, Secure Mobile Computing, Virtualization, Sandboxing.- Application Layer Intrusion Detection with Combination of Explicit-rule-based and Machine Learning Algorithms and Deployment in Cyber-Defence Program
Abstract Views :121 |
PDF Views:0
Authors
Amal Saha
1,
Sugata Sanyal
2
Affiliations
1 Tata Institute of Fundamental Research (TIFR), Mumbai, IN
2 Tata Consultancy Services (TCS), Mumbai, IN
1 Tata Institute of Fundamental Research (TIFR), Mumbai, IN
2 Tata Consultancy Services (TCS), Mumbai, IN
Source
International Journal of Advanced Networking and Applications, Vol 6, No 2 (2014), Pagination: 2202-2208Abstract
There have been numerous works on network intrusion detection and prevention systems, but work on application layer intrusion detection and prevention is rare and not very mature. Intrusion detection and prevention at both network and application layers are important for cyber-security and enterprise system security. Since application layer intrusion is increasing day by day, it is imperative to give adequate attention to it and use state-of-the-art algorithms for effective detection and prevention. This paper talks about current state of application layer intrusion detection and prevention capabilities in commercial and open-source space and provides a path for evolution to more mature state that will address not only enterprise system security, but also national cyber-defence. Scalability and cost-effectiveness were important factors which shaped the proposed solution.Keywords
OWASP, Application Layer Intrusion Detection and Prevention, Cyber-Security, Machine Learning.- Analysis of Applicability of ISO 9564 Pin Based Authentication to Closed-Loop Mobile Payment Systems
Abstract Views :111 |
PDF Views:5
Authors
Amal Saha
1,
Sugata Sanyal
2
Affiliations
1 Tata Institute of Fundamental Research (TIFR), Mumbai, IN
2 Tata Consultancy Services (TCS), Mumbai, IN
1 Tata Institute of Fundamental Research (TIFR), Mumbai, IN
2 Tata Consultancy Services (TCS), Mumbai, IN