Introduction to cryptography: principles and applications
Introduction to cryptography: principles and applications
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Applied Cryptography: Protocols, Algorithms, and Source Code in C
Applied Cryptography: Protocols, Algorithms, and Source Code in C
Design of life cycle management system of logistics information standards and its realization
CIT'09 Proceedings of the 3rd International Conference on Communications and information technology
EE'10 Proceedings of the 5th IASME/WSEAS international conference on Energy & environment
CELICA: a multi-agent communication system for electronic commerce
ECC'10 Proceedings of the 4th conference on European computing conference
ECC'10 Proceedings of the 4th conference on European computing conference
WSEAS Transactions on Information Science and Applications
Hi-index | 0.00 |
In this paper is presented a novel approach for fulfilling the data security criteria in a Student Lifecycle Management System at the University of Prishtina. The four main criteria of data security such as: privacy, authentication, integrity and non-repudiation are fulfilled through carefully selected security policies. Student data privacy is achieved using the Secure Socket Layer protocol for web communication with web server. Each user, being student, academic or administrative staff is provided with unique user name and initial password in the Student Lifecycle Management System. Data integrity and non-repudiation are fulfilled using digital signatures. The novelty of implemented solution is based on extending the subject name in X.509 digital certificates and using this certificate for securing student grades, which is in full compliance with the Kosovo Law on Information Society. Public Key Infrastructure and X.509 digital certificates have been established as the most trustworthy methods for assuring data security criteria in modern software applications. Security policy enforces that digital certificate and its associated private key shall be stored in a smart card. Access to private key stored in a smart card is protected by Personal Identification Number, known only by smart card holder. This implementation was installed at the Faculty of Electrical and Computer Engineering and has successfully passed a six semester testing period and students were, for the first time in the history of the University of Prishtina, able to apply online to take an exam.