University of Hertfordshire

By the same authors

Edge Security for SIP-enabled IoT Devices with P4
Research output: Contribution to journal › Article › peer-review
Container and Method: A tamper evident container that uses Destructive Read Memory elements that store more content than they reveal when they are destructively read.
Research output: Patent
A Robust Dirichlet Reputation and Trust Evaluation of Nodes in Mobile Ad Hoc Networks
Research output: Contribution to journal › Article › peer-review
A comparison of methods for traversing regions of non-convexity in optimization problems
Research output: Contribution to journal › Article › peer-review
Reflections on Designing the Academic Dress of the University of Hertfordshire
Research output: Contribution to journal › Article › peer-review

Threat Analysis of Software Agents in Online Banking and Payments

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Tamsanqa Ngalo
Hannan Xiao
Bruce Christianson
Ying Zhang

Centre for Computer Science and Informatics Research

Original language	English
Title of host publication	The 16th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2018)
Publisher	IEEE
Number of pages	8
ISBN (Electronic)	9781538675182
ISBN (Print)	9781538675199
DOIs	https://doi.org/10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00125
Publication status	Published - 29 Oct 2018
Event	The 16th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2018) - Athens, Greece Duration: 12 Aug 2018 → 15 Aug 2018 http://cyber-science.org/2018/dasc/

Conference

Conference	The 16th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2018)
Country/Territory	Greece
City	Athens
Period	12/08/18 → 15/08/18
Internet address	http://cyber-science.org/2018/dasc/

Abstract

Software agents are the delegated subcontractors essential to connect the end-user to the bank and payment providers in a distributed service offering. This paper evaluates the key role that the different software agent types play to facilitate collaboration between clients and banks to perform online transactions. It highlights the threats and imminent risks that these software agents introduce in the chain as well as how these threats affect the trust relationship between principals. The discussed threats and resulting risks suggest vulnerabilities in the current software agent model which are beyond the bank and end user’s control. Both principals, the client and the service provider, are open to potential legal, security, quality of service, confidentiality and privacy compromises which influence the overarching trust relationship. There is resounding literature to illustrate advances that have been made to address the exposed challenges. However, a gap of misfortune remains where the software agent can act on its own accord exposing the contracting principals to internal and externally engineered threats thus tainting the trust relationship between these parties.

ID: 14920490

University of Hertfordshire

By the same authors

Edge Security for SIP-enabled IoT Devices with P4

Container and Method: A tamper evident container that uses Destructive Read Memory elements that store more content than they reveal when they are destructively read.

A Robust Dirichlet Reputation and Trust Evaluation of Nodes in Mobile Ad Hoc Networks

A comparison of methods for traversing regions of non-convexity in optimization problems

Reflections on Designing the Academic Dress of the University of Hertfordshire

Threat Analysis of Software Agents in Online Banking and Payments

Conference

Abstract