To search, Click below search items. |
| All Published Papers Search Service |
|
|
|
Title |
Smart and Secure Point of Sale Framework with Threat Modeling and Formal Verification |
|
Author |
Mona faraj Nasser alwahabi1 and Shaik Shakeel Ahamad2 |
| Citation |
Vol. 24 No. 6 pp. 41-48 |
|
Abstract |
Existing PoS (Point of Sale) based payment frameworks are vulnerable as the Payment Application¡¯s integrity in the smart phone and PoS are compromised, vulnerable to reverse engineering attacks. In addition to these existing PoS (Point of Sale) based payment frameworks do not perform point-to-point encryption and do not ensure communication security. We propose a Smart and Secure PoS (SSPoS) Framework which overcomes these attacks. Our proposed SSPoS framework ensures point-to-point encryption (P2PE), Application hardening and Application wrapping. SSPoS framework overcomes repackaging attacks. SSPoS framework has very less communication and computation cost. SSPoS framework also addresses Heartbleed vulnerability. SSPoS protocol is successfully verified using Burrows?Abadi?Needham (BAN) logic, so it ensures all the security properties. SSPoS is threat modeled and implemented successfully. |
|
Keywords |
Smart and Secure PoS (SSPoS), Smart Point of Sale (SPOS); Burrows?Abadi?Needham (BAN); POS Payment Application (PPA); Point-to-Point encryption (P2PE); Application hardening and Application wrapping |
|
URL |
