Ailiving i-personal financial organizer (I-PFO) a cyber security framework for I-PFO

Thumbnail Image
Date
2010-06
Authors
Ng, Annie Ai Bee
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
This dissertation is a business plan by AiLiving to market 1-PFO (!-Personal Financial Organizer); an integrated web application for personalized online banking, allows users to manage multiple financial commitments in a single website. 1-PFO also provides due dates tracking and reminders, and ease of use through the web's intuitive organization and personalization design. The main challenge of such system is security. Therefore, the purpose of this dissertation is to identify common web security threats and explore web security solutions. The title of this dissertation is called "A Cyber Security Framework for 1-PFO". Current on-line banking system requires users to log in to several websites to check amounts due before they can remit transactions. Paying multiples bills/loans in a single login would provide greater convenience and efficiency of time. An integrated system that provides conveniences to users will come with a risk to security. This dissertation identifies potential types of cyber threats and points of attacks, challenges in designing a secure integrated web based application for 1-PFO, and finally a comprehensive proposal of a cyber security framework for 1-PFO. The methodology that is adopted is "Reasoning in the Design Process" where the research goes through 5 primary phases: awareness, suggestion, development, evaluation, and conclusion. It is important to identify the vulnerable points of a system where attacks commonly occur to reinforce security system in e-commerce. With this knowledge, a threat model is utilized as a base in the development of security framework. Finally, a multi-tier cyber security framework for 1-PFO is recommended: - SOAP-DSIG and SSL for data extraction, 3-factor-authentication, site authentication with SSL certificate, fraud detection service, server firewall, and user education. AiLiving XIV plans to co-partner with CIMB for the first phase, and leverage against CIMB to collaborate with other services and utilities companies. The specific marketing program that will be adopted by AiLiving is co-bundle, and I-PFO account will be provided free to end-users. A total of 93% of the revenue streams will come from copartnership, co-bundle, e-commerce transaction, and online advertisement.
Description
Keywords
i-Personal Financial , Cyber Security
Citation
URI
http://hdl.handle.net/123456789/748
Collections
Pusat Pengajian Sains Komputer - Tesis