Pregled bibliografske jedinice broj: 633555
Security analysis of Croatia’s receipt registration and verification system
Security analysis of Croatia’s receipt registration and verification system // MIPRO 2013 36th International Convention May 20 - 24, 2013 Opatija, Croatia Proceedings / Biljanović, Petar (ur.).
Rijeka: Hrvatska udruga za informacijsku i komunikacijsku tehnologiju, elektroniku i mikroelektroniku - MIPRO, 2013. str. 1381-1385 (predavanje, međunarodna recenzija, cjeloviti rad (in extenso), znanstveni)
CROSBI ID: 633555 Za ispravke kontaktirajte CROSBI podršku putem web obrasca
Naslov
Security analysis of Croatia’s receipt registration and verification system
Autori
Groš, Stjepan
Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni
Izvornik
MIPRO 2013 36th International Convention May 20 - 24, 2013 Opatija, Croatia Proceedings
/ Biljanović, Petar - Rijeka : Hrvatska udruga za informacijsku i komunikacijsku tehnologiju, elektroniku i mikroelektroniku - MIPRO, 2013, 1381-1385
ISBN
978-953-233-074-8
Skup
MIPRO ISS
Mjesto i datum
Opatija, Hrvatska, 20.05.2013. - 24.05.2013
Vrsta sudjelovanja
Predavanje
Vrsta recenzije
Međunarodna recenzija
Ključne riječi
security; xml; threats; finance; analysis
Sažetak
Beginning with 2013. a law in Croatia come into the force that requires owners of restaurants, café bars, and similar types of businesses that work with cash to register every receipt with a Tax Administration servers before issuing it to a customer. For the purpose of implementing the law APIS-IT, a Croatian IT company, developed a protocol based on XML, SOAP, and public key cryptography. They also implemented the server side system. It is a well known fact that developing protocols in general, and security protocols in particular, is a very tricky endeavor in which even the security professionals make mistakes. In this paper a security analysis of the protocol for receipt registration, the components of the system, and implementations is presented. Note that this is only a partial analysis, based on publicly available information, which doesn’t include testings on live systems due to being illegal by the new Criminal law in Croatia. We identified two weaknesses of the current system. But the main problem of the system is the fact that many business owners are now open to different attacks and nothing has been done to remedy that situation. This is actually a broader problem since, with ever increasing number of on line services nothing is done to increase security awareness of people.
Izvorni jezik
Engleski
Znanstvena područja
Računarstvo
POVEZANOST RADA
Projekti:
036-0361994-1995 - Univerzalna posrednička platforma za sustave e-učenja (Glavinić, Vlado, MZO ) ( CroRIS)
Ustanove:
Fakultet elektrotehnike i računarstva, Zagreb
Profili:
Stjepan Groš
(autor)
