Risk assessment of Malaysian e-Passport PKI based on ISO 27000 series International Standards / Mohd Faizul Ya'kub
Malaysia was the 1st country in the world to issue biometric passports (e-Passport) in 1998. Recent years, a number of vulnerabilities in e-Passport have been identified in the first and second generation of e-Passports. These vulnerabilities can lead to security issues such as cloning, spoofing, sk...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2018
|
| Subjects: | |
| Online Access: | https://ir.uitm.edu.my/id/eprint/87392/1/87392.pdf https://ir.uitm.edu.my/id/eprint/87392/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.uitm.ir.87392 |
|---|---|
| record_format |
eprints |
| spelling |
my.uitm.ir.873922024-01-15T01:10:04Z https://ir.uitm.edu.my/id/eprint/87392/ Risk assessment of Malaysian e-Passport PKI based on ISO 27000 series International Standards / Mohd Faizul Ya'kub Ya'kub, Mohd Faizul Customs administration Information technology. Information systems Malaysia was the 1st country in the world to issue biometric passports (e-Passport) in 1998. Recent years, a number of vulnerabilities in e-Passport have been identified in the first and second generation of e-Passports. These vulnerabilities can lead to security issues such as cloning, spoofing, skimming, eavesdropping and identity theft crimes. Countries in European Union (EU) had taken steps to rectify the issues and enhance their e-Passport security features. However, there is lack of case studies conducted to review the Malaysian e-Passport security risk assessment according to International Standards. The objectives of this study are to identify the security risk in Malaysian e-Passport PKI and to recommend the feasible solution for future enhancement. A qualitative method was used in this study where a set of interview questions prepared and interviews been conducted to four participants. The data been analysed using Thematic Analysis and presented based on risk assessment methodology in ISO 27000 series International Standards. The risk assessment consists of two approaches; risk analysis and risk evaluation. The risk analysis identified resource identification and valuation, risk identification and risk measurement of Malaysian e-Passport PKI. While in risk evaluation, it focuses on risk mitigation and prioritizing protection activities for future enhancement. The results reveal that the Cloning, Man in the Middle, Spoofing and server related issues are the risk of Malaysian e-Passport. For recommendation, the result is to implement Password Authenticated Connection Establishment (PACE) and follow ICAO standards. The significance of this research will help policy-makers to make decision on the future direction of Malaysian e-Passport and ensure Malaysian citizens having secured e-Passport technologies for travelling overseas. 2018 Thesis NonPeerReviewed text en https://ir.uitm.edu.my/id/eprint/87392/1/87392.pdf Risk assessment of Malaysian e-Passport PKI based on ISO 27000 series International Standards / Mohd Faizul Ya'kub. (2018) Masters thesis, thesis, Universiti Teknologi MARA (UiTM). |
| institution |
Universiti Teknologi Mara |
| building |
Tun Abdul Razak Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Mara |
| content_source |
UiTM Institutional Repository |
| url_provider |
http://ir.uitm.edu.my/ |
| language |
English |
| topic |
Customs administration Information technology. Information systems |
| spellingShingle |
Customs administration Information technology. Information systems Ya'kub, Mohd Faizul Risk assessment of Malaysian e-Passport PKI based on ISO 27000 series International Standards / Mohd Faizul Ya'kub |
| description |
Malaysia was the 1st country in the world to issue biometric passports (e-Passport) in 1998. Recent years, a number of vulnerabilities in e-Passport have been identified in the first and second generation of e-Passports. These vulnerabilities can lead to security issues such as cloning, spoofing, skimming, eavesdropping and identity theft crimes. Countries in European Union (EU) had taken steps to rectify the issues and enhance their e-Passport security features. However, there is lack of case studies conducted to review the Malaysian e-Passport security risk assessment according to International Standards. The objectives of this study are to identify the security risk in Malaysian e-Passport PKI and to recommend the feasible solution for future enhancement. A qualitative method was used in this study where a set of interview questions prepared and interviews been conducted to four participants. The data been analysed using Thematic Analysis and presented based on risk assessment methodology in ISO 27000 series International Standards. The risk assessment consists of two approaches; risk analysis and risk evaluation. The risk analysis identified resource identification and valuation, risk identification and risk measurement of Malaysian e-Passport PKI. While in risk evaluation, it focuses on risk mitigation and prioritizing protection activities for future enhancement. The results reveal that the Cloning, Man in the Middle, Spoofing and server related issues are the risk of Malaysian e-Passport. For recommendation, the result is to implement Password Authenticated Connection Establishment (PACE) and follow ICAO standards. The significance of this research will help policy-makers to make decision on the future direction of Malaysian e-Passport and ensure Malaysian citizens having secured e-Passport technologies for travelling overseas. |
| format |
Thesis |
| author |
Ya'kub, Mohd Faizul |
| author_facet |
Ya'kub, Mohd Faizul |
| author_sort |
Ya'kub, Mohd Faizul |
| title |
Risk assessment of Malaysian e-Passport PKI based on ISO 27000 series International Standards / Mohd Faizul Ya'kub |
| title_short |
Risk assessment of Malaysian e-Passport PKI based on ISO 27000 series International Standards / Mohd Faizul Ya'kub |
| title_full |
Risk assessment of Malaysian e-Passport PKI based on ISO 27000 series International Standards / Mohd Faizul Ya'kub |
| title_fullStr |
Risk assessment of Malaysian e-Passport PKI based on ISO 27000 series International Standards / Mohd Faizul Ya'kub |
| title_full_unstemmed |
Risk assessment of Malaysian e-Passport PKI based on ISO 27000 series International Standards / Mohd Faizul Ya'kub |
| title_sort |
risk assessment of malaysian e-passport pki based on iso 27000 series international standards / mohd faizul ya'kub |
| publishDate |
2018 |
| url |
https://ir.uitm.edu.my/id/eprint/87392/1/87392.pdf https://ir.uitm.edu.my/id/eprint/87392/ |
| _version_ |
1789429232369139712 |
| score |
13.211869 |