https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/2688 Tue, 28 Apr 2026 11:52:19 GMT 2026-04-28T11:52:19Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/2693 Title: Policy based Electronic Medical Record System Authors: Ranaweera, D.P.L.K. Abstract: Even before current social network and cloud computing booms, people identified their medical record information as a key private data source has to be protected with proper systems and procedures. At present, vast publicity received on adverse affects on privacy critical data in both social networks and cloud computing, and that always raise concerns on medical record systems too; most of the time medical record systems have more privacy critical information than aforementioned environments. A main reason for incapability of protecting privacy other and general security requirements in applications are as they do not have proper security mechanisms in place which are suited for their application needs. OpenMRS is a well-known medical record system and our work describes a better way of handling access control in it. We describe a case study to evaluate whether better access control can be placed on OpenMRS using XACML. In addition to that, one of the goals of this work is to preserve existing fine-grained access control in the OpenMRS and extend it for the different needs. Prior to this work, OpenMRS is using a Role Based Access Control (RBAC) model to restrict user actions. RBAC gives administrative nightmare in large/dynamic systems with role explosion. Also existing access control mechanism add constraints on extension for different needs. In our implementation, we integrate standard XACML based components in to OpenMRS. Then evaluate our solution with several types of security polices, whether those policy types can be used with new implementation or not. Finally a generalization of our proposed solution presented to reuse it in other domains of enterprise applications. Mon, 23 Jun 2014 00:00:00 GMT https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/2693 2014-06-23T00:00:00Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/2692 Title: Security Model for NFC Enabled Smart Phone Based Identity Cards Authors: Almeida, P.R.D.N.N.A.De. Abstract: Usage of smart phones is rapidly increasing. Near Field Communication (NFC) is a new feature incorporated in smart phones. Introducing an Identity card in a NFC enabled smart phone is a new instance of a NFC based application. This research comprises of a security model for such an application. A concept of binding the information of an identity card, to the user and to the phone is presented. A generic architecture is proposed and a prototype is developed as a feasibility study. Two uses cases are elaborated if the NFC enabled smart phone is used as a National Identity Card. Mon, 23 Jun 2014 00:00:00 GMT https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/2692 2014-06-23T00:00:00Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/2691 Title: Secure Electronic Mobile Cheque Book Authors: Dasanayaka, H.D.G. Abstract: Cheque transaction is one of the highly used money transfer methods in financial world. Even though online money transfer methods are also used in these days, cheque transactions are still popular among many people. But, the existing manual process associates with many issues such as high cost, time consuming, having large impact on environment due to high paper consumption and cheque frauds. In this thesis an attempt is made to explore a way to use the latest mobile technologies to execute day to day cheque transaction securely and efficiently by addressing above issues. Base concept of the proposed M-Cheque system is, facilitating to use digital cheque paper on smart phone of the customer and allow him to transfer it securely to the recipient. Near Field Communication (NFC) technology is used for the communication between issuer’s and receiver’s smart phones. After receiver deposits the cheque, issuer bank, receiver bank and clearing system communicate with each other to process the cheque and finally settle both parties’ accounts by providing a faster service. Security is a main concern for this application and data transferred through this system is secured using cryptographic concepts such as asymmetric key algorithm, symmetric key algorithm and digital signatures. Also, client server communication is secured using Secure Sockets Layer protocol. System was evaluated by comparing it with the current cheque processing system under four categories such as cost, time, environmental impact and security. It was concluded that the system has achieved its goals which are low cost, less time consuming, environmental friendly and higher level of security. Still only less number of people uses smart phones and only few types of smart phones are equipped with NFC are the main limitations of the proposed system. Despite those limitations, there is a wide space for M-Cheque to become successful due to the promising future of NFC in mobile payments, gradually increasing use of smart phones and lots of new mobile device vendors are applying NFC in their new mobile products. Mon, 23 Jun 2014 00:00:00 GMT https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/2691 2014-06-23T00:00:00Z https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/2690 Title: Video Steganography Authors: Munasinghe, N.A.W. Abstract: Hiding messages for various security purposes had become high interesting topic on now days. Encryption provides the ability of data hiding. With the development of the technology, people tend to gure out a method which is not only capable in hiding a message, but also capable in hiding the existence of the message. Steganography was introduces as a result of those research. The current study is conducted in order to hide a video in a visual le. The researcher suggests changing the LSB (Least signi cant Bit) of the each byte of the carrier le. As this method do not add any new data but only change the LSB, this method do not increase the size of the carrier le unusually. Thus, the existence of the message cannot be detected. There are 2 approaches used in the current study. One is to use the OpenCV library and other approach is to use the avi ll32.dll library. The 1st approach contains some issues as after modifying the frames, the functions of OpenCV create some data padding. This causes to result some garbage data. The 2nd approach was tested and performed well. The system was evaluated by check- ing the ability of hiding the existence of the message and the ability of retrieving the message correctly. Results show that the system had addressed to its research objectives perfectly. The limitations for this research is, the library avi ll32.dll can only used for uncompressed avi les. In future, when there will be codec introduced for many video types, this method can be implement for all video types. Mon, 23 Jun 2014 00:00:00 GMT https://dl.ucsc.cmb.ac.lk/jspui/handle/123456789/2690 2014-06-23T00:00:00Z