Work place: Department of Computer Science, KNUST, Kumasi, +233, Ghana
E-mail: twumf@yahoo.co.uk
Website:
Research Interests: Software Engineering, Computer systems and computational processes, Computer Architecture and Organization, Computer Networks
Biography
Frimpong Twum received his B.Sc. (Hons) degree in Electrical and Electronic Engineering and MSc. Internet and Multimedia Engineering from London South Bank University in 2004, and 2007 respectively. He also received MSc. Degree in Information System from Roehampton University, London in 2011. He completed his PhD in Computer Science from KNUST, Ghana, in 2017 with specialisation in Computer Security. He is a SENIOR LECTURER at the Department of Computer Science, KNUST. Prior to his appointment at KNUST, he worked as a Lecturer and Systems Engineer at Roehampton University in London and also at PC World in UK. He has 25 articles to his credit including: 1. Twum F., Hayfron-Acquah J. B, Panford J.K. A Proposed New Framework for Securing Cloud Data on Multiple Infrastructures using Erasure Coding, Dispersal Technique and Encryption, International Journal of Computer Applications, Vol. 181, No. 50, pp. 38-49, April 2019 and 2. Twum F., Hayfron-Acquah J. B, Morgan-Darko W., A Proposed Enhanced Transposition Cipher Algorithm Based on Rubik’s Cube Transformations, International Journal of Computer Applications, Vol. 182, No. 35, pp 18-26, January 2019. His areas of research interest include: Computer Networks, Computer Security, Cloud Computing, E-Commerce, and Software Engineering.
By Umar Sayibu Frimpong Twum Issah Baako
DOI: https://doi.org/10.5815/ijcnis.2019.11.06, Pub. Date: 8 Nov. 2019
The decision to use either Cloud Computing (CC) applications or Traditional Information Technology Outsourcing (Traditional ITO) environments is a function of the security evaluations of these two options. Hackers are constantly nosing around websites and other computer networks for compromised computers that have some vulnerabilities to exploit them. Vulnerabilities in cloud computing and Traditional ITO environments are leading causes of recent data breaches. These breaches provide opportunities to hackers to attack and gain access to customer information such as credit cards and contact information, passwords, sending of malicious codes to website users or making users computer potential candidates of botnets and to hijack the sessions of authentic users to make unapproved purchases on their behalf. In this paper, security penetration tools have been employed to evaluate the security vulnerabilities of cloud-based solutions and Traditional ITO to discover possible vulnerabilities, their causes and mitigation strategies to securing web applications from the discovered vulnerabilities. Some web applications and a Traditional ITO network were ethically hacked to discover vulnerabilities in them. Analyses of the results obtained through the ZAP scan flagged Remote File Inclusion (RFI) alert were high priority alert. In all, RFI constitutes the most serious potential threat and it needs the fullest attention of CC service providers. Nmap disclosed opened ports in Traditional ITO Virtual Private Network which can make the server of the provider accessible to hackers leading to a considerable disclosure of information to unauthorized users.
[...] Read more.Subscribe to receive issue release notifications and newsletters from MECS Press journals