الربافی بلاد غیرالمسلمة: دراسة فقهیة مقارنة

Islam is not a mere set of worships but it leaves no stone unturned to guide its followers regarding the social conduct be it politico-legal, sociocultural or economic etc to name a few. The interest-based transactions have been categorically rendered impermissible and unlawful by virtue of Quranic injunctions and authentic ahadith. In this article the issue of interest based transactions – Muslim to Muslim, Muslim to non-Muslim and vice versa, a Muslim resident of a non-Muslim state and a Muslim non-resident of a nonMuslim state – has been discussed in detail in the light of Quran, hadith and juristic rulings of the eminent Islamic scholars including the great four imams.

Protection of Client Data Confidentiality and Computation Integrity in Infrastructure As a Service Based Cloud

One of the most critical issue to the wide adoption of cloud-based services is the concern about the client data confidentiality and computation integrity. Research work [Wang et al., 2015][Vasudevan et al., 2016] in the past on cloud platforms security has predominantly focused either on protecting these platforms from malicious cloud clients or on protecting cloud clients from each others unwanted activities. The problem of protecting clients from the possible malicious acts of insiders such as cloud providers is not adequately addressed. In this dissertation, we present a practical approach to protect client data confidentiality and computation integrity from cloud insiders, such as cloud administrator, in an infrastructure-as-a-service (IaaS) based cloud environment. Our approach makes use of remote attestation[Coker et al., 2011], and a late launch based technique, called Flicker[McCune et al., 2008], to verify the integrity of the cloud platform. This technique secures the virtual machine (VM) launch operation and further allows the launched VM to perform operations on sensitive data in full isolation. We have demonstrated through a real-world scenario of how the origin integrity and authenticity of health-care multimedia content processed on the cloud providers platform can be verified using digital watermarking in a secure and isolated execution environment without revealing the watermark details to the cloud administrator. We have also demonstrated using formal verification tool ProVerif that cryptographic operations and protocol communication cannot be compromised using a realistic attacker model. Performance analysis of our implementation demonstrates that it adds negligible overhead. In this dissertation, we have also presented a framework to rank cloud platform nodes according to the security guarantees they provide. Platform ranking helps to meet the needs of organizations with different security requirements. The framework introduces averification is indirectly perform Trusted Party (TP) for the verification of security properties of a cloud platform to the clients. The given framework is also thin client friendly as platform attestation and verification is indirectly performed through TP without the direct involvement of clients. Performance analysis shows that the cost of our presented approach is lower in order of magnitude when compared with traditional trusted computing based solutions.