How to write a concept essay: October 2019

Tuesday, October 29, 2019

Paraphrase Coursework Example | Topics and Well Written Essays - 250 words

Paraphrase - Coursework Example Comment. The word internet starts with capital Ã¢â‚¬Å"IÃ¢â‚¬ , in addition it is not grammatically correct to say Ã¢â‚¬Å"internet has assured peopleÃ¢â‚¬ . This is because internet is not a living thing. The APA in text citation is correct. Response. People, who actually believe that the Internet can really take them anywhere, are actually just deceiving themselves. As the maximum the internet can take someone is only within the virtual world, instead of the real world. Consequently, people are growing apart from one another due to the Internet which has deceived them. This is a great job. I like your response; this is because some people waste so much time on the internet without doing any meaningful work. Your APA in text citation is also great. However, your paraphrase seems not to relate to the authorÃ¢â‚¬â„¢s idea. This is because the author wanted to show that internet exposes people to a lot of opportunities. However, not everyone ends up making a good living from the internet. The grammar is good. There is a logical flow of ideas. There is subject- predicate agreement and proper linking devices. The paper has proper punctuation. The format used in the paper is in accordance with the APA format sixth edition. This type of format ascertains that, there must be a comma between the surname of the author and the year. For example (Leili,

Sunday, October 27, 2019

Engineering procurement and construction

Engineering procurement and construction Integrated Project Teams With Multi Office Execution, A Study Of EPC Projects In Canada Abstract Engineering procurement and construction (EPC) projects in the Canadian oil and gas industry have gained significant economic importance due to rising hydrocarbon commodity price. The oil and gas industry in Alberta has planned to spend approximately 142 billion dollars (Government of Alberta, 2010) within the next two decades on capital projects. Alberta has recognized the shortage of human resources during peak economic activities, to execute mega capital projects. Multi office execution (MOE) is a way forward for all the major EPC houses in Canada to meet the demands of Clients within budget and on schedule. Further, it has been identified by the industry needs that integrated project teams are critical to the success of these complex oil and gas projects. In this environment, project management techniques need to be adapted to match project complexity. This paper will provide much insight through case studies related to project teams in multi office execution, and review the existing literature body of knowledge. An analysis is presented based on the project management knowledge areas. Recommendations are made based on this analysis. The objectives of this paper are to review literature related to managing MOE projects and to determine the keys to success and areas that need improvement in MOE. Introduction Alberta oil and gas industry has gained significant economic importance over the past decades. In 2010, it is estimated that the industry has an inventory of 57 capital oil and gas projects with a total value of 142 billion dollars (Government of Alberta, 2010). Engineering, Procurement, and Construction (EPC) companies have been providing oil and gas owner companies with expertise and resources to execute these capital projects. Under current market condition, the oil and gas owner companies want the EPC companies to share more risks. More and more projects are based on lump sum and fixed-fee contracts and are executed under lower budgets and tighter schedules. To stay competitive, many EPC companies have adopted global execution business model. Work is carried out in multiple offices or even by multiple organizations (Macquary, 2003). Cost saving benefit is achieved by allocating project scopes to high-value low-cost offices in other provinces or other countries. The companies may develop a partnership with other companies with specific technical expertise or local business expertise in order to gain market share in a new or emerging market. The MOE improves resource availability under booming economy, where resource shortage becomes a sig nificant problem in executing large projects. Despite several benefits, MOE projects can be very challenging to manage. Although the project management methodology is applicable to both single-office and multi-office projects (Cowle et al, 1995), the multi-office projects require particular emphasis on some of the project management processes. The objectives of this paper are to review literature related to managing MOE projects and to determine the keys to success, challenges and areas that need improvement in MOE. Interviews with project management experts from the EPC industry who have experience managing multi-billion dollar MOE projects provided insights into MOE best practices. The interviews were designed based on project management knowledge areas established by Project Management Institute or PMI (Project Management Institute, 2004) in order to present the findings using internationally accepted framework. These knowledge areas are: project integration management, project scope management, project time management, project cost management, project quality management, project human resource management, project communication management, project procurement management, and project risk management. The paper is organized as follows. Section 2 reviews literature related to MOE. Section 3 briefly describes methodology and the MOE projects studied in this paper. Keys to success and challenges for MOE are discussed in Section 4. This is followed by conclusions in Section 5. Ã‚ Literature Review Multi-Office Execution Concepts Engineering and Construction Risk Institute (2009) defines two main elements of a multi-office executing organization: 1) Lead office which is an office that provides leadership and has overall responsibility for the execution of the project; 2) Support office which is an entity participating in the project under the overall management and supervisory control of the lead office. The multi office execution strategy is found to be popularly framed within concepts such as virtual teams and offshore outsourcing (off shoring). A common definition available for a virtual group/team is a group of geographically and temporally dispersed individuals who are assembled via technology to accomplish an organization task. Joseph (2005) specifically defines Global Virtual Engineering Team (GVET) as a group of geographically dispersed individuals organized through communication and information technologies that need to overcome space, time, functional, organizational, national, and cultural barriers for the completion of a specific engineering task. According to Joseph (2005), the following comparison can be made between a virtual team and a conventional team. The most critical and important feature of virtual teams is that they cross boundaries of space. Whereas the members of traditional teams work in close proximity to one another, the members of virtual teams are separa ted, often by many miles or even continents. Although many traditional, localized teams also communicate through computerized communication media, technology such as video conferencing is typically used by virtual team members to supplement their rare face-to-face communication. In physically collocated teams, members of the team are likely to have similar and complementary cultural and educational backgrounds since they have gone through the same recruitment and selection procedures as they are employed by the same organization. In a virtual team the members may vary in their education, culture, language, time orientation and expertise. There can also be conflicting organizational and personal goals among the members of a virtual team. Multi-office execution also can be part of off shoring when local EPC companies subcontract project activities to branches or a different company in a foreign country. Off shoring is an extreme version of outsourcing, and it refers to the transfer of production/service capacity from a site within a country to a site in another country and then importing back for national consumption of goods and services that had previously being produced locally (Goff, 2005). Off shoring business operations offer a potential for 15-20% cost savings, but further analyses show that organizations that properly plan and operate offshore initiatives can reap substantially higher rewards (Fox and Hughes, 2008). According to Goff (2005) the benefits of off shoring for large companies include: maintaining or increasing profitability by reduced labor costs if resources with the same or higher level of expertise can be obtained in the foreign countries; maintaining its competitive position or even protecting it from going out of business; and increasing the market share of a company by improving their capacity and utilizing available in-house resources to more value added ventures. Canada ranks high among most attractive host countries for companies wishing to locate abroad to improve their financial position according to the offshore location attractive index (Goff, 2005). The multi-office execution has been made possible and successful, solely due to the advancements in the information and communication technology. With the rapid advancement of the electronic age the ability to staff a project from multiple offices has gone from a dream to a practical reality (Cowle et al, 1995). The latest developments in communication technology such as teleconferencing, video conferencing and host of other online applications coupled with ever increasing speed of data, voice and video transfer literally eliminate distance barriers. According to Macquary (2003) we are at a point in time where information technology is allowing us to change many of our traditional way of doing work. Hence it is possible to create an organizational structure agile enough to accept them and quickly apply them to add value. MOE Driving Forces Economy conditions are the main driving forces for the MOE strategy (Macquary (2003), Joshep (2005), Global Insight USA (2004), and Engineering and Construction Risk Institute (2009)). Under booming economy, labor shortage becomes a problem for many organizations and the MOE is a way to acquire project teams from other remote offices or even other companies. The MOE strategy is also used to add resources in order to meet tighter/compressed project schedules. On the other hand, slower economy growth demands constant vigilance over cost. Companies with global operations often allocate or outsource work to high-value low-cost offices, especially when qualified resources with lower wages are available. For instance, offices in India, China or Far East countries could be candidates for such support offices. Company policy to gain market share is another driver for MOE strategy. Companies can setup offices in other countries or develop business partnership with local companies to capture global or emerging markets. A joint venture between companies (or even competitors) with complementing expertise to take on a project that requires diversified expertise is also another driver for MOE. Other driving forces are: development in technology such as internet connections and other communication tools; a need to free resources for core business or higher value purposes; change in educational trend which results in smaller number of graduates in some studying fields (Joseph, 2005). Managing MOE Projects Engineering and Construction Risk Institute (2009) suggested issues to be addressed for MOE projects during sales/pre-execution, project mobilization, project execution, and project completion phases. Key issues are: early engagement with the client to obtain agreement to MOE and address clients concerns; early engagement of the support offices; clear definition of scopes and responsibilities for individual offices and kick-off meetings; alignment of work processes, deliverables, and reports; selecting suitable key project roles who are opened to MOE; and communication plan. Joseph (2005) has identified technology, management, organization, project control and team communication as important items to consider in global virtual team formation and execution. Clear and frequent communication, periodic face-to-face meetings, good communication tools and compatibility in information technology, standard work processes and communication procedures, and clearly defined scope expectations are named as top success criteria for multi-office execution. Whereas lack of or poor communication, lack of face-to-face meetings, lack of understanding of local work practices/ cultural differences and/or language issues, lack of management involvement experienced leadership, changes not handled properly, slow response to changes, incompatible or poor technology including hardware and software are top failure factors found within EPC industry for multi-office execution. Chinowsky and Rojas (2003) outlined the top 10 management issues that must be addressed when initiating and maintaining virtual teams. They are categorized as Team issues and Process issues. Team issues include: initial face-to-face meetings are required to develop a sense of Ã¢â‚¬ËœÃ¢â‚¬Ëœteam, managers must visit remote participants during the course of the project, trust between team members is difficult to establish when operating in a virtual environment, and virtual team leaders should be selected with an acknowledgment of the unique demands placed on distributed teams. Process issues includes: project objectives must be restated and reinforced frequently to ensure that all members remain focused on a common outcome; conflicts must be addressed quickly to prevent unresolved issues from interfering with communications; discussions on decisions will be more difficult as participants continue discussions via electronic media; expectations of each team member must be stated clearly to assist the members as they work independently; team member workloads should be monitored to ensure that significant increases do not occur due to increased electronic communications; and regular training must occur equally for all members of the virtual team. Methodology And Studied MOE Projects The methodology used in this paper to gain insights into MOE best practices and challenges is interviewing project management experts who have experience managing MOE projects in EPC industry. The interviews were designed using project management knowledge areas: project integration management, project scope management, project time management, project cost management, project quality management, project human resource management, project communication management, project procurement management, and project risk management. The project management knowledge areas are identified by its knowledge requirements and described in terms of their component processes, practices, inputs, outputs, tools, and techniques (Project Management Institute, 2004). The two major reasons for the projects to implement MOE strategy found in this paper are resource constraint and cost saving. All of the projects discussed in this paper were executed during the booming economy (i.e. high oil price) and manpower shortage became a problem for many projects. Therefore, the MOE beame a necessary strategy to acquire project teams with required skills from locations with more resource availability. To save cost, project scopes were allocated to high-value low-cost offices in either other provinces or other countries (e.g., India and China). Cost benefit was achieved in both cases. Some of the projects allocated Ã¢â‚¬Å"less technicalÃ¢â‚¬ work such as cloning design work and closing project work to these support offices. Another driving force identified is a company strategy to expand and maintain national or global operations. The MOE strategy is used to balance resource utilization. In booming economy, work is allocated to reduce workload at some offices. During an economy down turn, work is allocated to maintain support offices as it is more economical than closing the support offices and rebuilding them when demand resumes. Engineering work is usually allocated among lead and support offices. For better coordination, a procurement organization is usually setup in the offices that perform engineering design. However, smaller projects may choose to have only one procurement organization in the lead office. Construction is mostly executed by the lead office. However, some construction scopes (e.g., fabrication and modularization programs) may be subcontracted to local or international third-parties, therefore they are considered as MOE. Prime contract management/ legal functions are usually executed by the lead office only. Other project functions such as Project Management, Project Controls, and Document Management are executed from the lead office. However, depending on the size of the project and project strategy, these functions may also be executed from other support offices. Keys To Success Challenges In MOE Further discussion on keys to success, challenges, and areas required improvement for MOE projects is divided into 9 subsections per Project Management Knowledge Areas (Project Management Institute, 2004): project integration management, project scope management, project time management, project cost management, project quality management, project human resource management, project communication management, project procurement management, and project risk management. The discussion is summarized at the end of this section. Project Integration Management For MOE projects, the lead office is normally responsible for developing the project charter and preliminary project scope statement. This is due to closer contact with the Client. Furthermore, at the early stage of the project, the support offices may not have been involved yet. It is important that the project management team provides MOE justification to gain support from the Client. It is recommended that the project management plan developed during the planning phase addresses the MOE strategy including high-level justification, organization, resource utilization and scope allocation. Some projects may choose to develop a separate subsidiary plan which addresses MOE issues such as scope allocation, responsibility, and communication in more detail. The MOE brings many challenges in monitoring and controlling project work. All offices should take responsibility for their own work but the lead office must take the responsibility to monitor and control overall project work. Managers in the lead office need to understand their roles in monitoring and controlling project work even though the work may be executed by the support offices. Basic communication approaches such as regular phone calls and VDO conference meetings and information systems that allow progress information to be collected from support offices are used for monitoring and controlling project work. Project changes should be managed and controlled centrally by the lead office. Changes are initiated from all offices but only the lead office should have authorization to approve changes. The approved changes need to be captured and project plans (e.g., budget and schedule) are adjusted accordingly. It is important that no office should start executing the changes before they are approved even if the changes are initiated by the Client. Closing project is identified in this paper as one of the major challenges in MOE. Each office is normally responsible for closing the work under their scopes. However, the support offices have smaller scopes of work, therefore they usually de-staff earlier than the lead office. If the support offices de-staff before the close out is complete, the work is transferred to the lead office which may not have sufficient background understanding to properly close out the work/scope. To avoid this circumstance, the projects must plan and execute the project closing process carefully. It is also important that sufficient budget is allocated for the project closing process. Electronic archiving of project documents is recommended to facilitate the project closing. Other challenge identified for project closing process is lessons-learned management. Lessons learned from all offices need to be captured, analyzed for follow-up actions or recommendations, archived, and internally published. Lessons learned are proprietary and required careful review before they are published to avoid any commercial or legal impacts. Some EPC companies may have a corporate function dedicated to manage lessons learned from all projects. If not, the project management team in the lead office should be responsible for managing lessons learned from all offices. As this is a part of project closing, management of lessons learned needs to be planned, scheduled and have budget provided for like other project work. Project Scope Management After the preliminary project scope statement is developed, the project scope must be further refined. Scope allocation among the offices is a major part of scope management for MOE projects. Depending on the types of projects, the scope can be further divided vertically or horizontally. For example, oil and gas facility construction projects normally divide scope vertically by geographical areas of the facilities while power plant construction projects usually divide the scope horizontally, by specialized technical systems such as steam lines, control systems, rotating equipments, etc. Nevertheless, the project scope should be divided in the fashion that requires as little coordination as possible. In reality establishing a balance between MOE scope division and effort to coordinate the project scopes becomes a fine art for the project management team. Several criteria are used to allocate the scopes among the multiple offices. These include expertise and experience, cost, resource availability, and organizational strategy. The lead office is mainly responsible for scope allocation. It is identified in this paper that clear understanding of scope is one of the key elements to successful MOE. Therefore, it is highly recommended that the lead office organize kick-off meetings to engage the support offices as soon as possible in order to develop the scope definition and WBS. It is crucial that these processes are a joint effort between the lead office and support offices. This will develop a better understanding of the scope and a sense of ownership for the support offices which will later benefit the scope control process (e.g., recognizing scope changes and their impacts). Tools that are used for scope planning are responsibility matrices that clearly indicate the responsibility among the offices at project deliverable level (e.g., division of responsibility, material assignment schedule, control and monitoring needs, etc.). Detail responsibility to verify and accept the project deliverables can also be included in the responsibility matrix. Critical deliverables are accepted directly by the lead office for review before transferring to the Client, while the other deliverables can be submitted directly by the support offices to the Client. However, the lead office has overall responsibility to ensure that the project deliverables are completed as per project scope. The scope should be controlled centrally by the lead office as a part of integrated change management discussed in the previous section. As a result, it is important that the lead office has a good understanding and control of the scopes that are performed by all offices. Project Time Management Project work broken down into tangible components and assigned to a resource is essential for schedule development. Project schedules should be developed by the lead office in close communication and cooperation of support offices. The lead office usually initiates high-level schedule which contains major project milestones usually knows as master schedule, then the support offices provide detail information (e.g., activity sequence, activity resource estimating and activity duration estimating) to be incorporated into the master schedule. Once the project schedule is developed and adopted as a time management tool, activity status information required to update this schedule is collected from all offices. It is important that all offices follow the master project schedule. Use of universal scheduling tools that provides visibility to all offices particularly benefits the MOE execution. Communicating and resolving schedule misalignments among offices is considered to be one of the challenges for MOE. Therefore, it is recommended that the master schedule control is centralized and the lead office assign personnel to coordinate schedule information from all offices. Project Cost Management Cost estimating is a significant activity during the early execution of the project. During the early stage the scope and responsibilities are with the lead office, therefore the cost estimating is also performed by the lead office. Early estimates are conceptual estimates with some details (e.g., major equipment cost, estimated bulk quantities and construction cost). When further design development takes place and if significant scopes are allocated to support offices, area estimators could be assigned to provide input to the lead estimating team. Detail estimates are developed when significant engineering is completed. Input and feedback from all the execution offices are used in developing detail estimates. Once the detailed estimates are approved and implemented each support office is responsible for its scope of work. Typically, total cost management and final reporting remain the responsibilities of the lead office. Cost control strategy can be either centralized or decentralized, depending upon the scope splits, project staffing, level of effort needed to control and report project cost. For instance, if a support office is allocated a small scope (e.g., the support office only produces isometric drawings), total cost control can be performed by the lead office. On the other hand, if a support office has significant scope (i.e. a complete plant area), cost control for that area can be assigned to the support office with periodic reporting to the lead office. Regardless of centralized or decentralized cost control strategy, the lead office has a responsibility to control and report to the Client overall project cost. Project Quality Management The quality planning should be initiated by the lead office with consideration to Clients quality standards and requirements. Project quality assurance and quality control are typically executed by all offices. For the MOE projects that involve support offices from foreign countries or from different companies, different quality practices may be allowed as long as they comply with the project quality management plan. In case the quality assurance and control of support offices do not comply to project quality plan, the lead office may need to execute these two processes as appropriate. Project Human Resource Management For MOE projects, the lead office should initiate the human resource planning by providing allocated man-hour budget to the support offices. Factors such as capability, reliability, quality, and expertise of the support offices should also be considered when developing the budgets. Then the support offices are responsible for developing their own staffing plans. The lead office should also ensure that: the budgets allocated to the support offices are appropriate; all managers are trained to do staff planning; and the staffing plans developed by the support offices align with project plans (e.g., budget, schedule, and scopes of work). As leadership is crucial for project success, the project lead roles (e.g., engineering leads) in the support offices should be identified early. These lead roles provide direction to the teams and are communicating channels between the lead office and the support offices. Some projects may instead select to assign a coordinating role for smaller scope of work allocated to the support offices. Lead offices may influence staff assignments at support offices especially for the lead positions. However, the support offices are usually responsible for acquiring their own project teams for the reasons that they have better knowledge and understanding of their staff as well as they are directly responsible for the staff career development. MOE projects have to overcome many challenges in developing the project team. Phone calls and meetings between offices in different time zones are more difficult to arrange while communicating only via emails may not be an ideal approach to develop a working relationship. Cultures and languages also add challenges to communication. It also takes time to develop trust and working relationship between offices which is a challenge for offices that have never worked together before or offices that have high-turnover or are downsized. Other challenges are standardizing or aligning work processes. This paper identifies that having staff from the leading office visit support offices at regular intervals and vice versa is an effective approach to build project team for MOE projects. These visits could be for training, meetings, or trouble shootings. The project should arrange these visits as often as possible during the project life cycle. VDO conference is also recommended as a more effective meeting tool than just a phone conference. The project management should be instrumental in arrange all-office team building activities such as project progress presentation, discipline presentations and recognition and reward program. Each office is responsible for managing its own staff. However, the lead office needs to manage overall performances of the support offices. Cultural difference should be considered for appropriate management style. It should also be noted that the performances between offices should not be compared without understanding the legitimate factors that may impact the performance from each office (e.g., expertise experience). Other challenge found in managing the MOE team is that delivery and performance issues (e.g., rework, delay, or actual amount of remaining work) may not be communicated to the lead office. These are often driven by fear of negative consequences such as losing work. Therefore, it is important to set reasonable performance targets based on capability of the support offices and the lead office provides support in solving any performance issues such as training and trouble shooting. Project Communication Management As a part of communication planning, it is recommended that the stakeholder analysis is performed for all offices to determine the project communication requirements. Communication planning should address information, information originator, information receiver, frequency, and communication medium. It is important that the lead office is the only point of contact for handling commercial and contractual matters. When appropriate, mass communication methods such as group email, project portal, shared drive are recommended for MOE projects. It is important that project changes (e.g., revisions) are communicated with high priority between offices to prevent rework, especially if work is shared between multiple offices (e.g., outputs from one office become inputs for the other offices). To facilitate the information distribution during the execution phase, the use of information distribution matrix is recommended. The matrix determines the list of employees that the information is to be distributed to and is managed by document management group. Overall project performance reporting should be a responsibility of the lead office with inputs from support offices. The performance reporting should be included in the communication management plan. Reporting schedule and format should be developed and agreed upon by all offices. Necessary trainings (e.g., use of tools to collect performance information, data gathering and data analysis) should be provided to all offices to ensure reporting accuracy and consistency. Project Procurement Management One of procurement decisions to be made at the beginning of an MOE project is purchasing and managing strategy for each material commodity. It is generally more economical that bulk material (e.g., bulk piping materials, steel, and cables) requirements from all offices are consolidated and purchased together by the lead office. However, commodities that require customized engineering design such as mechanical and electrical equipments may be managed more effectively if they are procured by the same engineering office. After the decisions are made, the procurement organization then can be setup to support the commodity management strategy. It is a best practice to have procurement organizations in all engineering offices. However, some smaller projects may choose to setup only one project procurement organization in the lead offices. Subcontract function (which is a part of procurement management per project pr

Friday, October 25, 2019

Great Gatsby Symbols :: essays papers

Great Gatsby Symbols Different symbolism The Great Gatsby is enhanced by the great number of symbols in the story. The story is revolved around symbols which represent different things. There are three types of symbols color, object, name symbols. Each symbol represents a different kind of situation in the story. The color represents all colors that are involved in the story, each color has its own meaning in the story. Object symbols explain the person himself and his situation in the story. Name symbols give the inner meaning of the person and how the name is related to the character. Color symbolizes a lot in the story. In the story you see excessive use of colors. The first most clear color symbol is white which doesn't express the purity but the false purity and goodness in the people. The next is gray, valley of ashes, which expresses the lack of spirit in that area. The green shows the hope of a new start, or to work for something. Red is death , or blood. Yellow expresses the corruptness in society and dishonest behavior in society. Also yellow represents the coward image of characters. The objects that are represented in the story are very interesting. Most obvious is West Egg and East Egg which are described as white from the outside which represents purity and the yellow inside which is the rotten part. Owl eyes is the person who is all knowing in this book from the start. When he was first introduced he was introduced very positively. Cars had a big role in The Great Gatsby, they symbolized the status of the person and the careless and there reckless personality . In summer was the boiling part of the novel and conflict, where everything was told. Flowers symbolize everything in the great Gatsby grace, beauty and love. Names express what the person is and his back round. For the Gatsby, Gat means pistol, and he was murdered by one.

Thursday, October 24, 2019

Sms Banking

Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 SMS BASED SECURE MOBILE BANKING Manoj V, Bramhe Department of Information Technology, RTM Nagpur university St. Vincent Pallotti College of Engg. And Technology, Nagpur, India [emailÃ‚ protected] com AbstractÃ¢â‚¬â€ M-banking has emerged as one of the main division of m-commerce. Mobile banking services consists of information inquiry, notifications and alerts, applications and payment transfer. Mobile based application is used for connecting customer handset with bank server for all such services.Current M-banking applications used by banks are facing security challenges for payment transfer banks are using secure payment gateway and other security measures which increases cost and infrastructure for bank but major day-to-day banking applications are inquiries, notifications and alerts. The problem with current banking applications is that they send data directly to customer in plain te xt form compromising with security. We present SMS based secure mobile banking which enhances security with minimum cost.In this approach bank hides customer transaction data is secure SMS using AES symmetric cryptographic algorithm and send it customer application supported handset. Customer application decrypts data in secure manner. Keywords: M-banking, MD5, AES, MPIN I. INTRODUCTION M-banking system is one which provides all daily banking operations to customer with one click of his mobile handset with supported application. M-banking system has potential to provide access or delivery of very specific and highly necessary information to customer as given in [2].Growth in the M-Banking is driven by various facilities like convenience of banking operations, greater reach to consumers and Integration of other m-commerce services with mobile banking. In M-banking there is no place restriction, it is highly penetration coefficient as growth of mobile phones are more than computers, i t is fully personalized and private increasing transaction authenticity and is 100% available all the time with users. However, there are several challenges that need to be addressed to completely utilize the benefits of the M-Banking like handset compatibility, security, scalability, reliability.Due to increase in use of mobile handsets for many m-commerce applications, Chances of mobile hacking for financial benefits are heavily increased. Currently mostly all banks in India and outside are sending text SMS directly to the customer handset for basic bank services without any security which can be accessed by any malicious person and can use this information for getting access to customer account. OTA (Over-the-air) mobile data can be hacked in network path from bank to customer mobile handset including MPIN, a password use for user identification in M-banking.Thus there is a need of secure and cost effective solution which can be easily provided on all types of handsets. Our objec tive is to provide cost effective, secure, fast M-banking solution combining features of cryptography. In this paper we have presented SMS based secure mobile banking with minimum cost using cryptography. II. M-BANKING CHANNELS M-banking can be executed using various channels like SMS, USSD, GPRS, WAP; Phone based Application, SIM Application. All of these channels are used separately or combined for various banking operations ISSN : 0975-4024 Dec 2011- Jan 2012 472Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 A. Short Message Service (SMS) SMS is the simplest form of mobile banking. It is largely used for information-based services. SMS has the maximum reach amongst consumers since all the mobile phones support SMS. Short messages are stored and forwarded by SMS centres. These messages have some security issues. B. Unstructured Supplementary Services Delivery (USSD) USSD is a technology unique to GSM. It is a capability built into t he GSM standard for support of transmitting information over the signalling channels of the GSM network.USSD provides session-based communication. Turnaround response times for interactive applications are shorter for USSD than SMS. In USSD, the interaction is in the form of a continuous session as opposed to SMS. USSD is available on all handsets. C. Wireless Application Protocol (WAP) / General Packet Radio Service (GPRS) GPRS is a packet-switched data service available to GSM users. GPRS enables services such as WAP access, Multimedia Messaging Service (MMS), and Internet communication services such as email and World Wide Web access in mobile phones. . WAP is wireless application protocol used over GPRS. It is similar to Internet banking.The consumerÃ¢â‚¬â„¢s handset needs to be WAP enabled. WAP banking is open to similar threats as Internet banking. D. Phone-based Application Phone based applications are developed in various languages like J2ME, . NET having advantages that it can use GPRS, USSD or SMS, MMS to carry the consumer data/instruction in an encrypted format and it is operator independent. These are secure application which resides on supported handset. E. SIM Application Tool Kit The SIM Application Toolkit allows for the service provider or bank to house the consumerÃ¢â‚¬â„¢s mobile banking menu within the SIM card. STK is the most secure method of mobile banking.It allows the bank to load its own encryption keys onto the SIM card with the bankÃ¢â‚¬â„¢s own developed application. III. CURRENT M-BANKING Even though various channels are available for M-banking most of the banks uses SMS as basic and cheap channel for basic banking operations. Currently all banks in India like ICICI, HSBC, SBI etc are not using any encryption techniques in SMS based M-banking system. They are using simple text based SMS for customer queries in which they directly send account information to customer only hiding some digits of account number which can be easily ha cked by any hacker or seen by anyone from message inbox.Even though some banks do provide some other channel like GPRS and WAP but cost of implementation is more and these facilities are not available on all types of mobile handset thus there is a need of secure and cost effective solution which can be easily provided on all types of handsets. A. Issues in M-banking 1) Lack of Standards: The lack of standards gives rise to lot of local and fragmented versions of m-payments offered by different stakeholders. Standards need to address security and privacy concerns of customers as well as interoperability between various implementations. ) Device constraints: There are technical issues related to the mobile devices . The mobile phones suffers from various constrains like less processing power and memory, bandwidth, short battery life , frequent disconnections, tiny screens, poor resolution and privacy issues. 3) Security Issues: Securing m-Commerce is even more difficult than wired tra nsaction. Device constraints raise the questions as to whether there will be adequate security for users without compromising the ease of use and speed.Current real time M-banking application of various banks uses plain text messages without any security algorithm for sending data hence any malicious user can access customer important data on mobile and used it for malicious purpose thus direct sending of data is not suggestible for M-banking. SMS are prone to spoofing and there are issues related to SMS encryption. However technology manufacturers are developing improved security for applications with authentication and encryption technologies and many claims that the ISSN : 0975-4024Dec 2011- Jan 2012 473 Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 transaction using mobile device is fully secure. There are many techniques for secure M-banking operations but major research work has been done on Cryptography and steganography techn iques. Cryptography is a process of converting plaintext data into cipher text using cryptographic algorithms. They insure basic security requirements like authentication, confidentiality, integrity and non-repudiation. B. Basics of Short Message ServiceShort Message Service (SMS) is the ability to send and receive text messages to and from mobile telephones. SMS was launched as a part of GSM1 standard. Each short message is up to 160 characters in length. The 160 characters can comprise of words, numbers, or punctuation symbols. Short Message Service is a store and forward service; this means that messages are not sent directly to the recipient but via a network SMS Centre. SMS comprises two basic point-to-point services as Mobile-originated short message (MO-SM) and Mobile-terminated short message (MT-SM).Mobile-originated short messages are transported from MOcapable handset to SMSC whereas Mobile-terminated short messages are transported from SMSC to the handsets. The figure no. 1 shows a typical organization of network elements in a GSM network supporting SMS. Fig. 1. Basic model of SMS based M-banking The benefits of SMS to subscribers are convenience, flexibility, and seamless integration of messaging services and data access, delivery of notifications and alerts, guaranteed message deliver, reliable, low-cost communication mechanism, increased subscriber productivity, delivery of messages to ultiple subscribers at a time. The SMSC (Short Message Service Centre) is the entity which does the job of store and forward of messages to and from the mobile station. The SME (Short Message Entity), which is typically a mobile phone or a GSM modem, can be located in the fixed network or a mobile station, receives or sends SMS. The SMSC usually has a configurable time limit for how long it will store the message. SMS Gateway SMS Gateway is an interface between software applications mobile networks.An SMS Gateway allows interfacing software applications to send and /or receive SMS messages over mobile network. A GSM Modem modulates outgoing digital signals from a computer or other digital device to signals for a GSM network and demodulates the incoming GSM signal and converts it to a digital signal for the computer or other digital device. IV. PROPOSED SOLUTION Current real time M-banking application of various banks uses plain text messages without any security algorithm for sending data in SMS banking hence any malicious user can access customer important data on mobile.Proposed secure M-banking is based on symmetric cryptographic techniques where common secret key is shared among bank customer and bank server. Proposed Architecture consists of 4 components as Customer Mobile application, Bank Server application, Bank side mobile / GSM Modem, Bank database and wireless OTA [1]. Our solution uses windows mobile as client application platform and . NET framework as server side software. Customer interested in using M-Banking facilities has to make registration only once with corresponding bank. Bank has all necessary details of customer in database.Bank sends CustomerÃ¢â‚¬â€œside mobile application developed for windows mobile to user. Application will be installed once on windows mobile supported handset. This application consists of Login screen along with get session key option, menu screen for bank services options, and encryption and decryption screens for outgoing and incoming secure SMS and send message screen to send SMS to server GSM handset /Modem. Application will be updated as and when bank updates it. ISSN : 0975-4024 Dec 2011- Jan 2012 474 Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479Bank will have GSM mobile Handset / GSM modem connected to bank application server. GSM handset will be connected to application server using either Bluetooth or USB cable having SIM card installed in it which has task of receiving, processing and replying customer SMS continuou sly. GSM handset/ modem are cheaper and can be easily installed but have slow speed for message handling which can be increased by connecting modem with SMSC centre over internet. Secure M-Banking server side application is developed in windows compatible environment like VB. NET which can be installed on bank application server.Application is consisting of SMS Service, Information Manage, Account Details Manage, User Request modules to receive and process secure encrypted message from customer mobile. SMS Service module is responsible for retrieving and replying secure SMS automatically whenever they reaches server GSM handset / Modem. Bank database consists of various tables storing customer details pertaining to his personal information, Account information and transaction information. Bank database stores customer confidential information like his MPIN, Mobile identification pin and encryption keys in encrypted and secure manner.We have discussed various major types of M-Banking channels as SMS, GPRS, WAP and USSD out of which every channel has own advantages and disadvantages. WAP and GPRS are good and provide session based security but they are handset dependent and also in rural part of India all mobile operators are not providing respective services. USSD is used along with SMS and requires separate infrastructure. Thus SMS channel is simple, easy to implement, cheaper and widely used channel which is device independent. Current SMS based M-banking service has many drawbacks s SMS is inherently developed in GSM for non-sensitive message transfer among users. Mutual authentication, text encryption, end-to-end security and non-repudiation is not present in design of GSM architecture [16]. Major issues with SMS based banking are SMS Spoofing which is an attack where malicious user sends out SMS message which appears to be sent by original sender. Current SMS architecture allows hiding original senderÃ¢â‚¬â„¢s address by altering respective field in origin al SMS header. Also SMS has encryption only during path from base transreceiver station and mobile station. End-to-end encryption is not available.V. IMPLEMENTATION We have implemented proposed solution in . NET platform for windows mobile in windows environment. Customer mobile application in . NET framework runs on supported windows mobile handset for which we have used HTC mobile and bank server application is running in . NET along with any GSM handset connected in Bluetooth / USB mode to it. We have added secure SMS structure which provides extra security along with satisfying security parameters. This secure SMS will add extra security features like cryptographic and hashing algorithm to satisfy confidentiality, integrity, authentication and non-repudiation.Our system is based on secure SMS protocol and it uses SMS as media to send and receive encrypted information. . A. Secure SMS Message Structure The secured SMS message is divided into multiple fieldsÃ¢â‚¬â„¢s to accommodat e for the various security checks required for the protocol. Figure no. 2 shows the structure overview for a secure SMS message. The use of each labelled structure is explained below. Account No. Session Key Cipher Text (6 digit) (Generated From MPIN) (Plain Text + MPIN) Message Digest Fig. 2. Secure SMS message Structure Secure SMS message structure proposed by us consists of 4 fieldsÃ¢â‚¬â„¢s as shown in above figure.Account Number: Ã¢â‚¬â€œ It is customer account number in bank which is first field used for authentication purpose. This information is stored in plain test format so that at the server end, information can be retrieved to get required keys from database. Session key: Ã¢â‚¬â€œ It is onetime key randomly generated from customer MPIN inputted in bank server database during M-Banking registration process. This key is stored in 2nd field of message. Customer makes a request to get session key from his handset to bank server. Bank server will reply this with encrypted ses sion keys stored in file, which will be stored on customer handset. ISSN : 0975-4024Dec 2011- Jan 2012 475 Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 Cipher Text: Ã¢â‚¬â€œ This text is created from combination of plain text and MPIN and stored in 3rd filed of message structure. Main idea behind this is to protect data from malicious attacker. As MPIN is most important data and from which session keys are created to be used for encryption and decryption purpose, hence it s send in encrypted manner. Message Digest: Ã¢â‚¬â€œ Message digest is used for checking integrity. Customer message digest is calculated from combination of plain text and MPIN and stored in 4th field of secure SMS.MD5 algorithm is used to calculate message digest on both ends. This received digest will be compared with calculated digest at bank server end , if not found of same size then message will be discarded as fake transaction and no message will be send to mobile handset from which request is sent. B. Sending Secure SMS from Client Mobile Whenever customer wish to make any transaction using M-banking, he will run application installed on handset and provide all necessary details. We have used 6 transactions for testing purpose and information collected from user on his handset is used to generate secure SMS.After registration customer will get mobile application installed once on his windows mobile. Customer will enter 4-digit MPIN which will be stored in server database in encrypted format using his password. For non-repudiation purpose we have added concept of one time session key. Server uses customer MPIN to generate session key randomly and again stored them in encrypted format. Customer runs the banking application and feed details of 6-digit account number, 4-digit MPIN and 4digit password and click button to get session key. Server sends generated session key to customer handset which will be stored in encrypted format on his handset.Customer goes to menu screen, chooses requires account type and type of transaction he wish to perform and goes to next screen. Mobile client application shows 4 entries on next screen consisting of session key received, generated fixed plain text message depending upon transaction chosen, cipher text created from combination of plain text and MPIN and 4-part secure message. Secure SMS contains account number in plain text, session key in encrypted format, cipher text created from plain text and MPIN and message digest calculated from message.Customer will send message to sever using as normal message. C. Receiving and Replying Secure SMS from Server Module Proposed Server is running on computer installed with required software like VB. NET, Windows mobile device centre and SDK, . NET compact framework, MS-access and Server side application. Server side application has four modules as SMS Service, Information Manage, Transaction Manage and User Requests. SMS service module retrieves SMS received at Server side handset and decode it to get original query send by customer.Server application process query, get required data from bank database and then sends it in encrypted format to customer mobile through bank side modem. Whenever Customer sends any secure SMS containing his transaction query to server side GSM Modem, Server application automatically retrieves secure SMS and deletes it from server attached handset to avoid flooding of message inbox. We have used ActiveX control for this purpose. Bank Server application splits received secure SMS in same 4-parts. Server reads first part, a plain text 6-digit account number and compares it with database stored account number.If match is not found, it will send message Ã¢â‚¬Å"Wrong Account NumberÃ¢â‚¬ to customer handset. If account match is found then server uses 2nd part of secure SMS, which is session key send by user to decrypt 3rd part of received secure SMS. After decrypting 3rd part of SMS, server application gets combination of plaintext as customer original transaction query followed by 4-digit MPIN. Server application compares received MPIN with stored MPIN from server table if a match is not found, will send message Ã¢â‚¬Å"Wrong Pin NumberÃ¢â‚¬ to customer handset.Server calculates message digest of 3rd part received using MD5 algorithm and compare it with received massage digest, 4th part of secure SMS to check for message integrity. If match is not found, server generates message on server side Ã¢â‚¬Å"Fake TransactionÃ¢â‚¬ and sends nothing to customer side handset as it may be off any malicious user. If all security checks are proper, Server application process query of customer and get required data from database encrypts data using session key received from customer and sends automatically to customer handset.VI. EXPERIMENTAL RESULTS We have developed two applications for client and server side. Mobile client application is developed using . NET compact framewor k and VB. NET, installed on windows mobile supported HTC mobile device. This application is used by customer for various M-banking transactions to send encrypted secure SMS to bank ISSN : 0975-4024 Dec 2011- Jan 2012 476 Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 Server and gets back encrypted reply from bank Server.Client and Server side application performs symmetric encryption and decryption using 256-bit AES symmetric encryption algorithm. MD5 algorithm is used for hashing purpose. Server side bank application is developed using VB. NET it uses SMS toolkit, an ActiveX control to retrieve and process secure SMS automatically. Server side application also contains certain modules for database management of customer account and transactions Normally symmetric cryptographic algorithm donÃ¢â‚¬â„¢t have non-repudiation as both party shares common secret key but we have used session key concept for maintaining non-repudiation propert y of encryption.Since Session key is used only once and created randomly, no two users can have common session key and it is created from MPIN, a master key which customer only knows so he cannot deny that he has done transaction. We have carried out 6 types of transaction including Account Balance, Mini transactions, Cheque Book Request, Cheque Stop request, Pay Bill and Fund Transfer. Following are some sample client application module. The figure no. 3 shows session key, user query in fixed plain text format, cipher text generated from combination of plain text and his MPIN and 4-part secure SMS message generated as per format discussed.This last message is sent to server. Fig. 3. Generating 4-Part Secure Message This secure SMS is retrieved by server side SMS service module. Server application split message and decrypt it to get original transaction query of customer. This query is processed to get response data from database which is firstly encrypted and then send to customer handset. Customer handset get auto reply from server side in cipher text, which is decrypted on mobile by client side application to get server response in plain text. The Figure no. 4 shows response obtained automatically from server for account balance.This reply consists of 3 parts. First part is common session key used by server and client. Second part is cipher text received from server application in secure manner. Third part is plain text message obtained after decrypting secure message received from server. Client mobile application uses 256-bit AES algorithm to decrypt message using common session key. This message will be hidden from customer and he will only get final query results in plain text format but for result purpose we have shown this screen. ISSN : 0975-4024 Dec 2011- Jan 2012 477Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 Fig. 4. Secure Reply from Server To be a secure system, it must satisfy Confidentiality, Authentication, Integrity and Non-Repudiation Secure SMS system maintains confidentiality using AES cryptography and Non-Repudiation using session key. Here 3-factor authentication is used for authentication and security purpose whereas Message integrity is carried out using MD5 algorithm. VII. CONCLUSION AND FUTURE WORK We have implemented a secure SMS based Mobile Banking system.The system allows user to carry out all banking transaction securely from anywhere, anytime. All messages from user windows mobile are sent in encrypted format to bank server. Bank server decrypt message, process query and encrypt result in SMS. Server sends message to customer which will be decrypted on his handset. The evaluation of the system was studied for varying banking transaction and under various security threatening malicious activities were recorded. Performance of the transaction is studied. We have executed few banking transaction from HTC windows mobile and using VB.Net server side applicati on. We have used LG GSM mobile as server attached mobile device. Experiments shows that secure SMS Mobile banking provides cost effective and secure system with satisfying Confidentiality, Authentication, Integrity and Non-Repudiation using symmetric cryptography. Application can be used on any windows mobile supported handset from anywhere as no GPRS and WAP are required. We have implemented system using symmetric key AES algorithm. In future better power consumption algorithm like blowfish can be tried out.Steganogrpahy can also be applied for secure M-banking transactions. We can use concept of STK, SIM application toolkit where bank can stored the application and encryption keys on SIM. REFERENCES [1] [2] [3] [4] [5] Mohammad Shirali-Shahreza and M. Hassan Shirali-Shahreza, Ã¢â‚¬Å"Mobile banking Services in bank areaÃ¢â‚¬ , SICE Annual Conference 2007, Japan Martinez Borreguero, F. Javier and Chaparro Pelaez, Julian,Ã¢â‚¬ Spanish Mobile Banking Services: An Adoption StudyÃ¢â‚¬ , Proceedings of the International Conference on Mobile Business 2005.Mohammad Shirali-Shahreza,Ã¢â‚¬ Improving Mobile Banking Security Using Steganography Ã¢â‚¬Å", International Conference On Information Technology. Przemyslaw Krol, Przemyslaw Nowak, Bartosz Sakowicz,Ã¢â‚¬ Mobile Banking Services Based On J2ME/J2EEÃ¢â‚¬ , CADSMÃ¢â‚¬â„¢2007. Yousuf S. AlHinai, Sherah Kurnia and Robert B. Johnston,Ã¢â‚¬ Adoption of Mobile, Commerce Services by Individuals: A Meta-Analysis of the LiteratureÃ¢â‚¬ , Sixth International Conference on the Management of Mobile Business . ISSN : 0975-4024 Dec 2011- Jan 2012 478 Manoj V, Bramhe / International Journal of Engineering and Technology Vol. (6), 2011, 472-479 [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] T N T Nguyen, P Shum and E H Chua,Ã¢â‚¬ Secure end-to-end mobile payment SystemÃ¢â‚¬ . Ashutosh Saxena, Manik Lal Das and Anurag Gupta,Ã¢â‚¬ MMPS: A Versatile Mobile-to-Mobile Payment SystemÃ¢â‚¬ , Proceedings of the International Conference On Mobile Business 2005. Iuon-Chang Lin and Yang-Bin Lin,Ã¢â‚¬ An Efficient Steganography Scheme for M- CommerceÃ¢â‚¬ . Mohammad Shirali-Shahreza and M. Hassan Shirali-Shahreza, Ã¢â‚¬ Text Steganography in SMSÃ¢â‚¬ , 2007 International Conference on Convergence Information Technology.Sandeep Singh Ghotra, Baldev Kumar Mandhan, Sam Shang Chun Wei, Yi Song, Chris Steketee, Ã¢â‚¬ Secure Display and Secure Transactions Using a HandsetÃ¢â‚¬ , Sixth International Conference on the Management of Mobile Business. Jiehua Wang, Song Yuan, Ã¢â‚¬Å"A Novel Security Mobile Payment System Based On Watermarked Voice ChequeÃ¢â‚¬ . M. Shirali-Shahreza, Ã¢â‚¬Å"Stealth Steganography in SMSÃ¢â‚¬ , Proceedings of the third IEEE and IFIP International Conference on Wireless and Optical Communications Networks 2006.Kewin Chikomo, Ming Ki Chong, Alpan Arnab, Andrew Hutchison, Ã¢â‚¬Å"Security of Mobile BankingÃ¢â‚¬ . Dilla Salama Abdul Minaam. Hatem M. Abdul Kadir, Mohily Mohamed Hadhoud ,Ã¢â‚¬ Evaluating the effects of Symmetric Cryptographic algorithms on Power Consumption for different data typesÃ¢â‚¬ , International Journal of Network Security, Volume 11, September 2010. Managing the Risk of Mobile Banking Technologies, Bankable Frontier Associates. Deshpande Neeta, kamalapur Snehal,Ã¢â‚¬ Implementation of LSB Steganography and its Evaluation for various bitsÃ¢â‚¬ . ISSN : 0975-4024 Dec 2011- Jan 2012 479 Sms Banking Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 SMS BASED SECURE MOBILE BANKING Manoj V, Bramhe Department of Information Technology, RTM Nagpur university St. Vincent Pallotti College of Engg. And Technology, Nagpur, India [emailÃ‚ protected] com AbstractÃ¢â‚¬â€ M-banking has emerged as one of the main division of m-commerce. Mobile banking services consists of information inquiry, notifications and alerts, applications and payment transfer. Mobile based application is used for connecting customer handset with bank server for all such services.Current M-banking applications used by banks are facing security challenges for payment transfer banks are using secure payment gateway and other security measures which increases cost and infrastructure for bank but major day-to-day banking applications are inquiries, notifications and alerts. The problem with current banking applications is that they send data directly to customer in plain te xt form compromising with security. We present SMS based secure mobile banking which enhances security with minimum cost.In this approach bank hides customer transaction data is secure SMS using AES symmetric cryptographic algorithm and send it customer application supported handset. Customer application decrypts data in secure manner. Keywords: M-banking, MD5, AES, MPIN I. INTRODUCTION M-banking system is one which provides all daily banking operations to customer with one click of his mobile handset with supported application. M-banking system has potential to provide access or delivery of very specific and highly necessary information to customer as given in [2].Growth in the M-Banking is driven by various facilities like convenience of banking operations, greater reach to consumers and Integration of other m-commerce services with mobile banking. In M-banking there is no place restriction, it is highly penetration coefficient as growth of mobile phones are more than computers, i t is fully personalized and private increasing transaction authenticity and is 100% available all the time with users. However, there are several challenges that need to be addressed to completely utilize the benefits of the M-Banking like handset compatibility, security, scalability, reliability.Due to increase in use of mobile handsets for many m-commerce applications, Chances of mobile hacking for financial benefits are heavily increased. Currently mostly all banks in India and outside are sending text SMS directly to the customer handset for basic bank services without any security which can be accessed by any malicious person and can use this information for getting access to customer account. OTA (Over-the-air) mobile data can be hacked in network path from bank to customer mobile handset including MPIN, a password use for user identification in M-banking.Thus there is a need of secure and cost effective solution which can be easily provided on all types of handsets. Our objec tive is to provide cost effective, secure, fast M-banking solution combining features of cryptography. In this paper we have presented SMS based secure mobile banking with minimum cost using cryptography. II. M-BANKING CHANNELS M-banking can be executed using various channels like SMS, USSD, GPRS, WAP; Phone based Application, SIM Application. All of these channels are used separately or combined for various banking operations ISSN : 0975-4024 Dec 2011- Jan 2012 472Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 A. Short Message Service (SMS) SMS is the simplest form of mobile banking. It is largely used for information-based services. SMS has the maximum reach amongst consumers since all the mobile phones support SMS. Short messages are stored and forwarded by SMS centres. These messages have some security issues. B. Unstructured Supplementary Services Delivery (USSD) USSD is a technology unique to GSM. It is a capability built into t he GSM standard for support of transmitting information over the signalling channels of the GSM network.USSD provides session-based communication. Turnaround response times for interactive applications are shorter for USSD than SMS. In USSD, the interaction is in the form of a continuous session as opposed to SMS. USSD is available on all handsets. C. Wireless Application Protocol (WAP) / General Packet Radio Service (GPRS) GPRS is a packet-switched data service available to GSM users. GPRS enables services such as WAP access, Multimedia Messaging Service (MMS), and Internet communication services such as email and World Wide Web access in mobile phones. . WAP is wireless application protocol used over GPRS. It is similar to Internet banking.The consumerÃ¢â‚¬â„¢s handset needs to be WAP enabled. WAP banking is open to similar threats as Internet banking. D. Phone-based Application Phone based applications are developed in various languages like J2ME, . NET having advantages that it can use GPRS, USSD or SMS, MMS to carry the consumer data/instruction in an encrypted format and it is operator independent. These are secure application which resides on supported handset. E. SIM Application Tool Kit The SIM Application Toolkit allows for the service provider or bank to house the consumerÃ¢â‚¬â„¢s mobile banking menu within the SIM card. STK is the most secure method of mobile banking.It allows the bank to load its own encryption keys onto the SIM card with the bankÃ¢â‚¬â„¢s own developed application. III. CURRENT M-BANKING Even though various channels are available for M-banking most of the banks uses SMS as basic and cheap channel for basic banking operations. Currently all banks in India like ICICI, HSBC, SBI etc are not using any encryption techniques in SMS based M-banking system. They are using simple text based SMS for customer queries in which they directly send account information to customer only hiding some digits of account number which can be easily ha cked by any hacker or seen by anyone from message inbox.Even though some banks do provide some other channel like GPRS and WAP but cost of implementation is more and these facilities are not available on all types of mobile handset thus there is a need of secure and cost effective solution which can be easily provided on all types of handsets. A. Issues in M-banking 1) Lack of Standards: The lack of standards gives rise to lot of local and fragmented versions of m-payments offered by different stakeholders. Standards need to address security and privacy concerns of customers as well as interoperability between various implementations. ) Device constraints: There are technical issues related to the mobile devices . The mobile phones suffers from various constrains like less processing power and memory, bandwidth, short battery life , frequent disconnections, tiny screens, poor resolution and privacy issues. 3) Security Issues: Securing m-Commerce is even more difficult than wired tra nsaction. Device constraints raise the questions as to whether there will be adequate security for users without compromising the ease of use and speed.Current real time M-banking application of various banks uses plain text messages without any security algorithm for sending data hence any malicious user can access customer important data on mobile and used it for malicious purpose thus direct sending of data is not suggestible for M-banking. SMS are prone to spoofing and there are issues related to SMS encryption. However technology manufacturers are developing improved security for applications with authentication and encryption technologies and many claims that the ISSN : 0975-4024Dec 2011- Jan 2012 473 Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 transaction using mobile device is fully secure. There are many techniques for secure M-banking operations but major research work has been done on Cryptography and steganography techn iques. Cryptography is a process of converting plaintext data into cipher text using cryptographic algorithms. They insure basic security requirements like authentication, confidentiality, integrity and non-repudiation. B. Basics of Short Message ServiceShort Message Service (SMS) is the ability to send and receive text messages to and from mobile telephones. SMS was launched as a part of GSM1 standard. Each short message is up to 160 characters in length. The 160 characters can comprise of words, numbers, or punctuation symbols. Short Message Service is a store and forward service; this means that messages are not sent directly to the recipient but via a network SMS Centre. SMS comprises two basic point-to-point services as Mobile-originated short message (MO-SM) and Mobile-terminated short message (MT-SM).Mobile-originated short messages are transported from MOcapable handset to SMSC whereas Mobile-terminated short messages are transported from SMSC to the handsets. The figure no. 1 shows a typical organization of network elements in a GSM network supporting SMS. Fig. 1. Basic model of SMS based M-banking The benefits of SMS to subscribers are convenience, flexibility, and seamless integration of messaging services and data access, delivery of notifications and alerts, guaranteed message deliver, reliable, low-cost communication mechanism, increased subscriber productivity, delivery of messages to ultiple subscribers at a time. The SMSC (Short Message Service Centre) is the entity which does the job of store and forward of messages to and from the mobile station. The SME (Short Message Entity), which is typically a mobile phone or a GSM modem, can be located in the fixed network or a mobile station, receives or sends SMS. The SMSC usually has a configurable time limit for how long it will store the message. SMS Gateway SMS Gateway is an interface between software applications mobile networks.An SMS Gateway allows interfacing software applications to send and /or receive SMS messages over mobile network. A GSM Modem modulates outgoing digital signals from a computer or other digital device to signals for a GSM network and demodulates the incoming GSM signal and converts it to a digital signal for the computer or other digital device. IV. PROPOSED SOLUTION Current real time M-banking application of various banks uses plain text messages without any security algorithm for sending data in SMS banking hence any malicious user can access customer important data on mobile.Proposed secure M-banking is based on symmetric cryptographic techniques where common secret key is shared among bank customer and bank server. Proposed Architecture consists of 4 components as Customer Mobile application, Bank Server application, Bank side mobile / GSM Modem, Bank database and wireless OTA [1]. Our solution uses windows mobile as client application platform and . NET framework as server side software. Customer interested in using M-Banking facilities has to make registration only once with corresponding bank. Bank has all necessary details of customer in database.Bank sends CustomerÃ¢â‚¬â€œside mobile application developed for windows mobile to user. Application will be installed once on windows mobile supported handset. This application consists of Login screen along with get session key option, menu screen for bank services options, and encryption and decryption screens for outgoing and incoming secure SMS and send message screen to send SMS to server GSM handset /Modem. Application will be updated as and when bank updates it. ISSN : 0975-4024 Dec 2011- Jan 2012 474 Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479Bank will have GSM mobile Handset / GSM modem connected to bank application server. GSM handset will be connected to application server using either Bluetooth or USB cable having SIM card installed in it which has task of receiving, processing and replying customer SMS continuou sly. GSM handset/ modem are cheaper and can be easily installed but have slow speed for message handling which can be increased by connecting modem with SMSC centre over internet. Secure M-Banking server side application is developed in windows compatible environment like VB. NET which can be installed on bank application server.Application is consisting of SMS Service, Information Manage, Account Details Manage, User Request modules to receive and process secure encrypted message from customer mobile. SMS Service module is responsible for retrieving and replying secure SMS automatically whenever they reaches server GSM handset / Modem. Bank database consists of various tables storing customer details pertaining to his personal information, Account information and transaction information. Bank database stores customer confidential information like his MPIN, Mobile identification pin and encryption keys in encrypted and secure manner.We have discussed various major types of M-Banking channels as SMS, GPRS, WAP and USSD out of which every channel has own advantages and disadvantages. WAP and GPRS are good and provide session based security but they are handset dependent and also in rural part of India all mobile operators are not providing respective services. USSD is used along with SMS and requires separate infrastructure. Thus SMS channel is simple, easy to implement, cheaper and widely used channel which is device independent. Current SMS based M-banking service has many drawbacks s SMS is inherently developed in GSM for non-sensitive message transfer among users. Mutual authentication, text encryption, end-to-end security and non-repudiation is not present in design of GSM architecture [16]. Major issues with SMS based banking are SMS Spoofing which is an attack where malicious user sends out SMS message which appears to be sent by original sender. Current SMS architecture allows hiding original senderÃ¢â‚¬â„¢s address by altering respective field in origin al SMS header. Also SMS has encryption only during path from base transreceiver station and mobile station. End-to-end encryption is not available.V. IMPLEMENTATION We have implemented proposed solution in . NET platform for windows mobile in windows environment. Customer mobile application in . NET framework runs on supported windows mobile handset for which we have used HTC mobile and bank server application is running in . NET along with any GSM handset connected in Bluetooth / USB mode to it. We have added secure SMS structure which provides extra security along with satisfying security parameters. This secure SMS will add extra security features like cryptographic and hashing algorithm to satisfy confidentiality, integrity, authentication and non-repudiation.Our system is based on secure SMS protocol and it uses SMS as media to send and receive encrypted information. . A. Secure SMS Message Structure The secured SMS message is divided into multiple fieldsÃ¢â‚¬â„¢s to accommodat e for the various security checks required for the protocol. Figure no. 2 shows the structure overview for a secure SMS message. The use of each labelled structure is explained below. Account No. Session Key Cipher Text (6 digit) (Generated From MPIN) (Plain Text + MPIN) Message Digest Fig. 2. Secure SMS message Structure Secure SMS message structure proposed by us consists of 4 fieldsÃ¢â‚¬â„¢s as shown in above figure.Account Number: Ã¢â‚¬â€œ It is customer account number in bank which is first field used for authentication purpose. This information is stored in plain test format so that at the server end, information can be retrieved to get required keys from database. Session key: Ã¢â‚¬â€œ It is onetime key randomly generated from customer MPIN inputted in bank server database during M-Banking registration process. This key is stored in 2nd field of message. Customer makes a request to get session key from his handset to bank server. Bank server will reply this with encrypted ses sion keys stored in file, which will be stored on customer handset. ISSN : 0975-4024Dec 2011- Jan 2012 475 Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 Cipher Text: Ã¢â‚¬â€œ This text is created from combination of plain text and MPIN and stored in 3rd filed of message structure. Main idea behind this is to protect data from malicious attacker. As MPIN is most important data and from which session keys are created to be used for encryption and decryption purpose, hence it s send in encrypted manner. Message Digest: Ã¢â‚¬â€œ Message digest is used for checking integrity. Customer message digest is calculated from combination of plain text and MPIN and stored in 4th field of secure SMS.MD5 algorithm is used to calculate message digest on both ends. This received digest will be compared with calculated digest at bank server end , if not found of same size then message will be discarded as fake transaction and no message will be send to mobile handset from which request is sent. B. Sending Secure SMS from Client Mobile Whenever customer wish to make any transaction using M-banking, he will run application installed on handset and provide all necessary details. We have used 6 transactions for testing purpose and information collected from user on his handset is used to generate secure SMS.After registration customer will get mobile application installed once on his windows mobile. Customer will enter 4-digit MPIN which will be stored in server database in encrypted format using his password. For non-repudiation purpose we have added concept of one time session key. Server uses customer MPIN to generate session key randomly and again stored them in encrypted format. Customer runs the banking application and feed details of 6-digit account number, 4-digit MPIN and 4digit password and click button to get session key. Server sends generated session key to customer handset which will be stored in encrypted format on his handset.Customer goes to menu screen, chooses requires account type and type of transaction he wish to perform and goes to next screen. Mobile client application shows 4 entries on next screen consisting of session key received, generated fixed plain text message depending upon transaction chosen, cipher text created from combination of plain text and MPIN and 4-part secure message. Secure SMS contains account number in plain text, session key in encrypted format, cipher text created from plain text and MPIN and message digest calculated from message.Customer will send message to sever using as normal message. C. Receiving and Replying Secure SMS from Server Module Proposed Server is running on computer installed with required software like VB. NET, Windows mobile device centre and SDK, . NET compact framework, MS-access and Server side application. Server side application has four modules as SMS Service, Information Manage, Transaction Manage and User Requests. SMS service module retrieves SMS received at Server side handset and decode it to get original query send by customer.Server application process query, get required data from bank database and then sends it in encrypted format to customer mobile through bank side modem. Whenever Customer sends any secure SMS containing his transaction query to server side GSM Modem, Server application automatically retrieves secure SMS and deletes it from server attached handset to avoid flooding of message inbox. We have used ActiveX control for this purpose. Bank Server application splits received secure SMS in same 4-parts. Server reads first part, a plain text 6-digit account number and compares it with database stored account number.If match is not found, it will send message Ã¢â‚¬Å"Wrong Account NumberÃ¢â‚¬ to customer handset. If account match is found then server uses 2nd part of secure SMS, which is session key send by user to decrypt 3rd part of received secure SMS. After decrypting 3rd part of SMS, server application gets combination of plaintext as customer original transaction query followed by 4-digit MPIN. Server application compares received MPIN with stored MPIN from server table if a match is not found, will send message Ã¢â‚¬Å"Wrong Pin NumberÃ¢â‚¬ to customer handset.Server calculates message digest of 3rd part received using MD5 algorithm and compare it with received massage digest, 4th part of secure SMS to check for message integrity. If match is not found, server generates message on server side Ã¢â‚¬Å"Fake TransactionÃ¢â‚¬ and sends nothing to customer side handset as it may be off any malicious user. If all security checks are proper, Server application process query of customer and get required data from database encrypts data using session key received from customer and sends automatically to customer handset.VI. EXPERIMENTAL RESULTS We have developed two applications for client and server side. Mobile client application is developed using . NET compact framewor k and VB. NET, installed on windows mobile supported HTC mobile device. This application is used by customer for various M-banking transactions to send encrypted secure SMS to bank ISSN : 0975-4024 Dec 2011- Jan 2012 476 Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 Server and gets back encrypted reply from bank Server.Client and Server side application performs symmetric encryption and decryption using 256-bit AES symmetric encryption algorithm. MD5 algorithm is used for hashing purpose. Server side bank application is developed using VB. NET it uses SMS toolkit, an ActiveX control to retrieve and process secure SMS automatically. Server side application also contains certain modules for database management of customer account and transactions Normally symmetric cryptographic algorithm donÃ¢â‚¬â„¢t have non-repudiation as both party shares common secret key but we have used session key concept for maintaining non-repudiation propert y of encryption.Since Session key is used only once and created randomly, no two users can have common session key and it is created from MPIN, a master key which customer only knows so he cannot deny that he has done transaction. We have carried out 6 types of transaction including Account Balance, Mini transactions, Cheque Book Request, Cheque Stop request, Pay Bill and Fund Transfer. Following are some sample client application module. The figure no. 3 shows session key, user query in fixed plain text format, cipher text generated from combination of plain text and his MPIN and 4-part secure SMS message generated as per format discussed.This last message is sent to server. Fig. 3. Generating 4-Part Secure Message This secure SMS is retrieved by server side SMS service module. Server application split message and decrypt it to get original transaction query of customer. This query is processed to get response data from database which is firstly encrypted and then send to customer handset. Customer handset get auto reply from server side in cipher text, which is decrypted on mobile by client side application to get server response in plain text. The Figure no. 4 shows response obtained automatically from server for account balance.This reply consists of 3 parts. First part is common session key used by server and client. Second part is cipher text received from server application in secure manner. Third part is plain text message obtained after decrypting secure message received from server. Client mobile application uses 256-bit AES algorithm to decrypt message using common session key. This message will be hidden from customer and he will only get final query results in plain text format but for result purpose we have shown this screen. ISSN : 0975-4024 Dec 2011- Jan 2012 477Manoj V, Bramhe / International Journal of Engineering and Technology Vol. 3 (6), 2011, 472-479 Fig. 4. Secure Reply from Server To be a secure system, it must satisfy Confidentiality, Authentication, Integrity and Non-Repudiation Secure SMS system maintains confidentiality using AES cryptography and Non-Repudiation using session key. Here 3-factor authentication is used for authentication and security purpose whereas Message integrity is carried out using MD5 algorithm. VII. CONCLUSION AND FUTURE WORK We have implemented a secure SMS based Mobile Banking system.The system allows user to carry out all banking transaction securely from anywhere, anytime. All messages from user windows mobile are sent in encrypted format to bank server. Bank server decrypt message, process query and encrypt result in SMS. Server sends message to customer which will be decrypted on his handset. The evaluation of the system was studied for varying banking transaction and under various security threatening malicious activities were recorded. Performance of the transaction is studied. We have executed few banking transaction from HTC windows mobile and using VB.Net server side applicati on. We have used LG GSM mobile as server attached mobile device. Experiments shows that secure SMS Mobile banking provides cost effective and secure system with satisfying Confidentiality, Authentication, Integrity and Non-Repudiation using symmetric cryptography. Application can be used on any windows mobile supported handset from anywhere as no GPRS and WAP are required. We have implemented system using symmetric key AES algorithm. In future better power consumption algorithm like blowfish can be tried out.Steganogrpahy can also be applied for secure M-banking transactions. We can use concept of STK, SIM application toolkit where bank can stored the application and encryption keys on SIM. REFERENCES [1] [2] [3] [4] [5] Mohammad Shirali-Shahreza and M. Hassan Shirali-Shahreza, Ã¢â‚¬Å"Mobile banking Services in bank areaÃ¢â‚¬ , SICE Annual Conference 2007, Japan Martinez Borreguero, F. Javier and Chaparro Pelaez, Julian,Ã¢â‚¬ Spanish Mobile Banking Services: An Adoption StudyÃ¢â‚¬ , Proceedings of the International Conference on Mobile Business 2005.Mohammad Shirali-Shahreza,Ã¢â‚¬ Improving Mobile Banking Security Using Steganography Ã¢â‚¬Å", International Conference On Information Technology. Przemyslaw Krol, Przemyslaw Nowak, Bartosz Sakowicz,Ã¢â‚¬ Mobile Banking Services Based On J2ME/J2EEÃ¢â‚¬ , CADSMÃ¢â‚¬â„¢2007. Yousuf S. AlHinai, Sherah Kurnia and Robert B. Johnston,Ã¢â‚¬ Adoption of Mobile, Commerce Services by Individuals: A Meta-Analysis of the LiteratureÃ¢â‚¬ , Sixth International Conference on the Management of Mobile Business . ISSN : 0975-4024 Dec 2011- Jan 2012 478 Manoj V, Bramhe / International Journal of Engineering and Technology Vol. (6), 2011, 472-479 [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] T N T Nguyen, P Shum and E H Chua,Ã¢â‚¬ Secure end-to-end mobile payment SystemÃ¢â‚¬ . Ashutosh Saxena, Manik Lal Das and Anurag Gupta,Ã¢â‚¬ MMPS: A Versatile Mobile-to-Mobile Payment SystemÃ¢â‚¬ , Proceedings of the International Conference On Mobile Business 2005. Iuon-Chang Lin and Yang-Bin Lin,Ã¢â‚¬ An Efficient Steganography Scheme for M- CommerceÃ¢â‚¬ . Mohammad Shirali-Shahreza and M. Hassan Shirali-Shahreza, Ã¢â‚¬ Text Steganography in SMSÃ¢â‚¬ , 2007 International Conference on Convergence Information Technology.Sandeep Singh Ghotra, Baldev Kumar Mandhan, Sam Shang Chun Wei, Yi Song, Chris Steketee, Ã¢â‚¬ Secure Display and Secure Transactions Using a HandsetÃ¢â‚¬ , Sixth International Conference on the Management of Mobile Business. Jiehua Wang, Song Yuan, Ã¢â‚¬Å"A Novel Security Mobile Payment System Based On Watermarked Voice ChequeÃ¢â‚¬ . M. Shirali-Shahreza, Ã¢â‚¬Å"Stealth Steganography in SMSÃ¢â‚¬ , Proceedings of the third IEEE and IFIP International Conference on Wireless and Optical Communications Networks 2006.Kewin Chikomo, Ming Ki Chong, Alpan Arnab, Andrew Hutchison, Ã¢â‚¬Å"Security of Mobile BankingÃ¢â‚¬ . Dilla Salama Abdul Minaam. Hatem M. Abdul Kadir, Mohily Mohamed Hadhoud ,Ã¢â‚¬ Evaluating the effects of Symmetric Cryptographic algorithms on Power Consumption for different data typesÃ¢â‚¬ , International Journal of Network Security, Volume 11, September 2010. Managing the Risk of Mobile Banking Technologies, Bankable Frontier Associates. Deshpande Neeta, kamalapur Snehal,Ã¢â‚¬ Implementation of LSB Steganography and its Evaluation for various bitsÃ¢â‚¬ . ISSN : 0975-4024 Dec 2011- Jan 2012 479

Wednesday, October 23, 2019

Jane Austen: Emma

Ã¢â‚¬Å"I am going to take a heroine whom no one but myself will much likeÃ¢â‚¬ How does this comment by Jane Austen fit with your reading of her presentation of Emma? Today, we can interpret this remark as the recognition of a problem that was to be successfully overcome, instead of looking at it as an accurate prediction. Readers like the author's niece, Fanny Knight, who could Ã¢â‚¬Å"not bear Emma herselfÃ¢â‚¬ have been in the minority. Most readers, myself included, have liked Emma Woodhouse and the novel that bears her name. It is an intricate, complex and perfectly achieved work that takes an apparently trivial matter Ã¢â‚¬â€œ Ã¢â‚¬Å"3 or 4 Families in a Country VillageÃ¢â‚¬ , in Austen's famous phrase Ã¢â‚¬â€œ and makes it captivating, involved and rich with meaning. During this essay I intend to outline what Jane Austen means by Ã¢â‚¬Å"heroineÃ¢â‚¬ , and explain how Emma fits this title. I shall explore why Austen feels her character will not be liked, and yet what defies these intentions and regardless encourages the generally felt affection towards Emma. Jane Austen nurtures many issues during her novel, I need to examine them, and decide on their relevance to the characters position. Jane Austen's use of Ã¢â‚¬Ëœheroine' in her comment outlines who the chief character of the story is, in this book we immediately discover its Emma Woodhouse. The book is justly named Emma, as the whole thing is Emma. There is only one short scene where Emma herself is not on stage; and that one scene is Knightley's conversation about her with Mrs Weston, proving she has a very dominant role. As readers we would usually expect the heroine of the story to be the most courageous, clever or perhaps even the most blasphemous. They usually have an attribute that sets them apart from everyone else. In this book though, Emma is mainly a figure of fun. We see the gradual humiliation of self-conceit through a long succession of disasters Ã¢â‚¬â€œ serious in effect, but written comically throughout. The disasters occur through Emma's absurdities, her snobberies, her intrinsic honesty and her misdirected mischievous conduct. The reader feels affection for the character not because of her charms , but in defiance of her defects as she develops this rogue image. Her features allow her to take rank not with the Ã¢â‚¬Ëœsympathetic' heroines, but as the culminating figure of English high comedy. The word Ã¢â‚¬Ëœheroine' can also be used to describe someone much admired for their bravery. In my view, this ironically can also be applied to interpret Jane Austen's comment, and even Emma herself. Perhaps she doesn't demonstrate bravery of a courageous format, but she does show brave recognition of her faults, which could be employed to give her the title of a Ã¢â‚¬Ëœheroine' in her own way. Jane Austen creates a wonderfully flawed heroine. Had Emma been perfect, her situation would have been of no interest to anyone; her flaws are what interest both reader and critic. The basic movement of Emma is from delusion to self-recognition, from illusion to reality. In the beginning she is loveable enough, but has much to learn. It takes supreme courage on Austen's behalf to portray a girl, meant to win and keep the reader's fancy, with the characteristics frankly ascribed to Emma Woodhouse. During the time period of both Austen and Emma the world was a male-dominated place, to centre the attention of the story on a woman was a daring move, but Jane Austen wanted to do something different. The narration opens by telling us all about the privileged heroine, Ã¢â‚¬Å"handsome rich and clever,Ã¢â‚¬ personally giving me the image of an insufferable young lady.We are allowed to know that she is pretty; not formally, but casually, from the words of a partial friend; Ã¢â‚¬Å"Such an eye! Ã¢â‚¬â€œ the true hazel eye Ã¢â‚¬â€œ and so brilliant! Ã¢â‚¬â€œ regular features, open countenance, with a complexion Ã¢â‚¬â€œ ah, what a bloom of full health and such a pretty height and size; such a firm and upright figure.Ã¢â‚¬ But, before we are allowed to see her personal beauty, we are made to see some of the destined troubl ing qualities. In her wish to be useful she is patronizing and a little conceited; her self-sufficiency early appears along with the irony of her willingness to have a hand in the future of others, despite having little knowledge or experience of her own to do it judiciously. Jane Austen's ironic voice throughout the book provides humour and logical thinking. Irony is defined as an absurd contradiction or paradox, a form of humour where someone says the opposite of what is obviously true. The ironic actions of Emma Woodhouse show one of her faults, for example her Ã¢â‚¬Ëœmatchmaking'. Ã¢â‚¬Å"It was foolish, it was wrong to take so active a part in bringing any two people together. It was adventuring too far, assuming too much, making light of what ought to be serious, a trick of what ought to be simple. She was quite concerned and ashamed, and resolved to do such things no more.Ã¢â‚¬ There is a special element of irony in this statement. Even as Austen has Emma relinquish the strategies of matchmaking, Austen condemns her heroine to continue thinking social relationships over and over again, repeating her misreading of sexual relations throughout the book. This is to emphasis the dislike we should be feeling towards Emma. Her complacent manner should evoke a feeling of frustration, instead, in my opinion, we see the funny side, predicting the outcome of Emma's actions, and knowing it's destined to go disastrously wrong. Emma's exclusive attention to marriage plots of her own devising is consistent with her inability to enter into a relation of equality with other women. Her obsession with arranging marriages distorts the relationship with her good friend Harriet Smith, and blinds her from other relational possibilities. The connection with Mrs Weston was never based on equality, she is grateful to her governess/friend for her guidance and education, the relationship is lacking in true parity. The great attraction of Harriet, beyond her blonde beauty and easily swayed temper, was that Ã¢â‚¬Å"everythingÃ¢â‚¬ could be done for her. Emma's failure to bond with Jane Fairfax (her exact equal in age, abilities and sense) could also to a certain extent be due to her preoccupation with the marriage plot. Friendship between women is necessarily difficult in this period where the aim is to accomplish a husband. Rivalry for a husband of authority and worthiness is visible. Mrs Elton's marriage puts her into competition with all other women in her society and gives her precedence even over Emma Woodhouse; this makes her liable to judgement: Ã¢â‚¬Å"She did not really like her. She would not be in a hurry to find fault, but she suspected that there was no elegance; Ã¢â‚¬â€œ ease, but not elegance. Ã¢â‚¬â€œ She was almost sure that for a young woman, a stranger, a bride, there was too much ease. Her person was rather good; her face not unpretty; but neither feature, nor air, nor voice, nor manner, were elegant. Emma thought at least it would turn out so.Ã¢â‚¬ Emma values herself highly enough to make many judgements during the book, another flaw, as usually they are incorrect, and only get Emma into more difficulty. Her judgements are formed on the bases of social status and backhand gossip, instead of individual qualities and personality. It emphasises her pretentiousness and a lack of understanding. The limitation and narrowness of the Highbury world shows the limitation of class society. The class divisions are apparent throughout, and highly relevant to the attitude and treatment one will receive. Different ranks are distinguished by degrees of prestige, and one is judged to be worthy or not from the possessions they own. A real example of Emma's incorrect and unjustified assessment of a person is of Robert Martin. Her cutting remarks show qualities of vanity, ignorance and meanness; Ã¢â‚¬Å"He is plain, undoubtedly Ã¢â‚¬â€œ remarkably plain: Ã¢â‚¬â€œ but that is nothing compared with his entire want of gentility. I had no right to expect much; but I had no idea that he could be so very clownish, so totally without air. I had imagined him, I confess, a degree or two nearer gentilityÃ¢â‚¬ As far as Emma is concerned the class is wrong for her young friend, nothing else needs to come into consideration, he is already not good enough. Her attitude is patronising, and should make us think poorly of her, but instead we tolerate her interfering, and enjoy the product of it. Her abusing of Miss Bates with her cruel remark reveals a different side to the Emma, undoubtedly a nastier side. Yet Emma's rudeness strangely expresses energy and excitement. The unexpected outburst causes the reader to wake up and take note. We don't hate her for her comment; instead we share her guilt, and secretly admire her for this more mischievous person. Emma Woodhouse indisputably casts a real attraction over most of her readers, but how and why? The plot of the book has been described by some as Ã¢â‚¬Å"uneventfulÃ¢â‚¬ and Ã¢â‚¬Å"nothing profoundÃ¢â‚¬ . One critic stated, Ã¢â‚¬Å"there is no story whatever, and the heroine is no better than other people; but the characters are all so true to life, and the style so piquant, that it does not require the adventitious aids of mystery and adventureÃ¢â‚¬ Despite these comments, to look at Emma's strengths is firstly a way of understanding her desirability. She is a very loving character, exposed through her faithfulness and kindness towards her father, and the attention she gives to the poor. She has a love of children, which becomes clear with the intense adoration shown towards her nieces and nephews, qualities that only strengthen her appeal. Interestingly enough, Emma could also be seen as a role model for women readers. She stubbornly demonstrates a resistant figure to the woman stereotype of the time, unusually showing a more masculine behaviour, or as we may see it, a more modern behaviour. Her squabbles and quick-witted retorts towards Mr Knightly show her intelligence, but also her unconcerned approach towards playing the typical 18th century woman; Mr Knightley: I leave you to your own reactions Emma: Can you trust me with such flatters? Her constant strength and vitality are alluring, and bring energy to the book. Emma's an imaginist Ã¢â‚¬Å"on fire with speculation and foresightÃ¢â‚¬ , giving her a playful, fun appearance, another beneficial quality. Lastly, Emma is bright girl, meaning we don't question her intelligence when things go wrong, just her naivety. She was never deceived about her sexual feelings during the book, and never deceived herself into feeling emotions that weren't there like Harriet seemed to. This emphasised her maturity, and made me, as the reader, value her actions and opinions more then, for example, Harriet's. In the book Emma seems to get everything and everyone wrong, yet her vulnerability is strangely attractive, and is one reason for my approval of her. The much irony directed at her is setting her up to be judged, irony in itself, as she is usually the one doing the judging. What she often thinks of other people is commonly true for her, and therefore classes her on the same level as everyone else. She is the heroine of the book, and proves so with conviction and success. However, to be a disliked heroine is mistaken. Because the book is told from her view constantly, allowing us to understand the character, and sympathise with her wrongdoings instead of judging her for them. Despite foreseeing when something is going to go wrong, we assume it will all turn out okay in the end, and predict there can only be a happy conclusion. Her officiousness and capacity for deluding herself only bulk out the story to make it more exhilarating, while also making Emma a fully rounded character, one which most readers cannot deny, like very much indeed.