Sven and the Art of Computer Maintenance is the personal site of Sven Kiljan. Here I publish what interests me either professionally or personally.
The best way to describe my profession is as a blend of information science and information security. Currently I work at CCV Nederland in the Security & Compliance group of the Competence Center Hosting business unit. CCV provides payment services for brick and mortar shops and webshops. Some of the supported payment options include major credit cards (Mastercard, Visa, American Express), and both international and local online payment systems (PayPal, SEPA Credit Transfer, iDEAL, Bancontact).
Formally, my function composes Security Information and Event Management (SIEM). To secure and govern an IT infrastructure it is required to monitor both authorized and unauthorized changes in and between systems and networks. CCV has to conform to the security standards set and audited by the payment industry. One such standard is the Payment Card Industry Data Security Standard (PCI DSS). SIEM can provide information required for both security and compliance. Governed information security is important to know that we are doing the right thing. Compliance is important to know that we are doing the right thing for the right reasons. Ideally, compliance is an inherited result of proper information security controls. Therefore, I also propose, design, and implement improvements to the infrastructure.
Before my current position I worked as a PhD candidate at Open University of the Netherlands in the Kennisprogramma Veiligheid Digitaal Betalingsverkeer (Research Program on Safety and Security of Online Banking), a research program hosted by an academical partnership between NHL University of Applied Sciences and Politieacademie known as Lectoraat Cybersafety. My daily work was conducted at Radboud University in Nijmegen where I worked in the Digital Security research group of the Faculty of Science under supervision of my promoter, Marko van Eekelen.
I received my doctor's degree in June 2017. My research consisted of exploring, expanding and evaluating usable security in online banking. For exploration, I examined 80 banks worldwide on which user authentication methods they employed for home and mobile banking, as well as on the applied communications security measures. A proposal was suggested by me to expand the existing options that banks have to authenticate transactions initiated by users, termed What You Enter Is What You Sign. This is a more secure and usable alternative to the well known What You See Is What You Sign transaction authorization scheme. Also, I proposed two methods to compare and evaluate existing and new online banking authentication methods. My PhD thesis can be found here.
My e-mail address can be derived from: <first name>@<last name>.org
For those who do not have any experience reading syntaxes:
- Start by entering my first name.
- Add an @ sign to the end.
- Add my last name to the end.
- Finally, add a period and the letters o, r and g to the end (in that order).
Some technical site information
The underlying platform of this site is provided by Ghost. The layout is based on starter by byfortress. This site is hosted on the Internet through nginx on Arch Linux ARM running on a Raspberry Pi 3.
Some links on this site can redirect a browser to third-party sites when followed. Whatever they offer is something I cannot vouch for at anytime. I recommend uBlock Origin to protect one's security, privacy and sanity when exploring the world wide web in the 21st century. uBlock Origin is available for Mozilla Firefox, Chromium and Google Chrome, and Microsoft Edge.