| fullrecord |
[{"key": "dc.contributor.advisor", "value": "Pekkala, Kaisa", "language": "", "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Elfvengren, Patrik", "language": "", "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2023-03-09T06:00:09Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2023-03-09T06:00:09Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2023", "language": "", "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/85915", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Avoimen tiedon saatavuudesta on tullut tavoiteltava arvo kaikilla aloilla. T\u00e4m\u00e4 p\u00e4tee my\u00f6s rahoitusalaan, jossa EU on ennakoinut t\u00e4m\u00e4n suhteen ja asettanut rajat toiminnalle toisen maksupalveludirektiivin muodossa (PSD2). T\u00e4m\u00e4 direktiivi edellytt\u00e4\u00e4 pankkeja avaamaan heid\u00e4n API-rajapintansa kolmansien osapuolien maksupalveluiden tarjoajille, jotka voivat t\u00e4m\u00e4n avulla tuoda parannettuja palveluita markkinoille k\u00e4ytt\u00e4en pankin asiakkaiden pankkitietoja heid\u00e4n luvallansa. T\u00e4m\u00e4 direktiivi lis\u00e4\u00e4 l\u00e4pin\u00e4kyvyytt\u00e4 ja kilpailua pankkisektorilla. API (Application programming interface) on teknologia, jonka avulla kaksi eri ohjelmaa voi keskustella kesken\u00e4\u00e4n ja l\u00e4hett\u00e4\u00e4 tietoa k\u00e4ytt\u00e4en yhteist\u00e4 kielt\u00e4. T\u00e4m\u00e4 rajapinta on direktiiviss\u00e4 mainittu suositeltavana teknologiana. API-rajapintojen yleisempi\u00e4 tietoturvariskej\u00e4 on tutkittu laajasti ja ne kuvataan my\u00f6s t\u00e4ss\u00e4 tutkielmassa. Toisen maksupalveludirektiivin my\u00f6t\u00e4 on my\u00f6s syntynyt Open banking -k\u00e4site (OB), joka kuvaa t\u00e4t\u00e4 PSD2 mukaista toimintamallia universaalimpana k\u00e4sitteen\u00e4. T\u00e4m\u00e4 toimintamalli her\u00e4tt\u00e4\u00e4 luontaisesti huolta k\u00e4ytt\u00e4jien kallisarvoisten pankkitietojen turvallisuudesta, kun kolmansille osapuolille annetaan mahdollisuus k\u00e4ytt\u00e4\u00e4 asiakkaiden tilitietoja palveluiden tuottamisessa. T\u00e4ss\u00e4 tutkielmassa tunnistettiin kirjallisuuskatsauksen muodossa n\u00e4it\u00e4 mahdollisia riskej\u00e4 API-rajapinnan teknisell\u00e4 ja organisatorisella k\u00e4ytt\u00f6\u00f6nottoon liittyv\u00e4ll\u00e4 tasolla ker\u00e4\u00e4m\u00e4ll\u00e4 tietoa olemassa olevasta tutkimustiedosta aiheesta. Aihetta ei ole entuudestaan tutkittu viel\u00e4 riitt\u00e4v\u00e4sti, johtuen koko ilmi\u00f6n tuoreudesta. T\u00e4m\u00e4 tutkielma auttaa tunnistamaan olemassa olevia riskej\u00e4 OB API-rajapintojen kehitt\u00e4miseen ja yll\u00e4pitoon liittyen.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Open access to information has become value to be pursued in every industry. This also applies to financial industry, where EU has anticipated this by set-ting the boundaries for operating in the form of a second payment directive (PSD2). This directive requires banks to open their APIs to third-party pay-ment service providers, who can then offer enhanced products to marketplace by using the customers\u2019 account information with their consent. This directive increases transparency and competition in the banking sector. API (Applica-tion programming interface) is a technology, that allows two programs to communicate with each other and transfer data by using a common language. This interface technology is being recommended in the directive. APIs most common information security risks has been studied broadly and they are also discussed in this study. With the concept of PSD2 there has also arisen the concept of Open banking (OB), which represents the PSD2 way of working in a much universal concept. This model naturally raises worries for the security of the valuable customers banking information, when the third parties are given the chance to use customers account information in providing services. In this study these possible risks were recognized on the technical level and on the organizational implementation related level by gathering information from already existing research data in the form of a literature review. This subject has not been yet studied enough, due to the novelty of this phenome-non. This study helps to recognize existing risks in OB API development and management.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Paivi Vuorio (paelvuor@jyu.fi) on 2023-03-09T06:00:09Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2023-03-09T06:00:09Z (GMT). No. of bitstreams: 0\n Previous issue date: 2023", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "26", "language": "", "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "open banking", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "PSD2", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "API", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "Open banking API-rajapintojen tietoturvariskit", "language": "", "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "bachelor thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202303092075", "language": "", "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Bachelor's thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Kandidaatinty\u00f6", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietoj\u00e4rjestelm\u00e4tiede", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Information Systems Science", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_7a1f", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "bachelorThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": "", "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "ohjelmointirajapinnat", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoturva", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "pankit", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}]
|