Tesi sul tema "Trust by the way of security"

While not uncontested, the finding that liberal democracies rarely, if ever, fight wars against each other represents one of the seminal discoveries of international relations (IR) scholarship. Nevertheless, 'democratic peace theory' (DPT) – the body of scholarship that seeks to explain the democratic peace finding – still lacks a satisfactory explanation for this phenomenon. In this thesis, I argue that a primary source of this failure has been DPT's failure to recognize the importance of collective identification and trust for the eventuation of the 'liberal peace'. Building on existing DPT scholarship, most of it Realist or Rationalist in its inspiration, but also employing insights from Constructivist and Cognitivist scholarship, I develop a new model of how specific forms of collective identification can produce specific forms of trust. On this basis, I elaborate a new explanation of the liberal peace which sees it as arising out of a network of trusting liberal security communities. I then elaborate a new research design that enables a more rigorous and replicable empirical investigation of these ideas through the analysis of three historical cases studies, namely the Canada-USA, India-Pakistan, and France-Germany relationships. The results of this analysis support the plausibility of my theoretical framework, and also illuminate four additional findings. Specifically, I find that (1) IR scholarship needs a more nuanced understanding of the interaction between agents and structures; (2) 'institutionalized collaboration' is especially important for promoting collective identification; (3) DPT scholarship needs to focus more attention on the content of the narratives around which collective identification takes place; and (4) dramatic events play an important role in collective identification by triggering what I term catharses and epiphanies. I close the thesis by reviewing the implications of my findings for IR and for policymakers and by suggesting some areas worthy of additional research.

Partant du constat que l’affectation en garantie de la monnaie est aujourd’hui susceptible de revêtir de multiples qualifications et d’obéir à des régimes tout aussi divers, selon que la monnaie est analysée comme un bien corporel ou incorporel et selon que les sommes affectées en garantie sont ou non confondues dans le patrimoine du créancier, cet essai propose d’adopter une conception unifiée de la monnaie susceptible de la soumettre à un régime simplifié d’affectation en garantie qui, sans faire fi de l’irréductible dualité tenant au caractère individualisé ou non des sommes d’argent, est appelé à remplacer les actuels gage de choses fongibles, nantissement de compte, nantissement de créance ou fiducie-sûreté sur créances et sommes d’argent, par un unique nantissement de monnaie. Les modalités de constitution de ce nantissement seront propres à évincer les sempiternelles querelles sur le caractère ou non translatif de propriété du « gage-espèces » puisque la confusion des sommes nanties dans le patrimoine du créancier nanti opérera un démembrement de propriété sui generis qui, s’apparentant à un quasi-usufruit à titre de garantie, ne conférera au créancier ni un simple droit de préférence, ni un droit de propriété plein et entier, ni même un droit comparable à celui d’un fiduciaire, mais un droit de disposer à titre provisoire grevant temporairement la propriété restée entre les mains du constituant. Ses conditions de constitution ainsi clarifiées, le nantissement de monnaie pourra se réaliser plus rapidement et plus efficacement par la reconstitution de la propriété démembrée entre les mains du constituant ou du créancier nanti, selon que la dette garantie aura ou non été payée, sans même qu’il soit besoin s’interroger sur le fait de savoir s’il faut recourir à l’attribution judiciaire ou conventionnelle ou à la compensation
As the law stands, security rights in money are likely to be subject to different legal treatment, depending on whether money is regarded as a tangible asset or as an intangible asset, and depending on whether sums of money as a guarantee are assimilated with the secured creditor’s property or not. Taking this observation as its starting point, the present essay suggests adopting a unified approach of legal nature of money, that is likely to justify that money should be subject to a simplified security regime. Without ignoring that it is bound to be dual, depending on whether sums of money as a guarantee are separated from the secured creditor’s property or not, this security regime would be called upon to replace the present fungible assets, bank account and receivables pledge agreements, and also security trust on receivables and money, with a single money pledge agreement.The rules of the lodging of this money pledge agreement will be designed to eliminate the never-ending debates as to whether the “cash collateral” vests ownership of the encumbered money in the secured creditor, or not. Indeed, the assimilation of the encumbered sums of money with the secured creditor’s property will involve a sui generis division of the ownership rights that will be like an irregular usufruct by way of collateral, and that will grant the creditor neither mere preferential rights, nor ownership rights, nor any right similar to the right of a security trustee, but the right to dispose of money provisionally. This right of disposal will encumber temporarily the ownership rights that will remain in the hands of the grantor of the security.The rules of its lodging being therefore clarified, the rights granted by the money pledge agreement will be enforced more quickly and more effectively since the divided ownership of money will be reconstructed in the hands of the grantor of the security or in the hands of the secured creditor, depending on whether the secured debt will be paid or not, and without there being a need to wonder if the rights granted by the pledge have to be enforced either through judicial or contractual award of the right of ownership, or through legal, judicial or contractual compensation

The usage of cloud services is increasing for each day. This applies to private persons which store pictures and documents, as well as bigger corporations whom outsource parts of, or all, handling of their ICT infrastructure to cloud providers. Despite the continuous increase in application, there are still substantial security concerns among current and potential cloud users. Much of the concerns are due to lack of transparency to how the cloud providers maintain and process the user data. Motivated by this, multiple cryptographic schemes has been proposed to provide users with confidence that their data are maintained as agreed upon, without the necessity of changing the architecture of the cloud provider. In this master thesis we have studied some of these cryptographic schemes, and performed a practical and economical analysis on one of them, the hourglass scheme. The hourglass scheme utilizes economical incentives to provide the cloud provider with reasons to act as agreed upon. Through implementation of hourglass functionality we identified that the validity of the scheme is dependent on resource pricing by the cloud provider, together with the actual implementation. Based on the hourglass scheme and observations while studying the different schemes, we propose a new cryptographic scheme applying to deletion of data in the cloud. Remote deletion is a challenging task to prove, but we argue that our approach will deliver the user of a cloud service comfort that the actual data in the cloud has been deleted by the cloud provider.

The emerging concept of vehicular platooning with trust is a promising solution to deal with ever-growing computational and communication demands of connected vehicles. The most important concept introduced in any technology is trust, this has previously been imbibed into the platoon with the use of a centralized trust evaluating infrastructure. The introduction of trust evaluation using a decentralized model is not in widespread use, which makes it a challenging task to be included in the fast-varying feature of vehicular environment. This thesis discusses incorporation of a decentralized trust evaluation architecture (without a separate infrastructure) within a platoon, and a method to develop trust in the communication between the fellow platoon members with the help of a feedback system in place which is used to evaluate the trust of the platoon members and the platoon leader on the vehicle which joins the platoon newly. This trust model has been implemented in the case of VANET’s initially, for the purpose of group leader selection this model also includes the concept of direct and indirect trust among the vehicles. The results obtained show that the stability and the performance of the platoon drastically improve in the case of a decentralized mechanism, compared to a normal platoon with general characteristics. Keywords: Trust management, Feedback system, Platoon, Decentralized architecture, VANET, Trust model.

La mondialisation et la spécialisation de la chaîne d'approvisionnement des circuits intégrés (CI) ont conduit les entreprises de semi-conducteurs à partager leur précieuse propriété intellectuelle (PI) avec de nombreuses parties pour les faire fabriquer, tester, etc. En conséquence, les PI et les CI sensibles sont exposés à des parties potentiellement malveillantes, ce qui entraîne de graves menaces de piratage telles que la contrefaçon ou la retro ingénierie. Dans cette thèse, nous développons des méthodes pour sécuriser les IP/CI analogiques et mixtes contre les menaces de piratage dans la chaîne d'approvisionnement. Nous proposons une méthodologie anti-piratage pour verrouiller les circuits intégrés mixtes via l'application de logic locking à leur partie numérique. En outre, nous proposons une méthodologie contre la rétro ingénierie camouflant la géométrie effective des composants de layout. Enfin, nous proposons une attaque pour contourner toutes les techniques de verrouillage des circuits analogiques qui agissent sur la polarisation du circuit. Les techniques présentées ont le potentiel de protéger les circuits analogiques et mixtes contre une grande partie de tous les scénarios de risque possibles tout en infligeant de faibles coûts en termes de surface, de puissance et de performance
The ongoing globalization and specialization of the integrated circuit (IC) supply chain has led semiconductor companies to share their valuable intellectual property (IP) assets with numerous parties for means of manufacturing, testing, etc. As a consequence, sensitive IPs and ICs are being exposed to untrusted parties, resulting in serious piracy threats such as counterfeiting or reverse engineering. In this thesis we develop methods to secure analog and mixed signal IPs/ICs from piracy threats within the supply chain. We propose an anti-piracy methodology for locking mixed-signal ICs via logic locking of their digital part. Furthermore, we propose an anti-reverse engineering methodology camouflaging the effective geometry of layout components. Finally, we propose an attack to break all analog circuit locking techniques that act upon the biasing of the circuit. The presented techniques have the potential to protect analog and mixed-signal circuits against a large subset of all the possible risk scenarios while inflicting low overheads in terms of area, power and performance

The thesis aims to develop a theoretical perspective for studying illegal protection-seeking migration, and possible responses to this movement adopted by the receiving communities. Using the security dilemma as the framework of analysis, the discussion will be conducted through the theoretical perspective provided by emancipatory security theory. The thesis has three parts. In Part I, the insecurity experienced by illegal sub-Saharan protection-seekers during their journey will be analyzed based on some accounts publicized by various civil society organizations. Part II will develop the theoretical perspective by combining the literatures on refugee and forced migration studies, security dilemma theorizing, normative approaches in IR, and trust-building in world politics. Key concepts such as ‘protection-seeker’ and ‘cosmopolitan trust’ will be developed. In Part III, the logics of immigration security dilemma will be illustrated with special reference to illegal sub-Saharan protection-seeking migration in the EU. The thesis will conclude that Europe’s immigration security dilemma in relation to illegal sub-Saharan protection-seekers can be transcended through building cosmopolitan trust, which manifests itself as Kantian hospitality.

One of the dominant properties of a global computing network is the incomplete information available to principals about each other. This was the motivation of using the notion of probabilistic trust as an approach to security sensitive decision making in modern open and global computing systems. In such systems any principal A uses the outcomes of past interactions with another principal B to construct a probabilistic model approximating the behaviour of B. Using this model, the principal A can take decisions regarding interactions with B by estimating its future actions. Many existing frameworks adopt the so-called ‘Beta model’. The main limitation of these frameworks is that they assume the behaviour of any principal to be fixed, which is not realistic in many cases. In this thesis, we first address the application of probabilistic trust to optimise security protocols, and specifically give an example where the Crowds anonymity protocol is extended to use trust information. We then address the problem of evaluating probabilistic trust in principals exhibiting dynamic behaviours. In this respect, we formally analyse the ‘exponential decay’ technique as an approach to coping with principals’ dynamic behaviours. Given the identified limitations of this technique, a more general framework for trust and reputation is introduced. In this framework, Hidden Markov Models (HMMs) are used for modelling the dynamic behaviours of principals. This framework is formally analysed in terms of a notion of ‘estimation error’. Using an experimental approach based on Monte-Carlo methods to evaluate the expected estimation error, the introduced HMM-based framework for trust and reputation is compared to the existing Beta framework. The results show in general that the latter is getting more promising in evaluating trust in principals (‘trustees’) having dynamic behaviours as longer sequences of observations are available about such trustees.

With Cloud Computing becoming a popular term on the Information Technology (IT) market, security and accountability has become important issues to highlight. In our research we review these concepts by focusing on security risks with Cloud Computing and the associated services; Software, Platform and Infrastructure (SPI) and connecting them with a social study of trust.

The method that was conducted during our research was reviewing secondary literature, interviewing different experts regarding Cloud Computing and relating standards already established by ENISA, NIST, and CSA to the interviews.

The result of this study shows connections between the specific SPIs, both how they compare, but also how they differ. In the end we were also able to rank the top security risks from interviews with experts and see which SPI could be the most insecure one and  what countermeasures could be applied.

This was further related to trust and Service Level Agreement (SLA) in Cloud Computing to show how the security risks we discuss are related to these two specific areas. By highlighting this we wanted to present useable information for both clients and providers in how to create a better Cloud Computing environment.

Emergent networks like mobile ad hoc networks, sensor networks, opportunistic networks, peer-to-peer networks and social networks are introducing new and exciting opportunities of communication between people and devices. But these dynamic networks also introduce many security- and privacy-related challenges. When dealing with complex and dynamic environments, information about the current level of security or privacy, expressed in a quantified manner, could be of great value in a decision-making process. In order to derive such quantified measures there is a need for mathematical models for security, privacy and trust. The development, application and evaluation of such models are the topics of this thesis. In order to obtain quantitative measures of security, a state modeling approach, which has traditionally been used to model dependable systems is used. The modeling is based on the view that the notions of security and dependability are integrated concepts, both describing aspects of trustworthy computer systems. The state modeling allows for a probabilistic evaluation of the security of the system, which can be used for security quantification, prediction, risk assessment, intrusion detection and intrusion prevention. The first part of the thesis describes a real-time risk assessment method for computer networks using hidden Markov modeling. Hidden Markov models are well suited for the modeling of sensor trustworthiness in an intrusion prevention system, and as a result of this research, a new method for aggregation of intrusion detection alerts from multiple intrusion detection systems is proposed. New security metrics for computer networks, such as computer network risk, the mean time to next intrusion and the intrusion frequency, are derived from the Markov models. Hidden Markov models are also used for supporting the actions of agents in dynamic networking environments who are faced with significant degrees of uncertainty in making decisions. Assuming access to perfect information about the environment and the properties of the interacting partners is unrealistic, but if agents are able to establish appropriate trust in each other, the decisions-making process would be facilitated and the risk associated with the interactions could still be acceptable. Trust may also play a significant role for the efficient operation of more general multiagent systems. A novel trust model based on hidden Markov modeling and reinforcement learning has been developed, where the measuring of agent trustworthiness is based on the predicted state probability distribution. Trust modeling is also used as a basis for a decentralized reputation system suitable for dynamic multiagent environments.As infrastructures are gradually becoming more intelligent, trust may play an increasingly important role in the interactions between network components. A trust-based security extension to the mobile ad hoc network dynamic source routing protocol is given, where the state probability of a node, according to its corresponding hidden Markov model, is being used for deciding the node’s trustworthiness. Nodes with different trustworthiness may be offered different service levels based on a trust policy. Since network services normally will be denied to untrusted nodes, an incentive for nodes not to misbehave is created. Users in dynamic networking environments like mobile ad hoc networks would be particularly exposed to threats against their privacy since they have limited control over the trustworthiness of network nodes that handle the messages sent. Appropriate privacy enhancing cryptographic mechanisms, which can be trusted to work as intended, are required to handle this problem. A novel approach to quantifying the amount of privacy that is offered by anonymous ad hoc routing protocols using conditional entropy is given, which takes into account the proportion of adversarial nodes and includes the a priori knowledge of the attacker.

With the development and growth of mobile technologies, mobile phones enable users to perform a number of different tasks with their devices: from sending simple text messages, checking e-mails and browsing the internet, to running elaborated applications. Nowadays, the mobile phone platform creates great opportunities for businesses, especially due to its capabilities and population coverage: the number of mobile subscriptions approaches global population figures. In order to explore such opportunities, most banks have already launched their mobile applications and/or re-designed mobile version of their websites. One of the benefits of using mobile banking is the possibility for users to carry out bank transactions, such online payments or transfers, at anytime and anywhere. Expectations for the adoption of mobile banking were high; however, it represents about 20% of mobile phone users at the present. One factor has been recognised as being a strong reason for users not to adopt mobile banking: their concerns about security. This dissertation focuses on the relationship between the trust users have in mobile banking and the security risks that the use of mobile devices potentially pose. A questionnaire was created in order to gather users’ perception of security about mobile banking, and its results compared with recognised security issues.

This is a study of how IT-Security experts build trust and cooperate within and across organisations. The key research questions are 1) how do these specialists learn to trust others, and 2) why their preferences and strategies evolved the way they did. Using qualitative interviews and quantitative network analysis, the project finds that in this microcosm of risk-aware specialists, cooperation is rational due to complexity and uncertainty, while social control mechanisms are overly costly. In order to ascertain who is trustworthy and skilled, IT-Security specialists take precautions and then screen and probe potential co-operators thoroughly by querying and triangulating multiple information sources. Experts believe that generally, trusting individuals is possible, while they tend not to trust organisations as such, due to their complexity, and their political and economic incentives. Thus, when having to rely on organisations, security experts combine bureaucratic means, like standard compliance and performing audits, with their preferred approach based on interpersonal trust, networks, and individual assessment. Nevertheless, IT-Security experts efficiently manage assessment means and comprehensiveness. The in-depth network study of a security team finds that advice is given based on shared experience and nationality, while friendship nominations are value-driven: besides a strong tendency to not nominate anyone, the smaller group of those who see value in official certifications and education tend to nominate fewer friends, distinctly shunning those who consider these signals unimportant. This finding speaks to the growing institutionalisation and professionalisation of IT-Security caused by sector growth and state in- volvement. Most interviewees oppose this development, which is seen to water down security objectives. This thesis is based on primary data: expert interviews with specialists from over 30 countries, and longitudinal network data from an IT-Security team. The interviews explore how trust and cooperation are established, while the network data are used to quantitatively investigate network evolution.

With the cloud computing increasing in popularity by providing a massive number of services such as recourses and data center, the number of attacks is increasing. Security is a basic concern in cloud computing, and threats can occur both internally and externally. Users can access the cloud infrastructure for software, operating systems, and network infrastructure provided by the cloud service providers (CSPs). Evaluating users? behavior in the cloud-computing infrastructure is becoming more important for both cloud users (CSs) and the CSPs that must ensure safety for users accessing the cloud. Because user authentication alone is not enough to ensure the users? safety and due to the rise of insider threats, the users? behavior must be monitored. User-behavior trust plays a critical role in ensuring the users? authenticity as well as safety. To address the research problem, we proposed two models to monitor the users? behavior in the cloud and then to calculate the users? trust value. The proposed models improve the current trust models. Our proposed models address the issue of trust fraud with the concept of ?slow increase.? The proposed models deal with malicious conduct by constantly aggravating the penalty approach (principle of ?fast decline?). The proposed models reflect the users? latest credibility through excluding the expired trust policy in the trust calculation. The proposed models evaluate users based on a large amount of evidence which ensures that the users? trust value is stable. We generate a dataset to simulate audit logs containing the designed user-behavior patterns. Thus, we use the dataset to evaluate our proposed models.

Nous vivons aujourd’hui dans l'ère cybernétique où de nouvelles technologies naissent chaque jour avec la promesse de rendre la vie humaine plus confortable, pratique et sûre. Parmi ces nouvelles technologies, l'informatique mobile se développe en influençant la vie de l’utilisateur. En effet, les plates-formes mobiles (smartphone, tablette) sont devenues les meilleurs compagnons de l’utilisateur pour mener à bien ses activités quotidiennes, comme les activités commerciales ou de divertissement. En jouant ces rôles importants, les plates-formes mobiles doivent opérer dans des environnements de confiance. Dans cette thèse, nous étudions la sécurité des plates-formes mobiles en passant d’un niveau de sécurité primitif qui s’appuie sur les plates-formes de confiance, à un niveau plus sophistiqué qui se base sur de l’intelligence bio-inspirée. Plus précisément, après avoir abordé les défis du cloud computing mobile (MCC), nous développons une étude de cas appelée Droplock pour le cloud mobile et nous étudions son efficacité énergétique et ses performances pour illustrer le modèle MCC. En outre, en s’appuyant sur les plates-formes de confiance (comme les TPM), nous avons introduit un nouveau schéma d'attestation à distance pour sécuriser les plates-formes mobiles dans le contexte du cloud mobile. Pour améliorer le niveau de sécurité et être adaptatif au contexte, nous avons utilisé de la logique floue combinant un système de colonies de fourmis pour évaluer la confiance et la réputation du cloud mobile basé sur la notion de cloudlets
As living in the cyber era, we admit that a dozen of new technologies have been born every day with the promises that making a human life be more comfortable, convenient and safe. In the forest of new technologies, mobile computing is raise as an essential part of human life. Normally, mobile devices have become the best companions in daily activities. They have served us from the simple activities like entertainment to the complicated one as business operations. As playing the important roles, mobile devices deserve to work in the environment which they can trust for serving us better. In this thesis, we investigate the way to secure mobile devices from the primitive security level (Trusted Platforms) to the sophisticated one (bio-inspired intelligence). More precisely, after addressing the challenges of mobile cloud computing (MCC), we have studied the real-case of mobile cloud computing, in terms of energy efficiency and performance, as well as proposed a demonstration of particular MCC model, called Droplock system. Moreover, taking advantages of trusted platform module functionality, we introduced a novel schema of remote attestation to secure mobile devices in the context of Mobile-Cloud based solution. To enhance the security level, we used fuzzy logic combining with ant colony system to assess the trust and reputation for securing another mobile cloud computing model based on the cloudlet notion

Les menaces pour la sécurité matérielle trouvent leur origine dans la chaîne d'approvisionnement en circuits intégrés (IC) massivement mondialisée et basée sur l'externalisation que nous connaissons aujourd'hui. Le coût prohibitif de la possession d'une fonderie de semi-conducteurs de haut niveau oblige les sociétés de conception de circuits intégrés à opter pour la sous-traitance de la fabrication, l'assemblage et le test de leurs circuits. L'externalisation de ces tâches intensifie le risque d'attaques de piratage de IC et d'insertion de chevaux de Troie matériels (HT), et ces deux menaces se traduisent par des pertes de savoir-faire et des pertes financières pour le propriétaire du IC. En outre, les systèmes sur puce (SoC) complexes sont construits en intégrant des noyaux de propriété intellectuelle (IP) de tiers provenant de plusieurs fournisseurs de IP. Cependant, les intégrateurs de SoC et les fournisseurs de IP ont une relation de confiance déséquilibrée. Alors que les fournisseurs de IP sont vulnérables à la surutilisation de la IP, au clonage de la IP et à la surproduction de IC, les intégrateurs de SoC craignent d'intégrer des IP infectées par des HT dans leurs systèmes. Nous proposons une méthodologie de conception pour la sécurité basée sur le verrouillage. Nous développons une méthodologie de verrouillage spécifique aux émetteurs-récepteurs RF. Pour évaluer la sécurité des circuits intégrés sans fil, nous proposons une attaque HT qui fait fuir des informations sensibles de l'émetteur au cours d'une transmission légitime
The origin of the hardware security threats is the massively globalized and outsourcing-based Integrated Circuit (IC) supply chain that we see today. The prohibitively cost of owning a first-rate semiconductor foundry forces IC design houses to go fabless and outsource their IC fabrication, assembly, and testing. Outsourcing these tasks intensifies the risk of IC piracy attacks and Hardware Trojan (HT) insertion, and both threats translate into know-how and financial losses for the IC owner. Moreover, complex Systems-on-Chip (SoCs) are built by integrating third-party Intellectual Property (IP) cores from multiple IP providers. However, SoC integrators and IP providers have an imbalanced trust relationship. While IP providers are vulnerable to IP overuse, IP cloning, and IC overproduction, SoC integrators fear integrating HT-infected IPs into their systems. We propose a locking-based design-for-security methodology. In addition, we develop an RF transceiver-specific locking methodology that consists in two spatially separated mechanisms. inserting a locking mechanism into the circuit that unlocks with a single secret key in the form of a digital word. To assess the security of wireless ICs, we propose an HT attack that leaks sensitive information from the transmitter within a legitimate transmission

Nous vivons aujourd’hui dans l'ère cybernétique où de nouvelles technologies naissent chaque jour avec la promesse de rendre la vie humaine plus confortable, pratique et sûre. Parmi ces nouvelles technologies, l'informatique mobile se développe en influençant la vie de l’utilisateur. En effet, les plates-formes mobiles (smartphone, tablette) sont devenues les meilleurs compagnons de l’utilisateur pour mener à bien ses activités quotidiennes, comme les activités commerciales ou de divertissement. En jouant ces rôles importants, les plates-formes mobiles doivent opérer dans des environnements de confiance. Dans cette thèse, nous étudions la sécurité des plates-formes mobiles en passant d’un niveau de sécurité primitif qui s’appuie sur les plates-formes de confiance, à un niveau plus sophistiqué qui se base sur de l’intelligence bio-inspirée. Plus précisément, après avoir abordé les défis du cloud computing mobile (MCC), nous développons une étude de cas appelée Droplock pour le cloud mobile et nous étudions son efficacité énergétique et ses performances pour illustrer le modèle MCC. En outre, en s’appuyant sur les plates-formes de confiance (comme les TPM), nous avons introduit un nouveau schéma d'attestation à distance pour sécuriser les plates-formes mobiles dans le contexte du cloud mobile. Pour améliorer le niveau de sécurité et être adaptatif au contexte, nous avons utilisé de la logique floue combinant un système de colonies de fourmis pour évaluer la confiance et la réputation du cloud mobile basé sur la notion de cloudlets
As living in the cyber era, we admit that a dozen of new technologies have been born every day with the promises that making a human life be more comfortable, convenient and safe. In the forest of new technologies, mobile computing is raise as an essential part of human life. Normally, mobile devices have become the best companions in daily activities. They have served us from the simple activities like entertainment to the complicated one as business operations. As playing the important roles, mobile devices deserve to work in the environment which they can trust for serving us better. In this thesis, we investigate the way to secure mobile devices from the primitive security level (Trusted Platforms) to the sophisticated one (bio-inspired intelligence). More precisely, after addressing the challenges of mobile cloud computing (MCC), we have studied the real-case of mobile cloud computing, in terms of energy efficiency and performance, as well as proposed a demonstration of particular MCC model, called Droplock system. Moreover, taking advantages of trusted platform module functionality, we introduced a novel schema of remote attestation to secure mobile devices in the context of Mobile-Cloud based solution. To enhance the security level, we used fuzzy logic combining with ant colony system to assess the trust and reputation for securing another mobile cloud computing model based on the cloudlet notion

Le contrat de crédit-bail est une technique de financement par laquelle le crédit-bailleur acquiert la propriété d’un bien en vue de le louer au crédit-preneur qui dispose d’une option d’achat au terme de la période irrévocable de location. Dans l’hypothèse où une procédure collective est ouverte à l’encontre du crédit-preneur, le crédit-bailleur se trouve nécessairement affecté. Le droit des entreprises en difficulté offre à l’organe compétent la possibilité d’exiger la continuation du contrat de crédit-bail, sans aucune autre contrepartie que l’exécution du contrat aux conditions initiales. Il est encore possible au tribunal d’imposer au crédit-bailleur la cession de son contrat lorsqu’un plan de cession est envisagé. Le crédit-bailleur devra par ailleurs veiller à la préservation de ses intérêts en procédant, comme tout créancier à la déclaration de ses créances nées antérieurement au jugement d’ouverture, alors qu’une seconde déclaration de créances pourra être nécessaire le cas échéant, lorsque le contrat est poursuivi au-delà du jugement d'ouverture. En sa qualité de propriétaire du bien objet de la convention de crédit, le crédit-bailleur dispose néanmoins d’une véritable possibilité d’être désintéressé d’une partie de ses créances. Il convient cependant que sa qualité de propriétaire soit opposable à la procédure collective. La propriété autant que le bail se trouvent, dans ce contexte, détournés de leurs rôles naturels. La propriété du crédit-bailleur n’a d’autre fin que la garantie de l’opération, ce qui conduit à établir un parallèle avec la clause de réserve de propriété et la fiducie-sûreté
A finance lease arrangement is a financing technique whereby the financial lessor acquires ownership of a property for the purpose of leasing it to the lessee who has a call option at the end of the irrevocable rental period. In the event that a collective procedure is opened against the lessee, the financial lessor is necessarily affected. The firms in financial distress rights offers the competent body the possibility of requiring the financial lease arrangement’s continuation, with no consideration other than the contract’s execution under its initial conditions. It is also possible for the court to require the financial lessor to transfer its contract when a disposal plan is considered. The financial lessor must also ensure the preservation of its interests by reporting, like any other creditor, its accounts payable arising prior to the opening judgment, while a second declaration of claims may be necessary where appropriate, when the contract is continued beyond the opening judgment. As the owner of the property, subject of the credit agreement, the financial lessor nevertheless has a real opportunity of being disinterested of part of its receivables. However, its owner status must be opposable to the insolvency proceedings. Property as well as the lease are, in this context, diverted from their natural roles. The financial lessor’s ownership is then limited to the transaction’s guarantee, which leads to establish a parallel between the title retention clause and the trust by way of security

Wireless sensor networks are emerging as effective tools in the gathering and dissemination of data. They can be applied in many fields including health, environmental monitoring, home automation and the military. Like all other computing systems it is necessary to include security features, so that security sensitive data traversing the network is protected. However, traditional security techniques cannot be applied to wireless sensor networks. This is due to the constraints of battery power, memory, and the computational capacities of the miniature wireless sensor nodes. Therefore, to address this need, it becomes necessary to develop new lightweight security protocols. This dissertation focuses on designing a suite of lightweight trust-based security mechanisms and a cooperation enforcement protocol for wireless sensor networks. This dissertation presents a trust-based cluster head election mechanism used to elect new cluster heads. This solution prevents a major security breach against the routing protocol, namely, the election of malicious or compromised cluster heads. This dissertation also describes a location-aware, trust-based, compromise node detection, and isolation mechanism. Both of these mechanisms rely on the ability of a node to monitor its neighbors. Using neighbor monitoring techniques, the nodes are able to determine their neighbors’ reputation and trust level through probabilistic modeling. The mechanisms were designed to mitigate internal attacks within wireless sensor networks. The feasibility of the approach is demonstrated through extensive simulations. The dissertation also addresses non-cooperation problems in multi-user wireless sensor networks. A scalable lightweight enforcement algorithm using evolutionary game theory is also designed. The effectiveness of this cooperation enforcement algorithm is validated through mathematical analysis and simulation. This research has advanced the knowledge of wireless sensor network security and cooperation by developing new techniques based on mathematical models. By doing this, we have enabled others to build on our work towards the creation of highly trusted wireless sensor networks. This would facilitate its full utilization in many fields ranging from civilian to military applications.

Approved for public release; distribution is unlimited.
A major goal of using any security protocol is to create certain beliefs in the participants. A security protocol will use techniques like cryptography to guarantee some things, but it will still require a participant to make assumptions about other things that the protocol cannot guarantee; such assumptions often constitute trust in other participants. In this thesis, we attempt to precisely identify the required assumptions of some example protocols. In the process, we find that we must consider the names that participants use to reason about each other. It turns out that naming is a complex topic with a rich body of philosophical work, and we apply some ideas from this work to the problem of identifying security protocols' required assumptions. Finally, we begin work on a mathematical model of protocols and beliefs to which a formal logic of belief could be applied. The model is left incomplete because of some unresolved problems with modeling belief caused by the design requirement that the model's elements have clear operational meanings. The solution of these problems is left as future work.

Active networks are a possible Internet architecture for the future. They provide network users with more flexibility by allowing them to customise and control the behaviour of networks dynamically. Internet Friendly Active Network (IFAN) is an active network architecture based on the existing IP architecture. In this thesis a practical implementation of an active network node is presented, named IFAN Virtual Router (IFAN VR). IFAN VR is a software framework built on an IFAN node in IFAN networks, providing researchers, developers and users with an IFAN test-bed. The main modules of the IFAN VR and IFAN packet formats are described, and some IFAN protocols are proposed. Some IFAN applications have been implemented to demonstrate the concepts of the IFAN architecture and test the IFAN VR.

Videoconferencing is increasingly becoming a trend worldwide in applications where clients need to access lectures, meeting proceedings, communicating with family and friends etc. It provides a platform enabling the visual, audio and video communication between clients. The aim of this project is to utilize the open source Java software to build a desktop application enabling communication between clients. When a user needs to transfer a secured file, it’s unsafe to send it using social networking sites because of lack of security. So, with the “Multi-Way Communication System” (MWCS) we resolve some security issues. The MWCS is a highly secure way for file transfer, text and video conferencing.

Small changes in an established system can result in larger changes in the overall system (e.g. network effects, émergence, criticality, broken Windows theory). However, in an immature discipline, such as computer security, such changes can be difficult to envision and even more difficult to amplement, as the immature discipline is likely to lack the scientific framework that would allow for the introduction of even minute changes. (Cairns, P. and Thimbleby, H, 2003) describe three of the signs of an immature discipline as postulated by (Kuhn, 1970): a. squabbles over what are legitimate tools for research b. disagreement over which phenomenon are legitimate to study, and c. inability to scope the domain of study. The research presented in this document demonstrates how the computer security field, at the time this research began, was the embodiment of thèse characteristics. It presents a cohesive analysis of the intentional introduction of a séries of small changes chosen to aid in maturation of the discipline. Summarily, it builds upon existing theory, exploring the combined effect of coordinated and strategie changes in an immature system and establishing a scientific framework by which the impact of the changes can be quantified. By critically examining the nature of the computer security system overall, this work establishes the need for both increased scientific rigor, and a multidisciplinary approach to the global computer security problem. In order for these changes to take place, many common assumptions related to computer security had to be questioned. However, as the discipline was immature, and controlled by relatively few entities, questioning the status quo was not without difficulties. However, in order for the discipline to mature, more feedback into the overall computer security (and in particular, the computer malware/virus) system was needed, requiring a shift from a mostly closed system to one that was forced to undergo greater scrutiny from various other communities. The input from these communities resulted in long-term changes and increased maturation of the system. Figure 1 illustrates the specific areas in which the research presented herein addressed these needs, provides an overview of the research context, and outlines the specific impact of the research, specifically the development of new and significant scientific paradigms within the discipline.

Thesis (Ph.D.)--Electrical and Computer Engineering, Georgia Institute of Technology, 2009.
Committee Chair: Owen, Henry; Committee Co-Chair: Abler, Randal; Committee Member: Copeland, John; Committee Member: Giffin, Jon; Committee Member: Hamblen, Jim.

Overlay networks are a technique to build a new network on top of an existing one. They are a key tool to add functionality to existing networks, and are used in different layers of the Internet stack for a wide variety of purposes, like confidentiality, Quality of Service, virtual networking, etc. Specifically, network overlays in the IP networking layer are widely used in some of these use cases. However, these kind of overlay networks do not have as many functionalities as overlays in other layers. For example, thanks to the Zero Trust Networking paradigm it is possible to build secure overlay networks at L7 using HTTPS. Taking this into account, this thesis strives to add new features and improve on others of IP overlay networks, in order to support emerging challenges. This thesis focuses on three axes: security, trust, and deployment in enterprise scenarios. First, regarding security, we explore how to simplify the setup of secure tunnels over the Internet, without relying on external Public Key Infrastructure or proprietary solutions. To this purpose, we leverage WireGuard, a state of the art VPN protocol, and add a control plane on top of it to distribute encryption keys. In addition, we present the implementation of a prototype and a performance evaluation. Second, with respect to trust, we investigate how emerging blockchain technology can be used in distributed mapping systems. Mapping systems are a database used in some overlay network deployments to assist in the creation of tunnels, by storing overlay to underlay pairs of addresses. Mapping systems are not commonly used in scenarios with multiple administrative domains, due to configuration complexity and centralized control. We explore how some of the properties of blockchains, such as distributed control, or auditability, can help in building these type of mapping systems. We take into account both the policy aspects, that is, the advantages of a distributed trust scheme, and the technical ones, like simplified management. In addition, we present two deployment scenarios: one to increase the security of BGP-based inter-domain routing, and a set of cooperating companies that want to establish communications among themselves. Finally, we focus on the deployment of enterprise networks leveraging overlay networks. First, we discuss the challenges present in current enterprise networks, such as segmentation, mobility, or simplified operations. Then, we present a design based on overlay networks and SDN principles to address them, along with an evaluation of two real-life deployments. We conclude with a design tailored for future enterprise networks, based also on overlay networks and a layered approach. This solution aims to provide mobility, multi-homing, confidentiality, user and application identity, and access control policies for enterprise endpoints connected from any network, either in the campus or outside.
Les xarxes superposades o overlays són una tècnica per a construir una xarxa sobre una d'existent. Són una eina fonamental per a afegir funcionalitat a xarxes ja existents, i es fan servir en diferents capes de la pila de protocols d’Internet per a diferents objectius, com ara confidencialitat, Qualitat de Servei, virtualització de xarxes, etc. Específicament, les xarxes superposades a la capa de xarxa IP es fan servir àmpliament per alguns d’aquest casos d’ús. No obstant, aquest tipus de xarxes superposades no tenen tanta funcionalitat com overlays en altres capes. Per exemple, gràcies al paradigma Zero Trust és possible construir xarxes superposades segures a la capa 7 amb HTTPS. Tenint això en compte, aquesta tesi vol afegir noves funcionalitats i millorar-ne d’altres en xarxes IP superposades, amb l’objectiu d’afrontar nous reptes. Aquesta tesi es centra en tres eixos: seguretat, confiança i desplegament en escenaris de xarxes empresarials. En primer lloc, pel que fa a seguretat, explorem com simplificar la configuració de túnels segurs a través d’Internet, sense dependre duna infraestructura de clau pública externa o de solucions propietàries. Per a aquest objectiu, utilitzem WireGuard, un protocol VPN d’última generació i li afegim un pla de control per a distribuir les claus d’encriptació. A més, presentem la implementació d’un prototip i una avaluació del seu rendiment. En segon lloc, respecte la confiança, investiguem com les tecnologies emergents basades en cadenes de blocs (blockchain) es poden fer servir en sistemes de mapatge distribuïts. Els sistemes de mapatge són una base de dades que es fa servir en alguns desplegaments de xarxes superposades per a ajudar en la creació dels túnels; normalment guarden parelles d’adreces que tradueixen l’adreça de la xarxa superposada a la de la xarxa de sota. Els sistemes de mapatge no es solen utilitzar en escenaris amb múltiples dominis administratius, degut a la complexitat de la configuració i a la centralització del seu control. En aquesta part explorem com algunes de les propietats de les cadenes de blocs, com el control distribuït o l’auditabilitat poden ajudar a construir aquests tipus de sistemes de mapatge. Tenim en compte tant els aspectes polítics, és a dir, els avantatges d’un esquema de confiança distribuït, com tècnics, per exemple, una gestió més simple. A més, presentem dos escenaris de desplegament: un per a incrementar la seguretat de l'enrutament basat en BGP entre diferents dominis, i un altre d’un conjunt d’empreses que cooperen per a establir comunicacions entre elles. Finalment, ens centrem en el desplegament de xarxes per a empreses fent servir xarxes superposades. En primer lloc, detallem els reptes que hi ha actualment a les xarxes per a empreses, per exemple, segmentació, mobilitat o simplificació de les operacions. A continuació, presentem un disseny basat en xarxes superposades i principis SDN que aborda els reptes que hem mencionat, a més d’una avaluació de dos desplegaments reals. Acabem amb una solució dissenyada per a les xarxes empresarials del futur, també basat en xarxes superposades i una aproximació per capes. Aquesta solució està dirigida a oferir mobilitat, connexió simultània (multi-homing), confidencialitat, identitat de l’usuari i l'aplicació, i polítiques de control d’accés per a dispositius connectats des de qualsevol xarxa, sigui des de l'oficina o des de fora.
Las redes superpuestas u overlays son una técnica para construir una nueva red encima de una ya existente. Son una herramienta clave para añadir funcionalidad a redes existentes, y se usan en diferentes capas de la pila de protocolos de Internet para una gran variedad de propósitos, como confidencialidad, Calidad de Servicio, redes virtuales, etc. Específicamente, las redes superpuestas en la capa de red IP son ampliamente usadas para algunos de estos casos de uso. No obstante, este tipo de redes no disponen de tantas funcionalidades como redes superpuestas en otras capas. Por ejemplo, gracias al paradigma Zero Trust es posible construir redes superpuestas seguras en la capa 7 usando HTTPS. Teniendo esto en cuenta, esta tesis tiene como objetivo añadir nuevas funcionalidades y mejorar otras de las redes IP superpuestas, con el propósito de afrontar los nuevos retos que van apareciendo. Esta tesis se centra en tres ejes: seguridad, confianza y despliegue en escenarios empresariales. En primer lugar, y respecto a la seguridad, exploramos cómo simplificar la configuración de túneles seguros a través de Internet, sin usar una infraestructura de clave pública externa o soluciones propietarias. Para este objetivo, utilizamos WireGuard, un protocolo VPN de última generación, y le añadimos un plano de control para distribuir las claves de encriptado. Además, presentamos la implementación de un prototipo y una evaluación de rendimiento. En segundo lugar, en relación a la confianza, investigamos como las tecnologías emergentes basadas en cadena de bloques (blockchain) se pueden usar en sistemas de mapeado distribuidos. Los sistemas de mapeado son una base de datos que se utiliza en algunas redes superpuestas para ayudar en la creación de los túneles. Normalmente, estos sistemas guardan parejas de direcciones que traducen direcciones de la red superpuesta a la de la red subyacente. Los sistemas de mapeado no son muy utilizados en escenarios con múltiples dominios administrativos, debido a la complejidad de la configuración y a la centralización del control. En esta parte exploramos como algunas de las propiedades de las cadenas de bloques, como el control distribuido, o la auditabilidad, pueden ser de ayuda en la construcción de este tipo de sistemas de mapeado. Tomamos en consideración tanto los aspectos políticos, esto es, las ventajas de un esquema de confianza distribuido, como los técnicos, por ejemplo, una gestión más simple. También presentamos dos escenarios de despliegue: uno para aumentar la seguridad del enrutamiento basado en BGP entre diferentes dominios, y otro de un conjunto de empresas que cooperan para establecer conexiones entre ellas. Finalmente, nos centramos en el despliegue de redes empresariales usando redes superpuestas. En primer lugar, detallamos los retos que existen hoy en día en las redes empresariales, por ejemplo, segmentación, movilidad, o simplificación de las operaciones. A continuación, presentamos un diseño basado en redes superpuestas y principios SDN que aborda los retos que hemos mencionado, junto con la evaluación de dos despliegues reales. Concluimos con una solución diseñada para las redes empresariales del futuro, basada también en redes superpuestas y una aproximación por capas. Esta solución tiene como propósito ofrecer movilidad, conexión simultánea (multi-homing), confidencialidad, identificación de usuario y aplicación, y políticas de control de acceso para dispositivos conectados desde cualquier red, sea en la oficina o fuera.
Arquitectura de computadors

La généralisation des circuits intégrés et plus généralement de l'électronique à tous les secteurs d'activité humaine, nécessite d'assurer la sécurité d'un certain nombre de systèmes critiques (militaire, finance, santé, etc). Aujourd'hui, l'intégrité de ces systèmes repose sur un éventail d'attaques connues, pour lesquelles des contremesures ont été développées.Ainsi, la recherche de nouvelles attaques contribue fortement à la sécurisation des circuits électroniques. La complexité toujours croissante des circuits, permise par les progrès dans les technologies silicium, a pour conséquence l'apparition de circuits occupant de plus en plus de surface. La retro-ingénierie est donc une étape souvent obligatoire menée en amont d'une attaque afin de localiser les périphériques et autres régions d'intérêts au sein du circuit visé. Dans cet objectif, l'étude présenté dans ce document propose de nouvelles méthodes d'imagerie infrarouge. En particulier, il est démontré que l'analyse statistique des mesures infrarouge permet d'automatiser la localisation des régions électriquement active d'un circuit. Aussi, une nouvelle méthode de comparaison statistique d'image infrarouge est proposée. Enfin, ces résultats sont acquis au moyen d'une plateforme de mesure faible cout, permettant de détecter toute activité électrique possédant une consommation supérieure à 200µW
The generalization of integrated circuits and more generally electronics to everyday life systems (military, finance, health, etc) rises the question about their security. Today, the integrity of such circuits relies on a large panel of known attacks for which countermeasures have been developed. Hence, the search of new vulnerabilities represents one of the largest contribution to hardware security. The always rising complexity of dies leads to larger silicon surfaces.Circuit imaging is therefore a popular step among the hardware security community in order to identify regions of interest within the die. In this objective, the work presented here proposes new methodologies for infrared circuit imaging. In particular, it is demonstrated that statistical measurement analysis can be performed for automated localization of active areas in an integrated circuit.Also, a new methodology allowing efficient statistical infrared image comparison is proposed. Finally, all results are acquired using a cost efficient infrared measurement platform that allows the investigation of weak electrical source, detecting power consumption as low as 200 µW

Inter-organisational trust is increasingly important among supply chain participants, where threats are building up from sources out of organisational control. The same problem is faced in the cyber security field, where threat level increases from the changes outside organisational boundaries. Each value chain participating in the supply chain must be secured. Trust building is mandated among all trust network members. The business interaction between supply chain participants is enabled by building inter-organisational trust first. This study provided ways to build this inter-organisational trust by considering steps to take in information security management system (ISMS) implementation. ISMS is set of processes, documentation, activities and resources that together secure assets within an organisation. It must be assembled to support strategic business goals and comply selected requirement criteria. Due to different ways and purposes, organisations implement ISMS’s and obtain the security standard certification; it is not a proof of secure business processes or trust per se. Instead, it is a good starting point for trust building. This study used narrative literature review to find supporting and resisting elements of inter-organisational trust that can consider in ISMS. The study limited the research into a very narrow area between information processing science, behaviour sciences and discipline of management. The research found several elements (102) that can be considered in ISMS to have the effect to interorganisational trust building. The findings were categorised using ISO/IEC 27001 (2013) ISMS implementation steps to provide concrete support for security professionals. There are none or very limited number of research literature on exact combined topic of inter-organisational trust building and ISMS. The multidisciplinary phenomenon of information security coupled with inter-organisational trust requires more attention from the research community. Schools teaching information security should develop their course coverage to support this multidisciplinary phenomenon in several view points, not just from their own discipline to achieve producing suitable resources for the industry
Yritysten välinen luottamus on yhä tärkeämpää toimitusketjuihin osallistuvien organisaatioiden keskuudessa, missä uhat syntyvät yritysten tietoturvakontrollien ulkopuolelta. Sama ongelma kohdataan kyberturvallisuudessa, missä uhkataso kasvaa muutoksista organisaatiorajojen ulkopuolella. Jokaisen toimitusketjuun osallistuvan on suojauduttava. Luottamuksen rakentamisen tehtävä on kaikkien jäsenien yhteinen asia luottamusverkostossa. Toimitusketjuun osallistuvien on rakennettava organisaatioiden välinen luottamus ennen liiketoiminnan aloittamista. Tässä tutkimuksessa tarjotaan keinoja kehittää organisaatioiden välistä luottamusta tietoturvallisuuden hallintajärjestelmän toteuttamisessa. Tietoturvallisuuden hallintajärjestelmä koostuu prosessien, dokumentaation, toimintojen ja resurssien yhdistelmästä, mitkä yhdessä turvaavat tietovarannot organisaation sisällä. Se on koostettava tukemaan liiketoiminnan strategisia tavoitteita ja täyttää valitut kriteeristöt. Koska tietoturvallisuuden hallintajärjestelmiä sertifioidaan eri tavalla, sekä eri tarkoituksia varten, niin sertifioitu standardi ei itsessään takaa turvallisia liiketoimintaprosesseja, vaan se toimii hyvänä lähtöpisteenä luottamuksen rakentamiselle. Tässä tutkimuksessa sovellettiin kirjallisuuskatsausta yritysten välisten luottamusta edistävien ja estävien elementtien löytämiseksi, mitä tietoturvallisuuden hallintajärjestelmän toteutuksessakin voitaisiin soveltaa. Tutkimus toteutettiin rajatulla alueella tietojenkäsittely-, käyttäytymis-, sekä hallintotieteiden yhtymäkohdassa. Tutkimus löysi useita elementtejä (102), mitkä huomioimalla tietoturvallisuuden hallintajärjestelmässä voidaan vaikuttaa yritysten välisen luottamuksen rakentamiseen. Löydökset jaoteltiin ISO/IEC 27001 (2013) tietoturvallisuuden hallintajärjestelmän toteutusaskelien mukaisesti, jotta tulokset tukisivat parhaiten tietoturvallisuuden asiantuntijaa konkreettisella tasolla. Tutkimuspapereita ei ole yhtään, tai niitä on hyvin rajoitetusti missä tietoturvallisuuden hallintajärjestelmän ja yritysten välisen luottamuksen rakentaminen yhdistetään. Monitieteinen tietoturvan ilmiö yhdistettynä yritysten välisen luottamuksen rakentamiseen vaatii enemmän huomiota tiedeyhteisöltä. Tietoturvallisuutta kouluttavien oppilaitosten tulisi kehittää tietoturvallisuuden kurssitarjontaansa tukemaan monitieteellistä lähestymistapaa ei vain oman tutkimusalan näkökulmaa, jotta teollisuus saisi sopivampia resursseja käyttöönsä

The growth of eCommerce is being hampered by a lack of trust between providers and consumers of Web-based services. While Web trust issues have been addressed by researchers in many disciplines, a comprehensive approach has yet to be established. This thesis proposes a conceptual trust-profiling framework???W3TF???which addresses issues of trust and user confidence through a range of new user-centred trust measures???trust categories, trust domains, transitivity of trust, fading factor analysis, standalone assessment, hyperlinked assessment and relevance assessment. While others now use the concept of transitivity of trust, it was first introduced by this research in 1998. The thesis also illustrates how W3TF can narrow the gap/disconnection between the hierarchical PKI trust environment and the horizontal Web referral environment. The framework incorporates existing measures of trust (such as Public Key Infrastructure), takes account of consumer perceptions by identifying trust attributes, and utilises Web technology (in the form of metadata), to create a practical, flexible and comprehensive approach to trust assessment. The versatility of the W3TF is demonstrated by applying it to a variety of cases from trust literature and to the hypothetical case study that provided the initial stimulus for this research. It is shown that the framework can be expanded to accommodate new trust attributes, categories and domains, and that trust can be ???weighed??? (and therefore evaluated) by using various mathematical formulae based on different theories and policies. The W3TF addresses identified needs, narrows the gaps in existing approaches and provides a mechanism to embrace current and future efforts in trust management. The framework is a generic form of trust assessment that can help build user confidence in an eCommerce environment. For service providers, it offers an incentive to create websites with a high number of desired trust attributes. For consumers, it enables more reliable judgments to be made. Hence, Web trust can be enhanced.

Master of Science
Department of Computing and Information Science
Eugene Vasserman
Since the early 2000s, Internet users have continuously fallen prey to the perils of identity theft and malware . A number of tools have been proposed and implemented to foster trust towards deserving websites and alert users of undeserving websites, including P3P and trust seals. Each of these has fallen short, with studies showing that users simply do not use them. TrustVoucher is a prototype system o forge bonds of trust between users and websites by automatically determining if the website is backed by a trusted third party. Inspiration is taken from the real life way of trusting businesses, in which one aggregates recommendations by friends. TrustVoucher protects users who are attentive to its messages by informing them of sites who have put forth the effort to be endorsed by a trusted third party. An experimental study was performed on the effectiveness of the chosen interface for doing this, and determined that users did not consistently trust the recommendations of TrustVoucher, so future work will explore options for gathering the trust of users to distribute among websites.

This work modifies Shamir’s algorithm by sharing a random key that is used to lock up the secret data; as against sharing the data itself. This is significant in cloud computing, especially with homomorphic encryption. Using web design, the resultant scheme practically globalises secret sharing with authentications and inherent secondary applications. The work aims at improving cybersecurity via a joint exploitation of human factors and technology; a human-centred cybersecurity design as opposed to technology-centred. The completed functional scheme is tagged CDRSAS. The literature on secret sharing schemes is reviewed together with the concepts of human factors, trust, cyberspace/cryptology and an analysis on a 3-factor security assessment process. This is followed by the relevance of passwords within the context of human factors. The main research design/implementation and system performance are analysed, together with a proposal for a new antidote against 419 fraudsters. Two twin equations were invented in the investigation process; a pair each for secret sharing and a risk-centred security assessment technique. The building blocks/software used for the CDRSAS include Shamir’s algorithm, MD5, HTML5, PHP, Java, Servlets, JSP, Javascript, MySQL, JQuery, CSS, MATLAB, MS Excel, MS Visio, and Photoshop. The codes are developed in Eclipse IDE, and the Java-based system runs on Tomcat and Apache, using XAMPP Server. Its code units have passed JUnit tests. The system compares favourably with SSSS. Defeating socio-cryptanalysis in cyberspace requires strategies that are centred on human trust, trust-related human attributes, and technology. The PhD research is completed but there is scope for future work.

This work is of theoretical and practical importance, that is, generation of new knowledge associated with mobile commerce adoption in terms of security concerns and trust which will help not only future researchers but also e-businesses. Despite the fact researchers have examined the adoption of m-commerce in a holistic way, the author found there was no research focusing solely and in-depth on the determinants of trust and perceived risk. The problem was to examine how the above determinants affect the intention to adopt m-commerce. The objects are mobile commerce, security concerns and trust. The purpose of this study is twofold, namely, empirical and explanatory. As for the objectives, it was necessary to review the literature, propose a research model, analyze the results, and verify or reject the proposed hypotheses. When it comes to the hypotheses, there was a test on whether trust, perceived risk, perceived usefulness, and perceived ease of use negatively or positively affect the constructs of the proposed model. The author used theoretical and empirical collection methods. As for the theoretical ones, analogy, generalization and modeling methods were used. Concerning the empirical ones, due to the fact that quantitative approach was chosen, a survey instrument, that is, questionnaire was used. After the results had been collected, SPSS 22 was used to perform descriptive data analysis of Likert summative scales. At last, the results along with the research limitations... [to full text]
Šio darbo teorinė ir praktinė svarba yra naujų žinių, susijusių su saugumo ir pasitikėjimo problemų sprendimais mobilios komercijos kontekste, kūrimas kuris pasitarnaus ne tik mokslinei bendruomenei, bet ir e-verslui. Nepaisant to, jog mobilios komercijos įsisavinimas plačiai analizuotas holistiniu požiūriu, magistrinio darbo autorius nerado atliktų išsamių tyrimų išsamiau aptariančių pasitikėjimo ir saugumo veiksnių poveikio mobilios komercijos kontekste. Darbo problema formuluojama, kaip patikimumo ir saugumo veiksniai daro įtaką mobilios komercijos įsisavinimui. Tiriamieji objektai yra mobili komercija, saugumas ir patikimumas. Šio tyrimo tikslas yra dvejopas: empirinis ir aiškinamasis. Siekiant tyrimo tikslo, buvo išstudijuota literatūra, pasiūlytas mokslinio tyrimo modelis, išanalizuoti rezultatai ir įvertintos suformuluotos hipotezės. Mokslinio tyrimo eigoje autorius panaudojo teorinius ir empirinius duomenų analizės ir rinkimo metodus. Teorinėje dalyje buvo panaudoti panašumo, apibendrinimo ir modeliavimo metodai. Empirinėje dalyje įgyvendintas kiekybinis tyrimas, duomenys renkami apklausos būdu struktūruoto klausimyno pagalba. Surinkti duomenys apdoroti SPSS aplinkoje atliekant aprašomųjų duomenų analizę pagal Likerto suminių vertinimo skales. Galutinis šio tyrimo tikslas buvo patikrinti suformuluotas hipotezes. Kalbant apie išvadas, privatumo rizikos suvokimas, mobilių mokėjimų, mobilios komercijos įstatymų ir gaunamų produktų kokybė turėjo neigiamą įtaką mobilios... [toliau žr. visą tekstą]

MANETs are attractive technology in providing communication in the absence of a fixed infrastructure for applications such as, first responders at a disaster site or soldiers in a battlefield (Kumar, and Mishra, 2012). The rapid growth MANET has experienced in recent years is due to its Ad Hoc capabilities that have also made it prime target of cybercrimes (Jhaveri, 2012). This has raised the question of how could we embrace the benefits of MANET without the increased security risks. MANETs have several vulnerabilities such as lack of a central point, mobility, wireless links, limited energy resources, a lack of clear line of defence, cooperative nature and non-secure communication to mention a few. This research proposes a two-phase scheme. In phase-one a novel approach is suggested by using concept of exiting trust schemes and adopting the use of Dynamic Trust Threshold Scheme (DTTS) for the selection of trusted nodes in the network and using mutual trust acknowledgement scheme of neighbour nodes to authenticate two communicating nodes. The notion of trust is used for authenticating peer nodes. The trust scheme algorithm is based on real time network dynamics, relevant to MANET conditions, as opposed to pre-determined static values. The phase-one is implemented in AODV and tested in a simulated environment using NS2. The reason for using AODV is that it’s reactive and has comparatively low routing overhead, low energy consumption and relatively better performance (Morshed, et al 2010). In order to ensure data confidentiality and end-to-end security, in phase-two, the source and destination generates a shared secret key to communicate with each other using a highly efficient Diffie Hellman Elliptic Curve scheme (Wang, Ramamurthy and Zou, 2006). The shared key is used to encrypt data between the peer nodes.

The continuing growth of Internet-connected devices presents exciting opportunities for future technology. These Internet of Things (IoT) products are being manufactured and interleaved with many everyday activities, which is creating a larger security concern. Sensors will collect previously unimaginable amounts of private and public data and transmit all of it through an easily observable wireless medium in order for other devices to perform data analytics. As more and more devices are produced, many are lacking a strong security foundation in order to be the "first to market." Moreover, current security techniques are based on protocols that were designed for more-capable devices such as desktop computers and cellular phones that have ample power, computational ability, and memory storage. Due to IoT's technological infancy, there are many security challenges without proper solutions. As IoT continues to grow, special considerations and protections must be in place to properly secure this data and protect the privacy of its users. This dissertation highlights some of the major challenges related to IoT and prioritizes their impacts to help identify where gaps are that must be filled. Focusing on these high priority concerns, solutions are presented that are tailored to IoT's constraints. A security feature-based framework is developed to help characterize classes of devices to help manage the heterogeneous nature of IoT devices and networks. A novel physical device authentication method is presented to show the feasibility in IoT devices and networks. Additional low-power techniques are designed and evaluated to help identify different security features available to IoT devices as presented in the aforementioned framework.
Doctor of Philosophy
The Internet has been gaining a foothold in our everyday lives. Smart homes, smart cars, and smart cities are becoming less science fiction and more everyday realities. In order to increase the public’s general quality of life, this new Internet of Things (IoT) technological revolution is adding billions of devices around us. These devices aim to collect unforeseen amounts of data to help better understand environments and improve numerous aspects of life. However, IoT technology is still in its infancy, so there are still many challenges still remaining. One major issue in IoT is the questionable security for many devices. Recent cyber attacks have highlighted the shortcomings of many IoT devices. Many of these device manufacturers simply wanted to be the first in a niche market, ignoring the importance of security. Proper security implementation in IoT has only been done by a minority of designers and manufacturers. Therefore, this document proposes a secure design for all IoT devices to be based. Numerous security techniques are presented and shown to properly protect the data that will pass through many of these devices. The overall goal for this proposed work aims to have an overall security solution that overcomes the current shortfalls of IoT devices, lessening the concern for IoT’s future use in our everyday lives.

Depression is one of the most prevalent causes of disease burden in the world, with a particularly high prevalence in South Africa. Significant evidence exists for how depression affects employment, income and education, but there is little research on how it affects social decision making. This dissertation addresses the direct impact of depression on the prosocial behaviours that influence economic outcomes, specifically trust and trustworthiness, rather than the economic outcomes themselves. Using experimental and survey data from a randomised control trial, I show that depression reduces trust but, counter-intuitively, increases the trustworthiness of individuals. Additionally, I show that the Activate! programme reduces depression in men and increases trust in all participants. These results have significant implications for how we consider depression in economics, particularly on how it affects poverty by influencing prosocial.

The SIM cards are going through several new enhancements both in the underlying hardware and its capabilities. They are becoming secure wireless networked devices containing embedded sensors. This thesis assess how this new SIM capabilities together with its pervasiveness and security can support the development and design of trust-based applications. It reviews the new trust possibilities based on the identity factor, connectivity and context-awareness sensors on the SIM. Moreover, we present a specific use-case around a seamless trust builder for social networks, which makes use of sensed inputs towards building hard contextual evidences to trust relations. We conclude with the description of the challenges of building this evidence based trust-builder and the necessary steps to going from the prototype we developed to a real application which may accurately describe trust relations.

Dans cette thèse, je propose trois contributions principales : dans notre première contribution, nous étudions l'architecture d'identité WebRTC et plus particulièrement son intégration aux algorithmes de délégation d'authentification existants. Cette intégration n'a pas encore été étudiée jusqu'à présent. Dans cette perspective, nous implémentons les composants de l'architecture d'identité WebRTC ce qui nous permet de montrer que cette architecture n'est pas particulièrement adaptée à une intégration aux protocoles de délégation d'authentification existants tels qu'OpenID Connect. Pour répondre à RQ1, nous montrons ensuite comment la position centrale des fournisseurs d'identité dans l'écosystème du Web est renforcée par leur intégration à l'établissement de session WebRTC, posant ainsi un risque supplémentaire contre la discrétion des utilisateurs. Dans l'écosystème Web, la norme est l'architecture des services en silo dont les utilisateurs sont captifs. C'est en particulier le cas des systèmes de délégation d'authentification, pour lesquels la plupart du temps, il n'est pas possible de choisir son fournisseur d'identité. Afin de répondre à RQ3, nous réalisons une étude afin de déterminer pour quelles raisons les utilisateurs ne peuvent pas choisir leur fournisseur d'identité sur Web. Notre étude montre que bien que ce choix soit possible en théorie, l'absence d'implémentation de certains standards par les sites webs et les fournisseurs d'identité empêche ce choix en pratique. Dans notre seconde contribution, nous cherchons à donner plus de contrôle à l'utilisateur. Pour ce faire et en réponse à RQ2, nous proposons une extension de la spécification WebRTC afin de permettre la négociation des paramètres d'identité. Un prototype d'implémentation est proposé afin de valider notre proposition. Cette implémentation révèle certaines limites dues à l'API d'identité WebRTC empêchant notamment d'obtenir un retour sur le niveau d'authentification de l'autre utilisateur ainsi que l'impossibilité de changer de fournisseur d'identité en cours de session. Nous proposons ensuite une API Web permettant aux utilisateurs de choisir leur fournisseur d'identité lors d'une authentification sur un site tiers via une interface de sélection d'identité contrôlée par le navigateur. Répondant à RQ3, notre API repose sur une réutilisation de l'architecture d'identité WebRTC dans un scénario client-serveur. Nous présentons une implémentation de notre solution, basée sur une extension du navigateur Firefox, afin d'en démontrer l'utilisabilité. Nos résultats montrent qu'à long terme, l'adoption de cette API pourrait réduire la charge d'implémentation pour les développeurs de sites Web et permettre aux utilisateurs de préserver leur discrétion en choisissant des fournisseurs d'identité de confiance
In this thesis, we propose three main contributions : In our first contribution we study the WebRTC identity architecture and more particularly its integration with existing authentication delegation protocols. This integration has not been studied yet. To fill this gap, we implement components of the WebRTC identity architecture and comment on the issues encountered in the process. In order to answer RQ1, we then study this specification from a privacy perspective an identify new privacy considerations related to the central position of identity provider. In the Web, the norm is the silo architecture of which users are captive. This is even more true of authentication delegation systems where most of the time it is not possible to freely choose an identity provider. In order to answer RQ3, we conduct a survey on the top 500 websites according to Alexa.com to identify the reasons why can't users choose their identity provider. Our results show that while the choice of an identity provider is possible in theory, the lack of implementation of existing standards by websites and identity providers prevent users to make this choice. In our second contribution, we aim at giving more control to users. To this end and in order to answer RQ2, we extend the WebRTC specification to allow identity parameters negotiation. We present a prototype implementation of our proposition to validate it. It reveals some limits due to the WebRTC API, in particular preventing to get feedback on the other peer's authentication strength. We then propose a web API allowing users to choose their identity provider in order to authenticate on a third-party website, answering RQ2. Our API reuse components of the WebRTC identity architecture in a client-server authentication scenario. Again, we validate our proposition by presenting a prototype implementation of our API based on a Firefox extension. Finally, in our third contribution, we look back on RQ1 and propose a trust and security model of a WebRTC session. Our proposed model integrates in a single metric the security parameters used in the session establishment, the encryption parameters for the media streams, and trust in actors of the communication setup as defined by the user. Our model objective is to help non-expert users to better understand the security of their WebRTC session. To validate our approach, we conduct a preliminary study on the comprehension of our model by non-expert users. This study is based on a web survey offering users to interact with a dynamic implementation of our model

XML (Extensible Mark-up Language) databases are an active research area. The topic of security in XML databases is important as it includes protecting sensitive data and providing a secure environment to users. Trust based access is an established technique in many fields, such as networks and distributed systems, but it has not previously been used for XML databases. In Trust Based Access Control, user privileges are calculated dynamically depending on the user’s behaviour. In this thesis, the novel idea of applying Trust Based Access Control (TBAC) for XML databases has been developed. This approach improves security and provides dynamic access control for XML databases. It manages access policy depending on users’ trustworthiness and prevents unauthorised processes, malicious transactions, and misuse from both outsiders and insiders. A practical Trust Based Access Control system for XML databases was evaluated. The dynamic access control has been tested from security, scalability, functionality, performance, and storage perspectives. The experimental results illustrate the flexibility of Trust Values and the scalability of the system with small to large XML databases and with various numbers of users. The results show that the main research idea of this study is worth pursuing and the system could be developed further.

[Truncated abstract] An ad-hoc network of wireless nodes is a temporarily formed network, created, operated and managed by the nodes themselves. Due to its peculiar establishment and operational properties it is also often termed an infrastructure-less, self-organised, or spontaneous network. In order to extend the communication range of the nodes, beyond a single hop, specially configured routing protocols are used. The unique feature of these protocols is their ability to form routes in spite of a dynamic topology. For effective functioning of the network it is essential that the network nodes execute the routing protocols in a truthful manner regardless of their contemporary commitments and workload. In real life, this is more than often extremely difficult to realise, and so we often find malicious nodes also present in the same network. These nodes can either join externally or may originate internally by compromis- ing an existing benevolent node in the network. These malicious nodes can carry out an array of attacks against the routing protocols leading to route severing, unavailability of service or deception. A number of secure routing protocols, which make use of cryptographic algorithms to secure the routes, have recently been proposed. ... In order to sustain the improvised nature of ad-hoc networks, in this thesis, we have moved from the common mechanism of achieving trust via security to enforcing dependability through collaboration. We desist from the customary strategy of employing cryptography and instead use a trust model that is influ- enced by the human behavioural model. All nodes in the network independently execute this trust model and maintain their own assessment concerning other nodes in the network. Each node, based upon its individual experiences, rewards collabo- rating nodes for their benevolent behaviour and penalises malicious nodes for their malevolent conduct. To highlight the efficacy of this unique approach, we apply the trust model to three contemporary reactive routing protocols in a pure ad-hoc network. These trust reinforced routing protocols locate dependable routes in the network by observing the sincerity in participation of other nodes using a set of trust categories. The routes worked out in this way are neither protected in terms of security nor minimal in terms of hops. However, these routes traverse nodes, which have been identified as more trustworthy than others and for this reason are more dependable in extemporised circumstances. Through the help of extensive simulations, we have demonstrated that the usage of these protocols significantly improves the overall performance of the network even in the presence of a high percentage of malicious nodes. These protocols, being independent of a trust infrastructure, also enable rapid deployment and improved operation with dynamic adaptation to the current scenario. The prime advantage being gained is the ability to seamlessly integrate ad-hoc wireless networks belonging to dissimilar organisations.

The main theme of this thesis is to allow the users of cloud services to outsource their data without the need to trust the cloud provider. The method is based on combining existing proof-of-storage schemes with distance-bounding protocols. Specifically, cloud customers will be able to verify the confidentiality, integrity, availability, fairness (or mutual non-repudiation), data freshness, geographic assurance and replication of their stored data directly, without having to rely on the word of the cloud provider.