Rozprawy doktorskie na temat „Identity access management”

The topic of this thesis is focused on the issues of the Identity Management. The author of the work describes the possibilities using this concept and application Identity Management in organizations. This issue is not oriented just from the point of Information security where this area belongs. The goal of this work is to create a framework of the process Identity Management by using best practises and standards. The context of the work should describe new trends and using special tools for safety work with process of Identity Management and the risk in area of the Identity Management. To achieve these goals which are mentioned above is ensured by using analysis of information sources and consulting with professionals from organization. The benefit of this work is provide comparison of teoretical knowledges with practical usage in organization and its recommendation to improve the process Identity Management.

IT security management (ITSM) technologies are important components of IT security in organizations. But there has been little research on how ITSM technologies should incorporate human and social issues into their design. Identity and Access Management (IAM) systems, as an important category of ITSM, share such a gap with other ITSM technologies. The overreaching goal of this research is to narrow the gap between IAM technologies and social context. In the first phase, we developed a set of usability guidelines, and heuristics for design and usability evaluation of ITSM tools. We gathered recommendations related to ITSM tools from the literature, and categorized them into a set of 19 high-level guidelines that can be used by ITSM tool designers. We then used a methodical approach to create seven heuristics for usability evaluation of ITSM tools and named them ITSM heuristics. With a between-subjects study, we compared the usage of the ITSM and Nielsen's heuristics for evaluation of a commercial IAM system. The results confirmed the effectiveness of ITSM heuristics, as participants who used the ITSM heuristics found more problems categorized as severe than those who used Nielsen's. In the second phase, we conducted a field-study of 19 security practitioners to understand how they do IAM and identify the challenges they face. We used a grounded theory approach to collect and analyze data and developed a model of IAM activities and challenges. Built on the model, we proposed a list of recommendations for improving technology or practice. In the third phase, we narrowed down our focus to a specific IAM related activity, access review. We expanded our understanding of access review by further analysis of the interviews, and by conducting a survey of 49 security practitioners. Then, we used a usability engineering process to design AuthzMap, a novel user-interface for reviewing access policies in organizations. We conducted a user study with 430 participants to compare the use of AuthzMap with two existing access review systems. The results show AuthzMap improved the efficiency in five of the seven tested tasks, and improved accuracy in one of them.
Applied Science, Faculty of
Electrical and Computer Engineering, Department of
Graduate

Správa rolí a identit se stává elementární součástí podnikových informačních systémů. Je součástí oboru Identity a Access managementu, který je velmi mladou a dynamicky se rozvíjející tržní oblastí. Tato diplomová práce poskytuje základní přehled o členění této tržní oblasti a zároveň charakterizuje tuto oblast z pohledu obecného přístupu a přístupu na úrovni odvětví. Je zde popsána nabídka několika hlavních hráčů na trhu s důrazem na vhodnost nasazení v českém prostředí. Konkrétně je vybírán vhodný produkt pro nasazení v České správě sociálního zabezpečení, největší finančně správní institucí státní správy ČR. Je zde také popsáno několik faktorů na které by měl být při podobném výběru kladen důraz. Samotný výběr je pouze informativní s účelem dodat aktuální přehled o možnostech řešení, které trh pro danou oblast nabízí. Identity a Access management totiž v České správě sociálního zabezpečení již zaveden byl. O tomto řešení se zmiňuje předposlední kapitola.

The systems' complexity growth over wide networks has increased the need for a centralized access control and strong authentication methods. And because systems have become increasingly distributed, additional need for single sign on solutions have become even more relevant. The aim of this study is to draw the state of the art on strong authentication solutions for protecting resources over networks and establish an evaluation summary of all the solutions presented. The study also presents the single sign on functionality and different architectures to implement it. This study contains a market review of available commercial solutions that implement strong authentication and single sign on. One of the solution is selected for implementing the authentication service for a payroll management system for one of Accenture clients. The technical details regarding this product are presented including architecture, installation and tests. The tested product needed custom developments to successfully implement the certificate authentication combined with an advanced certificate validation service. The single sign on functionality requires custom development to be integrated with all the system components.

Today, one is expected to remember multiple user names and passwords for different domains when one wants to access on the Internet. Identity management seeks to solve this problem through creating a digital identity that is exchangeable across organisational boundaries. Through the setup of collaboration agreements between multiple domains, users can easily switch across domains without being required to sign in again. However, use of this technology comes with risks of user identity and personal information being compromised. Criminals make use of spoofed websites and social engineering techniques to gain illegal access to user information. Due to this, the need for users to be protected from online threats has increased. Two processes are required to protect the user login information at the time of sign-on. Firstly, user’s information must be protected at the time of sign-on, and secondly, a simple method for the identification of the website is required by the user. This treatise looks at the process for identifying and verifying user information, and how the user can verify the system at sign-in. Three models for identity management are analysed, namely the Microsoft .NET Passport, Liberty Alliance Federated Identity for Single Sign-on and the Mozilla TrustBar for system authentication.

The implementation of an Identity and Access Management (IAM) solution is a complex process to manage, consuming multiple years and involves organizational changes. In its nature, several challenges tend to appear to different stakeholders involved in the process. However, prior research has mainly addressed the technical components of an IAM-solution, hence the technical challenges that emerge during development and implementation. Therefore, the non-technical challenges of the IAM-project work and the challenges that constitute the client implementation are understudied. The purpose of this thesis is to visualize the challenges that emerge when an IAM-solution is implemented. In addition, the challenges when organizational changes occur. The empirical data is conducted through a series of semi-structured interviews with individuals in the IAM line of business. In addition, secondary data is gathered through the review of papers and reports in Information Systems (IS) and Information Technology (IT) projects and outsourcing projects, as well from a non-academical organization with in-depth knowledge of IAM implementations. A qualitative case study of IAM implementations was conducted to investigate the studied complex phenomenon. The findings display the challenges of Insight, Communication, and Endurance (ICE), which tend to be obstacles for all stakeholders involved. Additionally, the organizational changes describe three further challenges of Anchoring, Communication, and Vision (ACV). These challenges mainly appear in client changes, which IAM implementations initiate. The thesis display connections and incoherent with prior research on IS/IT-projects and IAM-projects. In addition, newly uncovered aspects that contribute to research areas are highlighted. The thesis is summarized with some implications and possibilities for future research.
En IAM implementeringen är en komplex och utdragen process som kan ta flera år samt skapar en förändringsresa hos kund. I sin natur skapas flera utmaningar till olika involverade aktörer. Tidigare forskning har främst fokuserat på de tekniska komponenterna som en IAM lösning baseras på, därav de tekniska utmaningarna som tillkommer. Till följd har de icke-tekniska utmaningarna inom IAM projekt och utmaningarna med en implementation hos kund fått bristande uppmärksamhet där få studier har genomförts. Syftet med detta examensarbete är att visualisera de utmaningar som uppstår vid en IAM implementering. Arbetet fokuserar även på utmaningarna med organisatorisk förändring, vilket genomförandet av en IAM lösning skapar. Den primära datainsamlingen genomförs av halvstrukturerade intervjuer med personer inom IAM-branschen. Dessutom samlas sekundär data in från informationssystem (IS) och informationsteknik (IT) projekt samt outsourcingprojekt. Därtill några icke akademiska rapporter med fördjupande information om IAM implementeringar. Examensarbetet är gjort som en kvalitativ fallstudie av IAM implementeringar, detta för att förstå komplexiteten av ämnet. Resultatet visar utmaningar som Insikt, Kommunikation och Uthållighet, vilket tenderar att vara hinder för alla involverade aktörer. Dessutom beskriver de organisatoriska förändringarna tre ytterligare utmaningar för Förankring, Kommunikation och Vision. Dessa utmaningar förekommer hos kund som implementerar en IAM lösning. Uppsatsen visar sammanhängande och osammanhängande aspekter med forskningen inom IS/IT projekt och IAM projekt. Dessutom framhävs nya upptäckta insikter som bidrar till forskningsområdena. Slutligen sammanfattas arbetet med några implikationer samt förslag på vidare forskning.

The study addressed the lack of identity management practices in Texas community colleges to identify guest users who access college computers. Guest user access is required by Texas law and is part of the state's mission to bridge the technology gap; however, improper identification methods leave the college vulnerable to liability issues. The purpose of this study was to eliminate or mitigate liabilities facing colleges by creating and using security policies to identify guest users. This study combined the theoretical concepts of Cameron's internal security management model with the external trust models of the Liberty Alliance and Microsoft's Passport software. The research question revolved around the identity and access management framework used by 13 community colleges in Texas to track guest users and the college's ability to protect the college from illegal acts. Using a grounded theory approach, data were collected by interviewing 13 information technology management professionals at the community colleges regarding their security policies and procedures as well as by campus observations of security practices. The results of constant comparison analysis indicate that no universal theory was being used. Only 3 of the 13 colleges tracked guest user access. Reasons for not tracking guest access included lack of financial and technology resources and process knowledge. Based on these findings, the identity management infrastructure theory was recommended for network access control, self-registration, and identity authentication at these colleges and many other colleges. The implications for social change include raising awareness of the risks most community colleges face from network security breaches, regulatory noncompliance, and lawsuit damages that could result from the lack of an identity management process.

Vehicular Communication (VC) systems can greatly enhance road safety and transportation efficiency. Vehicles are equipped with sensors to sense their surroundings and the internal Controller Area Network (CAN) bus. Hence, vehicles are becoming part of a large-scale network, the so-called Internet of Vehicles (IoV). Deploying such a large-scale VC system cannot materialize unless the VC systems are secure and do not expose their users’ privacy. Vehicles could be compromised or their sensors become faulty, thus disseminating erroneous information across the network. Therefore, participating vehicles should be accountable for their actions. Moreover, user privacy is at stake: vehicles should disseminate spatio-temporal information frequently. Due to openness of the wireless communication, an observer can eavesdrop the communication to infer users’ sensitive information, thus profiling users. The objective is to secure the communication, i.e., prevent malicious or compromised entities from affecting the system operation, and ensure user privacy, i.e., keep users anonymous to any external observer but also for security infrastructure entities and service providers.In this thesis, we focus on the identity and credential management infrastructure for VC systems, taking security, privacy, and efficiency into account. We begin with a detailed investigation and critical survey of the standardization and harmonization efforts. We point out the remaining challenges to be addressed in order to build a Vehicular Public-Key Infrastructure (VPKI). We provide a VPKI design that improves upon existing proposals in terms of security and privacy protection and efficiency. More precisely, our scheme facilitates multi-domain operations in VC systems and enhances user privacy, notably preventing linking of pseudonyms based on timing information and offering increased protection in the presence of honest-but-curious VPKI entities. We further extensively evaluate the performance of the full-blown implementation of our VPKI for a large-scale VC deployment. Our results confirm the efficiency, scalability and robustness of our VPKI.

QC 20160927

Historically, managing access to information systems (ISs) required direct interaction with a limited number of users. Increasingly, managing access involves handling an increased numbers of internal and external students, faculty, and staff as well as partners such as workforce development centers, the U.S. Department of Education, and the Council on Higher Education Accreditation. At Minnesota State Colleges and Universities (MnSCU), the approach to identity management (IdM) required the distribution of a username and password to authenticate MnSCU employees and students. Authentication enables authorized users to access campus-supported ISs and Office of the Chancellor (OOC) supported ISs such as the Integrated Statewide Record System (ISRS). In some cases, an MnSCU employee or student will receive as many as 7 usernames and passwords. When a new employee or student joins MnSCU, the campus IT group creates a general log-on to campus-supported ISs. This log-on consists of a username and password and provides the new employee or student with access to a local area network (LAN) hosted application such as e-mail and campus directory services. The author used Minnesota State College-Southeast Technical (MSC-ST) as the unit of analysis. In this inquiry, the following propositions guided and shaped the case study data collection: (a) system development processes (SDPs), (b) single access sign-on credentials through all MSC-ST ISs, (c) electronic data assurances, and (d) implementation across public and private security zones. The findings from this case study were used to develop a paradigm supporting the design and development of an IdM system model at MSC-ST. This model contributed to the establishment of a uniform IdM system for use by MSC-ST students, staff, and faculty regardless of time and location. Based on findings from this case study, key processes involved in establishing this IdM system based on uniform identities and authentication processes were documented. Key steps involved in facilitating secure IS access to MSC-ST resources by students, staff, and faculty accessing OOC-supported ISs as well as MSC-ST campus-specific applications were described. The author contributed to advancements in the IS space through the use of a replicable approach for implementing an IdM paradigm at MSC-ST.

This diploma thesis focuses on the proposal to implement changes of identity management into a particular company. In the theoretical part are the basic concepts and a detailed description of the identity management. There is also described an analysis of the current state of information security in the company, risk analysis and selection of measures to minimize the risks found. At the end of this thesis are proposed changes, their procedure and timetable for implementation of selected measures.

The wide spread of services on the internet has aggravated the issue of maintaining multiple identities such as the virtual identities that are based on specific login credentials like username, passwords and PINs. On the other hand, multiple physical identities also prove to be difficult to maintain since different sources require the presence of different smart cards, mobile devices or other proofs of identity. Therefore, the modern world is populated with so many virtual and physical Identity Access Management Systems (IAMS) that individuals are required to maintain multiple passwords and login credentials. The tedious task of remembering these can be minimised through the utilisation of an innovative approach of single sign-in mechanisms. During recent times, several systems have been developed to provide physical and virtual IAMS; however, most have not been very successful according to specific criteria. Furthermore, alongside increasing the level of awareness for the need to deploy interoperable physical and virtual IAMS, there exists an immediate need for the establishment of clear guidelines for the successful integration of the two media. The importance of and motivation for the integration of the two media will be discussed in this thesis with respect to three perspectives: security, which includes identity; user experience, comprising usability; and acceptability, containing accessibility. Not many frameworks and models abide by all guidelines for all of these perspectives; thus, the thesis addresses the immediate need to establish a framework and a model for acceptable user experience for successful integration of the two media for public services within the e-government domain. The IAMS framework is based on the attributes from the researched theories of the three perspectives and expert evaluations of the unique nine themes. Regarding the users evaluation to test the proposed Unified Theory of Acceptance and Use of Technology Model(UTAUT), there is an indirect effect on behavioural intentions to use a new prototype system (Ubiquitous Identity Access Management System "UbIAMS") through performance expectancy, effort expectancy, social influence, and through items pertaining to acceptability and user experience.

The master thesis focuses on assessment of current implementation of identity management system and proposal of a new implementation to increase level of stability and information security in the company, primarily regarding the systems that process financial data. In first part, basic theoretical knowledge related to identity management systems is defined. In second part, an analysis of current system state is performed. Based on this analysis, new organizational and technical solutions are proposed to the company. Finally, an implementation project proposal as well as with risk analysis and economic evaluation is completed in the end of this thesis.

Mestrado em Gestão de Sistemas de Informação
A Gestão de Identidades Corporativas (identificada na literatura como Identity and Access Management ou pelas siglas IAM, I&AM ou ainda IdM) é, para muitas empresas, um tema difícil de endereçar devido à complexidade dos seus múltiplos sistemas de informação. Muitas vezes colocam-se questões relativas às funções de negócio que cada colaborador executa na organização, acerca de quais os acessos e permissões a sistemas de que realmente necessita para o seu trabalho e quais as permissões que atualmente possui. Dar uma resposta precisa a estas questões num determinado instante do tempo é muitas vezes impossível, devido à mobilidade entre empresas, à rotatividade dos colaboradores e à própria evolução temporal dos sistemas. Este trabalho apresenta o desenvolvimento de um projeto de IAM numa grande empresa de Telecomunicações, designado por GIU - Gestão Integrada de Utilizadores, no qual o autor desempenhou o papel de investigador utilizando a metodologia de Action Research. O objetivo da investigação consistiu em, para além de colaborar na implementação do projeto, refletir sobre os aspetos positivos e negativos das decisões tomadas e produzir um conjunto de fatores críticos de sucesso e boas práticas para a implementação de projetos deste tipo. Além disto, procura-se ainda indicar caminhos futuros para a melhoria da plataforma, em interligação com a área de Qualidade de Dados, que permitam que o GIU seja uma fonte de verdade ainda mais credível no que diz respeito à informação de utilizadores e perfis que reside em cada um dos seus sistemas-alvo.
Corporate Identity Management (identified in the literature as Identity and Access Management or the acronyms IAM, I&AM or IdM) is, for a fair amount of companies, a hard issue to address due to the complexity and diversity of their information systems. Questions often arise about which business roles are performed by the organization's employees, what permissions they truly require in order to perform their jobs, and what permissions are currently assigned to them. A precise answer to these questions is often impossible to obtain for several reasons, such as, employee turnover, software integration issues and the rapid evolution of corporate systems. This work presents the development of an IAM project named GIU. The project is currently taking place in a large telecommunications company, in which the author played the researcher role using the Action Research methodology. During a direct collaboration in the implementation process, several observations on the positive and negative aspects of project decisions were made, in an effort to provide a set of critical success factors and best practices for the implementation of future projects of the same kind. Moreover, future additions to the platform are recommended, such as connecting it with Data Quality tools, an improvement that would allow GIU to be an even more reliable source of truth concerning the permissions currently provisioned in each of the enterprise systems.

A distributed business process is executed in a distributed computing environment. The service-oriented architecture (SOA) paradigm is a popular option for the integration of software services and execution of distributed business processes. Entailment constraints, such as mutual exclusion and binding constraints, are important means to control process execution. Mutually exclusive tasks result from the division of powerful rights and responsibilities to prevent fraud and abuse. In contrast, binding constraints define that a subject who performed one task must also perform the corresponding bound task(s). (authors' abstract)

Establishing a nationwide Electronic Health Record system has become a primary objective for many countries around the world, including Australia, in order to improve the quality of healthcare while at the same time decreasing its cost. Doing so will require federating the large number of patient data repositories currently in use throughout the country. However, implementation of EHR systems is being hindered by several obstacles, among them concerns about data privacy and trustworthiness. Current IT solutions fail to satisfy patients’ privacy desires and do not provide a trustworthiness measure for medical data. This thesis starts with the observation that existing EHR system proposals suer from six serious shortcomings that aect patients’ privacy and safety, and medical practitioners’ trust in EHR data: accuracy and privacy concerns over linking patients’ existing medical records; the inability of patients to have control over who accesses their private data; the inability to protect against inferences about patients’ sensitive data; the lack of a mechanism for evaluating the trustworthiness of medical data; and the failure of current healthcare workflow processes to capture and enforce patient’s privacy desires. Following an action research method, this thesis addresses the above shortcomings by firstly proposing an architecture for linking electronic medical records in an accurate and private way where patients are given control over what information can be revealed about them. This is accomplished by extending the structure and protocols introduced in federated identity management to link a patient’s EHR to his existing medical records by using pseudonym identifiers. Secondly, a privacy-aware access control model is developed to satisfy patients’ privacy requirements. The model is developed by integrating three standard access control models in a way that gives patients access control over their private data and ensures that legitimate uses of EHRs are not hindered. Thirdly, a probabilistic approach for detecting and restricting inference channels resulting from publicly-available medical data is developed to guard against indirect accesses to a patient’s private data. This approach is based upon a Bayesian network and the causal probabilistic relations that exist between medical data fields. The resulting definitions and algorithms show how an inference channel can be detected and restricted to satisfy patients’ expressed privacy goals. Fourthly, a medical data trustworthiness assessment model is developed to evaluate the quality of medical data by assessing the trustworthiness of its sources (e.g. a healthcare provider or medical practitioner). In this model, Beta and Dirichlet reputation systems are used to collect reputation scores about medical data sources and these are used to compute the trustworthiness of medical data via subjective logic. Finally, an extension is made to healthcare workflow management processes to capture and enforce patients’ privacy policies. This is accomplished by developing a conceptual model that introduces new workflow notions to make the workflow management system aware of a patient’s privacy requirements. These extensions are then implemented in the YAWL workflow management system.

The subject of the Master thesis is to explore the integration of Identity Management System with the Information Security Management System based on theoretical knowledge and analysis of the current situation. Notify the company to gaps and make proposals for improvement.

Identity management is a critical concept for enterprises, and it has turned to more challenging issue since businesses are significantly moving towards service oriented architecture (SOA) with the aim to provide seamless service delivery to their customers, partners and employees. The organizational domains are expanded to blur the virtual borders, simplify the business collaboration and maximize opportunities in the competitive market place, which explicitly shows the essentiality for federating the identities. Real-world identity comprises of different dimensions such as Law, Business, Policy, Technology and Society, therefore reliable digital identity management and successful federation are required to take these dimensions and complexity into consideration. Considering variety of academic and industrial researches that report on remarkable demands for identity federation adoption by enterprises, this study has approached federated Identity Management from technological point of view. Technologies provide tools and mechanisms to satisfy the business requirements and enable single sign-on capability in reliable federated platform. Different authentication technologies and standards have emerged to enable federated single sign-on (FSSO) implementation as a core service of the FIdM, each with different features and capabilities. This brings more complexity and confusion for experts and decision makers for FIdM adoption and development. To overcome this obstacle and accelerate the data collection and analysis process for decision makers, this research contributes to the filed by providing a conceptual framework to simplify the analysis of underlying technology for decision making process. In this framework 1) a list of state-of-the-art requirements and mechanisms for successful identity federation and reliable SSO is elaborated, 2) Six most prevalent standard authentication technologies along with latest specifications are analysed, explained and assessed against the defined criteria, and 3) several security and privacy consideration are gathered. The usage of framework is monitored and the efficiency of it is evaluated in 2 real business case scenarios by five IT experts and the result is reported.

Em nossa vida diária, são utilizadas identidades digitais (IDDs) para acessar contas de e-mail, bancos e lojas virtuais, locais restritos, computadores compartilhados, e outros. Garantir que apenas usuários autorizados tenham o acesso permitido é um aspecto fundamental no desenvolvimento destas aplicações. Atualmente, os métodos de controle de acesso simples como senhas ou números de identificação pessoal não devem ser considerados suficientemente seguros, já que um impostor pode conseguir estas informações sem o conhecimento do usuário. Ainda, no caso de utilização de dispositivos físicos como cartões de identificação, estes podem ser roubados ou forjados. Para tornar estes sistemas mais confiáveis, técnicas de autenticação de identidades utilizando múltiplas verificações são propostas. A utilização de características biométricas surge como a alternativa mais confiável para tratar este problema, pois são, teoricamente, únicas para cada pessoa. Contudo, algumas características biométricas como a aparência facial podem variar com o tempo, implicando em um grande desafio para os sistemas de reconhecimento facial. Neste trabalho é combinado o acesso tradicional por senha com a análise da face para realizar a autenticação. Um método de aprendizagem supervisionada é apresentado e sua adaptação é baseada na melhora contínua dos modelos faciais, que são representados por misturas de gaussianas. Os resultados experimentais, obtidos sobre um conjunto de teste reduzido, são encorajadores, com 98% de identificação correta dos usuários e custo computacional relativamente baixo. Ainda, a comparação com um método apresentado na literatura indicou vantagens do método proposto quando usado como um pré-selecionador de faces.
In our daily life, we use digital identities (DIDs) to access e-mails, e-banks, e-shops, physical environments, shared computers, and so on. Guarantee that only authorized users are granted access is an important aspect in the development of such applications. Nowadays, the simple access control methods like passwords or personal identification numbers can not be considered secure enough, because an impostor can obtain and use these information without user knowledge. Also, physical devices like ID cards can be stolen. To make these systems more reliable, multimodal DID authentication techniques combining different verification steps are proposed. Biometric features appears as one of the most reliable alternatives to deal with this problem because, theoretically, they are unique for each person. Nevertheless, some biometric features like face appearances may change in time, posing a serious challenge for a face recognition system. In this thesis work, we use the traditional password access combined with human face analysis to perform the authentication task. An intuitive supervised appearance learning method is presented, and its adaptation is based on continuously improving face models represented using the Gaussian mixture modeling approach. The experimental results over a reduced test set show encouraging results, with 98% of the users correctly identified, with a relatively small computational effort. Still, the comparison with a method presented in the literature indicated advantages of the proposed method when used as a pre-selector of faces.

This master's thesis deals with the analysis, design and implementation of authentication and authorization subsystem into the environment of distributed web application. It unifies the well-known security models into the one universal security model that can be used for the development of authorization device enabling the user to secure the applications with various security models. Furthermore, it applies this integration of models into the Takeplace system.

La protection des données est une question essentielle en matière de cybersécurité. Les organisations utilisent les logiciels de gestion des identités et des accès et les outils de cybersécurité traditionnels pour protéger leurs actifs informationnels contre les menaces externes. Cependant, elles manquent le plus souvent de solutions pour contrer les menaces internes provenant principalement des personnes ayant un accès légitime aux systèmes d'information de l'entreprise. Ce type de menaces est aujourd'hui la principale préoccupation des spécialistes de la cybersécurité. Les logiciels d'analyse du comportement des utilisateurs et des entités sont les outils utilisés par les cyber-spécialistes pour contrer efficacement les menaces internes. Cependant, les solutions existantes peuvent présenter des problèmes tels qu'un nombre élevé de fausse alarme, et un temps de préparation des modèles de détection conséquent quand les données d'activités sont de gros volumes.L'objectif de cette thèse est de contribuer à remédier à ces problèmes par la proposition d’une solution algorithmique et sa mise en œuvre efficace pour les architectures haute performance. Plus particulièrement, nous proposons une méthode de détection qui construit des profileurs de comportement en utilisant des techniques issues des domaines de l’apprentissage automatique, de l'algèbre linéaire et du calcul haute performance. Cette méthode est définie par l’application de l’approche "unir et conquérir" utilisée en algèbre linéaire, aux techniques d'apprentissage d'ensemble. En plus des méthodes d'apprentissage de base classiques, nous intégrons des méthodes innovantes de type PageRank et auto-encodeurs dans la méthode globale proposée. Cette nouvelle méthode de détection des menaces internes montre, selon nos expérimentations, une efficacité en termes de précision, allant jusqu’à 98% d'AUC. Ceci marque une augmentation significative par rapport aux méthodes de bases. Nous proposons aussi une mise en œuvre de cette méthode selon plusieurs paradigmes de programmation parallèle permettant d’obtenir des accélérations jusqu’au 10.Nous avons intégré cette plateforme logicielle agrémentée de moyens de prétraitement de données, et d'un système d'alarme dans un module global de détection d'attaque internes, capable d'étendre des outils de cybersécurité
Data protection is a critical issue in cybersecurity. Organizations use identity and access management software and traditional cybersecurity tools to protect their information assets from external threats. However, they most often lack solutions to counter insider threats from individuals with legitimate access to corporate information systems. This type of threat is now the primary concern of cybersecurity specialists. User and entity behavior analysis software are the tools used by cyber specialists to counter insider threats effectively. However, existing solutions can present problems such as many false alarms and a consequent development time of detection models when the activity data is of large volumes.This thesis aims to remedy these problems by proposing an algorithmic solution and its efficient implementation for high performance architectures. More precisely, we propose a detection method that builds behavioral profilers using techniques from the fields of machine learning, linear algebra and high performance computing. This method is defined by application of “unite and conquer” approach, used in linear algebra, to ensemble learning techniques. We integrate innovative methods of PageRank and autoencode in the proposed ensemble method in addition to the classical basic machine learning methods.According to our experiments, this new method of insider threat detection shows an average efficiency in terms of detection accuracy, up to 98% of AUC. This is a significant increase compared to base methods. We also propose an implementation of this method according to several parallel programming paradigms allowing us to obtain a speedup up to 10.We have integrated this software platform with data preprocessing means and an alarm system into a global module for insider threat detection, capable of extending cybersecurity tools

Les réseaux sociaux d’entreprise (RSE) ont révolutionné la collaboration entre les organisations professionnelles. Grâce aux RSEs, les contraintes classiques de mobilité, de procédures compliquées d’échange de services et de manque de flexibilité et de communication en matière de cercles collaboratifs ne sont plus d’actualité. Dans cette thèse, nous avons travaillé sur le projet OpenPaaS RSE. Principalement nous nous sommes focalisés sur la partie gestion du contrôle d’accès, qui nous a conduit vers d’autres besoins, à savoir la gestion des identités numériques et leurs supervisions. Nous avons travaillé en premier lieu sur la gestion de l’authentification des identités numériques au sein de communautés de collaboration regroupant des entreprises hétérogènes en matière de gestion de l’authentification. Pour cela, nous avons proposé une architecture de fédération interopérable en matière de gestion de l’authentification, permettant ainsi à chaque entreprise de préserver son mécanisme d’authentification (propre) et aux acteurs de procéder à une authentification unique. Nous nous sommes ensuite concentrés sur la gestion des accréditations des identités numériques (i.e. contrôle d’accès). Sur cet aspect, nous avons proposé un mécanisme flexible de contrôle d’accès basé sur un ensemble d’attributs identitaires, que nous avons conçu sur la base d’un langage formel fondé sur la logique temporelle Event-Calculus. Nous sommes ainsi en mesure de rendre le partage de ressources fluide et agile, et par ailleurs capables de gérer des autorisations temporaires (i.e. les délégations). La fluidité et l’agilité du partage sont dues au fait que nous avons modélisé notre mécanisme de contrôle d’accès de telle sorte que le partage soit basé principalement sur les acteurs de collaboration (i.e. user-centric), et ce de la manière la plus simple possible. En outre, le formalisme logique nous a permis de vérifier automatiquement la cohérence des politiques notamment celles liées au partage de ressources. Notre système de contrôle d’accès donne aux entreprises le pouvoir de contrôler de manière abstraite les politiques de partage de ressources définies à l’échelle des acteurs, et ce grâce à des politiques fondées sur un mécanisme de gestion du risque qui émane des requêtes externes de demande d’accès. Les politiques basées sur le risque sont combinées avec les politiques de partage. Dans notre mécanisme de gestion du risque, nous nous sommes basés sur les standards liés au risque (définis par le NIST) que nous avons alignés avec des paramètres pertinents pour le contrôle d’accès dans le contexte RSE. Notre gestion dynamique du risque inclut en effet les paramètres suivants : l’importante de chaque ressource collaborative, les vulnérabilités des systèmes d’authentification utilisés pour authentifier les acteurs au sein d’une communauté et la confiance reflétée à travers le comportement de chaque acteur de collaboration. Sur ce dernier aspect de confiance, nous avons procédé à une évaluation de la confiance numérique à travers le cumul de réputations basé sur l’historique d’interactions collaboratives de chaque sujet. Enfin, nous avons développé ces différents modules de sécurité orientés pour le contrôle d’accès dans les environnements collaboratifs socioprofessionnels, et nous les avons intégrés au prototype du RSE OpenPaaS
Enterprise social networks (ESN) have revolutionized collaboration between professional organizations. By means of an ESN, conventional mobility constraints, complex procedures for services exchange and the lack of flexibility and communication are no longer concerns. In this thesis we have worked on the project OpenPaaS ESN. Mainly we focused on the management of the access control, which led us to other needs, namely the management of digital identities and their monitoring. We worked primarily on managing the authentication of digital identities within collaborative communities made of heterogeneous enterprises regarding authentication management systems. For this, we have proposed an interoperable architecture for managing federated authentication, allowing thus each enterprise to preserve its (own) authentication mechanism and each principal to perform a single sign on authentication regarding different enterprises. Further, we focused on the management of digital identities accreditations, i.e. Access Control. On this aspect, we have proposed a flexible access control model based on a set of identity attributes. We developed this model on the basis of a formal language based on temporal logic, namely the Event-Calculus logic. We were thus able to make the sharing of resources fluid and agile, and also able to handle temporary authorizations, i.e. delegations. The fluidity and agility of the shares is due to the user-centric resources’ sharing in a straightforward manner. In addition, the logical formalism has allowed us to automatically check the access control policies consistency. For enterprises, our access control system gives them the ability to control the user-centric sharing policies through policies based on a risk management mechanism, which make our access control mechanism dynamic. The risk mechanism is based on the NIST’s risk definition with an alignment with a set of parameters that include access control in the ESN context. More precisely, the dynamic risk management includes, the collaborative resource’s importance, the authentication system’s vulnerabilities and trust level reflected through the behavior of each collaborative actor. On this latter aspect of trust, we made an evaluation of trust through the computation of reputation scores based on the history of collaborative interactions of each subject of collaboration. Finally, we have implemented all those security modules and integrate them as a prototype into OpenPaaS ESN

Web systems have become an integral part in daily life of billions of people. Social is a key characteristic today’s web projects need to feature in order to be successful in the social age. To benefit from an improved user experience, individual persons are continually invited to reveal more and more personal data to web systems. With a rising severity of attacks on web systems, it is evident that their security is inadequate for the amount of accumulated personal data. Numerous threat reports indicate that social media has become a top-ranking attack target, with climbing impacts, with ramifications beyond single individuals and with a booming black market to trade leaked personal data. To enhance information security in managing personal data by web systems for the mutual benefit of individual persons, companies and governments, this dissertation proposes a solution architecture and three research contributions. While the solution architecture establishes the foundation for a more secure management of personal data by web systems, the research contributions represent complementary components for protecting personal data against unwanted data disclosure, tampering and use without the actual data owner’s intent or knowledge. Not only do these components enable seamless integration and combination, but they also contribute to assure quality and maintainability. The dissertation concludes with discussing evaluation results and providing an outlook towards future work.

Schools implement school-wide positive behavior support systems to enforce rules, shape maladaptive behaviors, and promote positive climate where students’ wellbeing can improve. A way to reduce disruptive behaviors is with Accept. Identify. Move (AIM) curriculum with reinforcement system and social-emotional components. Statistical t-test of between group of Intervention Classroom and Control Classroom, within Intervention Classroom group, and within Control Classroom group to evaluate changes in psychological flexibility changes after students received the AIM intervention and control classroom intervention. The between group and within Intervention Classroom group t-test produced statistically significant results, and the within Control Classroom group produced no statically significant results. An ABA design was used to evaluate the effectiveness of the two classrooms receiving separate interventions. This study suggests that the AIM intervention can help students develop physiological flexibility skills and decrease disruptive behaviors in the classroom setting.

Web systems have become an integral part in daily life of billions of people. Social is a key characteristic today’s web projects need to feature in order to be successful in the social age. To benefit from an improved user experience, individual persons are continually invited to reveal more and more personal data to web systems. With a rising severity of attacks on web systems, it is evident that their security is inadequate for the amount of accumulated personal data. Numerous threat reports indicate that social media has become a top-ranking attack target, with climbing impacts, with ramifications beyond single individuals and with a booming black market to trade leaked personal data. To enhance information security in managing personal data by web systems for the mutual benefit of individual persons, companies and governments, this dissertation proposes a solution architecture and three research contributions. While the solution architecture establishes the foundation for a more secure management of personal data by web systems, the research contributions represent complementary components for protecting personal data against unwanted data disclosure, tampering and use without the actual data owner’s intent or knowledge. Not only do these components enable seamless integration and combination, but they also contribute to assure quality and maintainability. The dissertation concludes with discussing evaluation results and providing an outlook towards future work.

L'internet des objets (IoT) est une nouvelle technologie qui vise à connecter des milliards d'objets physiques à Internet. Ces objets peuvent être engagés dans des relations complexes, notamment la composition et la collaboration avec d'autres systèmes indépendants et hétérogènes, afin de fournir de nouvelles fonctionnalités, conduisant ainsi à ce que l'on appelle les systèmes de systèmes (SoS). Les composants de l'IoT communiquent et collaborent dans des environnements distribués et dynamiques, confrontés à plusieurs problèmes de sécurité de grande ampleur. La sécurité es tconsidérée parmi les enjeux majeurs de l'IoT et soulève des défis liés aux contraintes de capacité de calcul et stockage ainsi que le très grand nombre des objets connectés. Dans cette thèse, nous nous intéressons à l'application des outils cryptographiques ainsi que la technologie blockchain pour résoudre les problèmes de sécurité dans l'IoT, à savoir : l'authentification et la gestion de confiance. Dans un premier lieu, nous nous sommes intéressés au problème du contrôle d'accès distant des actionneurs intelligents utilisant des dispositifs IoT. Pour aborder ce problème, nous avons proposé une solution de contrôle d'accès efficace et à granularité fine, basée sur le mécanisme ABE (Attribute Based Encryption) et des chaînes de hachage. À l'aide d'outils formels d'analyse de sécurité, nous avons démontré la sécurité de notre protocole face aux attaques malveillantes. Dans un deuxième lieu, nous avons abordé le problème d'authentification dans les applications IoT basé sur le paradigme du fog computing. Nous avons proposé un nouveau protocole d'authentification mutuelle efficace qui est basé sur la technologie blockchain et la cryptographie à seuil. Dans notre solution, les objets IoT et les serveurs de fog n'ont besoin que de quelques informations à stocker pour vérifier l'authenticité de chaque objet du système. L’authentification est effectuée seulement sur la bordure du réseau sans passer par des entités externes. Ainsi, la latence et la capacité de stockage sont réduites au minimum. Enfin, dans notre troisième contribution, nous avons proposé un nouveau protocole de gestion de réputation basé sur la technologie blockchain et le fog computing, avec la prise en charge de la mobilité des objets connectés. Notre protocole permet aux objets IoT d'évaluer et de partager avec précision la réputation relative aux autres objets de manière scalable, sans se recourir à une entité de confiance. Nous avons confirmé l'efficacité de notre protocole par des analyses théoriques et des simulations approfondies. Nous avons montré que notre protocole surpasse les solutions existantes,notamment en matière de scalabilité, prise en charge de la mobilité, la communication et le calcul
The Internet of things (IoT) is a new technology that aims to connect billions of physical devices to the Internet. The components of IoT communicate and collaborate between each other in distributed and dynamic environments, which are facing several security challenges. In addition, the huge number of connected objects and the limitation of their resources make the security in IoT very difficult to achieve. In this thesis, we focus on the application of lightweight cryptographic approaches and blockchain technology to address security problems in IoT, namely : authentication and trust management. First, we were interested on some kind of IoT applications where we need to control remotely the execution of smart actuators using IoT devices. To solve this problem, we proposed an efficient and fine-grained access controlsolution, based on the Attribute Based Encryption (ABE) mechanism and oneway hash chains. Using formal security tools, we demonstrated the security of our scheme against malicious attacks. Second, we tackled the problem of authentication in IoT based fog computing environments. Existing authentication techniques do not consider latency constraints introduced in the context of fog computing architecture. In addition, some of them do not provide mutual authentication between devices and fog servers. To overcome these challenges, we proposed a novel, efficient and lightweight mutual authentication scheme based on blockchain technologyand secret sharing technique. We demonstrated the efficiency of our authentication scheme through extensive simulations. The third problem treated in this work is the trust management in IoT. Existing trust management protocols do not meet the new requirements introduced in IoT such as heterogeneity, mobility and scalability. To address these challenges, we proposed a new scalable trust management protocol based on consortium blockchain technology and fog computing paradigm, with mobility support. Our solution allows IoT devices to accurately assess and share trust recommendations about other devices in a scalable way without referring to any pre-trusted entity. We confirmed the efficiency of our proposal through theoretical analysis and extensive simulations. Finally, we showed that our protocol outperforms existing solutions especially in terms of scalability, mobility support, communication and computation

Imagine a world where someone’s personal information is constantly compromised, where federal government entities AKA Big Brother always knows what anyone is Googling, who an individual is texting, and their emoticons on Twitter. Government entities have been doing this for years; they never cared if they were breaking the law or their moral compass of human dignity. Every day the Federal government blatantly siphons data with programs from the original ECHELON to the new series like PRISM and Xkeyscore so they can keep their tabs on issues that are none of their business; namely, the personal lives of millions. Our allies are taking note; some are learning our bad habits, from Government Communications Headquarters’ (GCHQ) mass shadowing sharing plan to America’s Russian inspiration, SORM. Some countries are following the United States’ poster child pose of a Brave New World like order of global events. Others like Germany are showing their resolve in their disdain for the rise of tyranny. Soon, these new found surveillance troubles will test the resolve of the American Constitution and its nation’s strong love and tradition of liberty. Courts are currently at work to resolve how current concepts of liberty and privacy apply to the current conditions facing the privacy of society. It remains to be determined how liberty will be affected as well; liberty for the United States of America, for the European Union, the Russian Federation and for the people of the World in regards to the extent of privacy in today’s blurred privacy expectations.
B.S.
Bachelors
Health and Public Affairs
Legal Studies

The SAVI IAM is an identity and access management system for the Multi-tier cloud infrastructure. The goal of the SAVI IAM is to provide a exible system to enable applications to adopt the cloud rapidly rather than concentrating on a speci c function such as federation. The SAVI IAM distinguishes itself from previous work in three aspects: comprehensiveness, stability, and technology independence.The SAVI IAM is a comprehensive solution for cloud providers. It uses two ne-grained access control model: constrained Role-based Access Control and Attribute-based access control. To address application requirement, it has implemented delegation and trust mechanism to enable administrators to delegate their authorities temporarily to applications. The SAVI IAM is scalable in the sense than it can address huge number of requests by increasing the number of instances. On the other hand, the middleware component is able to cache local data in order to boost the performance of the the infrastructure. The SAVI IAM is built on top of Openstack Keystone v2.0, and supports Openstack, Amazon EC2, and SAVI APIs.

博士
國立臺北科技大學
機電科技研究所
99
Cloud computing is a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet.However, cloud computing services are still in a developmental stage; cloud computing best practices are evolving, and security is still a major concern. Furthermore, the traditional Identity and Access Management (IAM) approach cannot fit into a cloud computing platform, because the enterprise does not control the cloud service provider’s IAM practices and has even less influence over strict security practices. The system provides a solution for a Federated Identity Assurance and Access Management System in the Identity and Access Management (IAM) process for a cloud computing environment. The Federated Identity Manager described in this paper is implemented. It supports cross domain single sign-on (CD SSO) and interchanges access control information with partners, reflecting trust relationships. Four subsystems have been successfully implemented in the proposed Management System: Identity Provisioning Module, Authentication and Authorization Management Module, Federated Identity Management Module, and Assurance Management Module. The results of this research can offer better security service management framework for large scale of cloud security services.

碩士
國立臺灣科技大學
資訊管理系
97
With the rapid development of information technology, organizations utilize more and more information services. However, the inconvenience of repeated log-in and the cost of managing services also increase with the growth of information services. Therefore, people proposed Single Sign-On (SSO) to enable users to access multiple services with single identity. Moreover, Federated Identity and Access Management (FIAM) systems extend SSO to provide fine-granularity access control and cross-organizational solution. Current FIAM systems emphasize the performance when deciding user privileges. However, these solutions may sacrifice the data consistency to performance. For example, an intuitive solution to to decide privileges in FIAM systems is to ask Identity Providers (IdPs) about related attributes. When Service Providers (SPs) wish to decide privileges, they send attribute requests to IdPs. When IdPs received the requests, the IdPs response the attributes wrapped in secure packages. While the data consistency is considered, the SPs must request for attributes each time when they wish to decide user privileges. This solution may be not so efficient. Another solution is based on Attribute Certificates (ACs). The IdPs embed the attributes in the user certificates. When the SPs received the certificates from users, they can decide the privileges according to the attributes embedded in the certificates. This solution reduces the cost of repeated inquiry about attributes. However, to ensure the certificates are up-to-date, the SPs must query the status of ACs through Certificate Revocation List (CRL) or Online Certificate Status Protocol (OCSP). Frequent status inquiry about certificates and certificates reissue may also lead to inefficiency. In addition to the above issues, current FIAM solutions may not consider a specific property, system diversity, of FIAM systems. Since FIAM may be applied to different systems and applications, the access patterns may be various and changeable. Therefore, traditional way to achieve data consistency may be not enough. For the above reasons, we proposed Self-Adaptive framework for Federated Identity and Access Management systems (SAFIAM). To take both efficiency and data consistency into consideration, SAFIAM distributes privilege data to SPs and preserves their data consistency in an efficient way. Moreover, to consider about the variety of access patterns, SAFIAM monitors the access patterns and choose the most efficient strategy to achieve data consistency.

碩士
國立臺灣科技大學
資訊管理系
96
In recent years, many organizations start to deploy Identity and Access Management (IAM) or Federated Identity and Access Management (FIAM) systems to reduce the cost and security risks of using and managing different systems. While deploying the IAM or FIAM systems, organizations may usually meet difficulties in integrating legacy systems into IAM or FIAM systems. Current IAM solutions usually adopt the Web-based portal approach and require application system to support the Web-based architecture or HTTP protocol. In light of this, we propose the framework of extensible FEDerated identity and access management framework considering LegACY systems (FEDERACY). Compared to current Web-based approaches, FEDERACY adopts agent-based approach to provide a unified way for individuals to use heterogeneous legacy systems and for administrators to manage the legacy systems without modifying the systems. While the cost of integrating legacy systems to IAM systems can be reduced, FEDERACY can hopefully contribute to the realization of IAM systems.

We live in an age of the mobile paradigm of anytime/anywhere access, as the mobile device is the most ubiquitous device that people now hold. Due to their portability, availability, easy of use, communication, access and sharing of information within various domains and areas of our daily lives, the acceptance and adoption of these devices is still growing. However, due to their potential and raising numbers, mobile devices are a growing target for attackers and, like other technologies, mobile applications are still vulnerable. Health information systems are composed with tools and software to collect, manage, analyze and process medical information (such as electronic health records and personal health records). Therefore, such systems can empower the performance and maintenance of health services, promoting availability, readability, accessibility and data sharing of vital information about a patients overall medical history, between geographic fragmented health services. Quick access to information presents a great importance in the health sector, as it accelerates work processes, resulting in better time utilization. Additionally, it may increase the quality of care. However health information systems store and manage highly sensitive data, which raises serious concerns regarding patients privacy and safety, and may explain the still increasing number of malicious incidents reports within the health domain. Data related to health information systems are highly sensitive and subject to severe legal and regulatory restrictions, that aim to protect the individual rights and privacy of patients. Along side with these legislations, security requirements must be analyzed and measures implemented. Within the necessary security requirements to access health data, secure authentication, identity management and access control are essential to provide adequate means to protect data from unauthorized accesses. However, besides the use of simple authentication models, traditional access control models are commonly based on predefined access policies and roles, and are inflexible. This results in uniform access control decisions through people, different type of devices, environments and situational conditions, and across enterprises, location and time. Although already existent models allow to ensure the needs of the health care systems, they still lack components for dynamicity and privacy protection, which leads to not have desire levels of security and to the patient not to have a full and easy control of his privacy. Within this master thesis, after a deep research and review of the stat of art, was published a novel dynamic access control model, Socio-Technical Risk-Adaptable Access Control modEl (SoTRAACE), which can model the inherent differences and security requirements that are present in this thesis. To do this, SoTRAACE aggregates attributes from various domains to help performing a risk assessment at the moment of the request. The assessment of the risk factors identified in this work is based in a Delphi Study. A set of security experts from various domains were selected, to classify the impact in the risk assessment of each attribute that SoTRAACE aggregates. SoTRAACE was integrated in an architecture with requirements well-founded, and based in the best recommendations and standards (OWASP, NIST 800-53, NIST 800-57), as well based in deep review of the state-of-art. The architecture is further targeted with the essential security analysis and the threat model. As proof of concept, the proposed access control model was implemented within the user-centric architecture, with two mobile prototypes for several types of accesses by patients and healthcare professionals, as well the web servers that handles the access requests, authentication and identity management. The proof of concept shows that the model works as expected, with transparency, assuring privacy and data control to the user without impact for user experience and interaction. It is clear that the model can be extended to other industry domains, and new levels of risks or attributes can be added because it is modular. The architecture also works as expected, assuring secure authentication with multifactor, and secure data share/access based in SoTRAACE decisions. The communication channel that SoTRAACE uses was also protected with a digital certificate. At last, the architecture was tested within different Android versions, tested with static and dynamic analysis and with tests with security tools. Future work includes the integration of health data standards and evaluating the proposed system by collecting users’ opinion after releasing the system to real world.
Hoje em dia vivemos em um paradigma móvel de acesso em qualquer lugar/hora, sendo que os dispositivos móveis são a tecnologia mais presente no dia a dia da sociedade. Devido à sua portabilidade, disponibilidade, fácil manuseamento, poder de comunicação, acesso e partilha de informação referentes a várias áreas e domínios das nossas vidas, a aceitação e integração destes dispositivos é cada vez maior. No entanto, devido ao seu potencial e aumento do número de utilizadores, os dispositivos móveis são cada vez mais alvos de ataques, e tal como outras tecnologias, aplicações móveis continuam a ser vulneráveis. Sistemas de informação de saúde são compostos por ferramentas e softwares que permitem recolher, administrar, analisar e processar informação médica (tais como documentos de saúde eletrónicos). Portanto, tais sistemas podem potencializar a performance e a manutenção dos serviços de saúde, promovendo assim a disponibilidade, acessibilidade e a partilha de dados vitais referentes ao registro médico geral dos pacientes, entre serviços e instituições que estão geograficamente fragmentadas. O rápido acesso a informações médicas apresenta uma grande importância para o setor da saúde, dado que acelera os processos de trabalho, resultando assim numa melhor eficiência na utilização do tempo e recursos. Consequentemente haverá uma melhor qualidade de tratamento. Porém os sistemas de informação de saúde armazenam e manuseiam dados bastantes sensíveis, o que levanta sérias preocupações referentes à privacidade e segurança do paciente. Assim se explica o aumento de incidentes maliciosos dentro do domínio da saúde. Os dados de saúde são altamente sensíveis e são sujeitos a severas leis e restrições regulamentares, que pretendem assegurar a proteção dos direitos e privacidade dos pacientes, salvaguardando os seus dados de saúde. Juntamente com estas legislações, requerimentos de segurança devem ser analisados e medidas implementadas. Dentro dos requerimentos necessários para aceder aos dados de saúde, uma autenticação segura, gestão de identidade e controlos de acesso são essenciais para fornecer meios adequados para a proteção de dados contra acessos não autorizados. No entanto, além do uso de modelos simples de autenticação, os modelos tradicionais de controlo de acesso são normalmente baseados em políticas de acesso e cargos pré-definidos, e são inflexíveis. Isto resulta em decisões de controlo de acesso uniformes para diferentes pessoas, tipos de dispositivo, ambientes e condições situacionais, empresas, localizações e diferentes alturas no tempo. Apesar dos modelos existentes permitirem assegurar algumas necessidades dos sistemas de saúde, ainda há escassez de componentes para accesso dinâmico e proteção de privacidade , o que resultam em níveis de segurança não satisfatórios e em o paciente não ter controlo directo e total sobre a sua privacidade e documentos de saúde. Dentro desta tese de mestrado, depois da investigação e revisão intensiva do estado da arte, foi publicado um modelo inovador de controlo de acesso, chamado SoTRAACE, que molda as diferenças de acesso inerentes e requerimentos de segurança presentes nesta tese. Para isto, o SoTRAACE agrega atributos de vários ambientes e domínios que ajudam a executar uma avaliação de riscos, no momento em que os dados são requisitados. A avaliação dos fatores de risco identificados neste trabalho são baseados num estudo de Delphi. Um conjunto de peritos de segurança de vários domínios industriais foram selecionados, para classificar o impacto de cada atributo que o SoTRAACE agrega. O SoTRAACE foi integrado numa arquitectura para acesso a dados médicos, com requerimentos bem fundados, baseados nas melhores normas e recomendações (OWASP, NIST 800-53, NIST 800-57), e em revisões intensivas do estado da arte. Esta arquitectura é posteriormente alvo de uma análise de segurança e modelos de ataque. Como prova deste conceito, o modelo de controlo de acesso proposto é implementado juntamente com uma arquitetura focada no utilizador, com dois protótipos para aplicações móveis, que providênciam vários tipos de acesso de pacientes e profissionais de saúde. A arquitetura é constituída também por servidores web que tratam da gestão de dados, controlo de acesso e autenticação e gestão de identidade. O resultado final mostra que o modelo funciona como esperado, com transparência, assegurando a privacidade e o controlo de dados para o utilizador, sem ter impacto na sua interação e experiência. Consequentemente este modelo pode-se extender para outros setores industriais, e novos níveis de risco ou atributos podem ser adicionados a este mesmo, por ser modular. A arquitetura também funciona como esperado, assegurando uma autenticação segura com multi-fator, acesso e partilha de dados segura baseado em decisões do SoTRAACE. O canal de comunicação que o SoTRAACE usa foi também protegido com um certificado digital. A arquitectura foi testada em diferentes versões de Android, e foi alvo de análise estática, dinâmica e testes com ferramentas de segurança. Para trabalho futuro está planeado a integração de normas de dados de saúde e a avaliação do sistema proposto, através da recolha de opiniões de utilizadores no mundo real.

碩士
東吳大學
資訊管理學系
105
In response to a changing world and the fast growth of the Internet, more and more enterprises are replacing web-based services with cloud-based ones. Multi-tenancy technology is getting more important especially with Software as a Service (SaaS). This, in turn, leads to a greater focus on the application of Identity and Access Management (IAM). Conventional Near-Field Communication (NFC)-based verification relies on a computer browser and a card reader to access an NFC tag. This type of verification does not support mobile device login and user based access management functions. This study designs an NFC-based third-party cloud identity and access management scheme (NFC-IAM) addressing this shortcoming. Data from simulation tests analyzed with Key Performance Indicators (KPI) suggests NFC-IAM not only takes less time in identity identification but also cuts time by 30% in terms of two-factor authentication and improves verification accuracy to 99.9% or better. CPU utilization reduces about 20% when the server verifies the identity. We import Container virtualization technology in terms of access management affects few more data overhead, but the response time declines about 50%. In functional performance analysis, NFC-IAM has better performance in scalability and portability. The NFC-IAM App (Application Software) and backend system to be developed and deployed in identity and access management of mobile devices also offer users a more user-friendly experience and stronger security protection in cloud services. In the future, our proposed NFC-IAM can be employed to different applications including identification for mobile payment systems of Fin Tech, permission management for remote equipment monitoring of Internet of Things (IoT), and other applications.

Nowadays e-learning is greatly used in universities and other organizations all over the world. E-learning emerged as a powerful way of making the learner?s information accessible in a setting free from time and place constraints. This thesis introduces a technical way to increase the quality of an e-learning system and Content Management Systems in the Integration of e-learning tools with the existing management systems, such as Shibboleth. Shibboleth is an Internet2/MACE project with IBM financial support, developing architectures and technologies to support inter-organizational sharing of resources, which are subject to access controls. The goal of this dissertation is using Shibboleth architecture for the secure exchanges of resource inter universities, who are using e-learning platforms such as Moodle. Shibboleth was selected because it enables the Authentication, Authorization system login and all the attributes, in a complete way. On the other hand, it makes possible the collaboration between institutions and the access to a great range of contents in an e-learning environment. Using Shibboleth in Universities provides a well-protected educational environment offered by an e-learning infrastructure. This thesis describes a secure manner of e-learning at The University of Lisbon, where Shibboleth Identity Provider was installed, and configured to make use of some of the existing user repositories as the source of its Identity Management system, joint to Piloto-AAI Federation located in FCCN (National Scientific Computing Foundation). Finally, this master?s thesis also addresses the assessment of users in an e-learning environment using the Shibboleth.
Hoje em dia, o conceito de e-learning está amplamente dessiminado nas universidades e em outras organizações, por todo o mundo. O e-learning emergiu como uma forma poderosa de tornar acessível a informação do aluno, independentemente dos constrangimentos temporais e de localização. Esta tese introduz um modo técnico de aumentar a qualidade de um sistema de e-learning e Management Systems no processo de integração das ferramentas de elearning com os sistemas de gestão existentes, tal como o Shibboleth. Shibboleth é um projecto Internet2/MACE com suporte financeiro IBM, desenvolvimento de arquitecturas e tecnologias que suportem a partilha inter-organizacional de recursos, base para o controlo de acesso. O objectivo desta dissertação é usar a arquitectura Shibboleth para uma partilha de recursos entre universidades que usam plataformas de e-learning tal como a Moodle. Shibboleth foi escolhida pois permite a autenticação, autorização de login no sistema e todos os restantes atributos, de um modo completo. Por outro lado, torna possível a colaboração entre instituições e o acesso a uma vasta gama de conteúdos em ambiente e-learning. Esta tese descreve um modo seguro de e-learning implementado na Faculty of science, onde o Shibboleth Identity Provider foi instalado e configurado para fazer uso de repositórios existentes como fonte do sistema Identity Management, conectado ao Piloto-AAI Federation localizado na Fundação para a Computação Científica Nacional (FCCN). Finalmente, esta tese de mestrado também remete o acesso de utilizadores no ambiente de e learning usando o Shibboleth.
Tese de mestrado em Informática, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2008

abstract: The Centers for Disease Control and Prevention (2017) note that gay, bisexual, and other men who have sex with men (collectively referred to as MSM) face more barriers to accessing health care compared to other men. Such barriers include, lack of cultural- and sexual identity-appropriate medical and support services, concerns about confidentiality, and fear of discussing sexual practices or orientation in a medical setting. In comparison to other MSM populations, Latino MSM (LMSM) report having the least amount of access to health care (McKirnan et al., 2012). The purpose of the present study is to elucidate how individual- (i.e., age, education level, and income level), community- (i.e., social support and neighborhood collective efficacy), and sociocultural-level factors (i.e., immigration status, heterosexual self-presentation, sexual identity commitment, sexual identity exploration, and ethnic identity affirmation and belonging) may relate with perceived access to healthcare. It is hypothesized that ethnic identity affirmation and belonging will moderate relations between the aforementioned predictors and perceived access to health care based on increasing evidence that ethnic identity, or one’s sense of affirmation and belonging to one’s ethnic group, may be a health protective factor. Among a sample of 469 LMSM, this study found that there were several predictors across all three levels (i.e., individual, community, and sociocultural) of perceived access to healthcare. Additionally, data supported evidence that ethnic identity affirmation and belonging (Phinney, 2003) acts as a moderator of other predictors of perceived access to healthcare in this sample. These findings can inform outreach interventions of researchers and healthcare providers about psychosocial and cultural barriers and facilitators of access to healthcare.
Dissertation/Thesis
Masters Thesis Counseling Psychology 2020

The topic of this master's thesis is development of identity management solution for small and medium business. The thesis is divided into four major parts. The first part contains theoretical background as description of RBAC model or model with relationships between practically used objects (user identity, role, position, permission, account...). Analysis of functioning and needs of targeted organizations was carried out in the second part. The third part describes the design of the developed application. The fourth part discusses actual implementation of the application. The main outcome of the thesis is implemented application that can be deployed at thesis defined organizations. The application includes all the functionality required in the first phase of the project.

This thesis documents the process of creating fully automated and autonomous robot, which will provide the creation of accesses to company's information systems and applications. The thesis contains the analysis of current state, which is the base for a design of a new solution that follows. The design is composed of creating new, as well as editing the current processes for creating accesses. Subsequently, the creation and configuration of an email server, as part of the solution, is described. Next follows the implementation of robot itself, using the tool BluePrism. The thesis is ended by testing the created solution and a discussion about using this solution in other companies.

In service-oriented architecture, services can communicate and share data among themselves. This thesis presents a solution that allows detecting several types of data leakages made by authorized insiders to unauthorized services. My solution provides role-based and attribute-based access control for data so that each service can access only those data subsets for which the service is authorized, considering a context and service’s attributes such as security level of the web browser and trust level of service. My approach provides data protection in transit and at rest for both centralized and peer-to-peer service architectures. The methodology ensures confidentiality and integrity of data, including data stored in untrusted cloud. In addition to protecting data against malicious or curious cloud or database administrators, the capability of running a search through encrypted data, using SQL queries, and building analytics over encrypted data is supported. My solution is implemented in the “WAXEDPRUNE” (Web-based Access to Encrypted Data Processing in Untrusted Environments) project, funded by Northrop Grumman Cybersecurity Research Consortium. WAXEDPRUNE methodology is illustrated in this thesis for two use cases, including a Hospital Information System with secure storage and exchange of Electronic Health Records and a Vehicle-to-Everything communication system with secure exchange of vehicle’s and drivers’ data, as well as data on road events and road hazards.

To help with investigating data leakage incidents in service-oriented architecture, integrity of provenance data needs to be guaranteed. For that purpose, I integrate WAXEDPRUNE with IBM Hyperledger Fabric blockchain network, so that every data access, transfer or update is recorded in a public blockchain ledger, is non-repudiatable and can be verified at any time in the future. The work on this project, called “Blockhub,” is in progress.