Дисертації з теми "Security solutions"
Щоб переглянути інші типи публікацій з цієї теми, перейдіть за посиланням: Security solutions.
Оформте джерело за APA, MLA, Chicago, Harvard та іншими стилями
Ознайомтеся з топ-50 дисертацій для дослідження на тему "Security solutions".
Біля кожної праці в переліку літератури доступна кнопка «Додати до бібліографії». Скористайтеся нею – і ми автоматично оформимо бібліографічне посилання на обрану працю в потрібному вам стилі цитування: APA, MLA, «Гарвард», «Чикаго», «Ванкувер» тощо.
Також ви можете завантажити повний текст наукової публікації у форматі «.pdf» та прочитати онлайн анотацію до роботи, якщо відповідні параметри наявні в метаданих.
Переглядайте дисертації для різних дисциплін та оформлюйте правильно вашу бібліографію.
1
Mustafa, Ali, Nasir Siddique, and Mubeen Zubair. "DATA LINK LAYER SECURITY PROBLEMS AND SOLUTIONS." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-27574.
Анотація:
The Open Systems Interconnect Model (OSI) is a conceptual model of networking thatcategorizes network functions into seven layers. It is defined in this model that how layerscommunicate with each other. In this thesis, we address common Layer 2 attacks and theirsolutions. Layer 2 is considered a very weak link in a secure network. If the data is compromisedat Layer 2, it cannot be detected at other layers because each layer works without the knowledgeof other layers. We discuss Layer 2 weakness and vulnerability exploitation tools briefly. It isexplained how an attacker can exploit network by using different attack tools. Our results showthat these attacks are very productive if a network administrator does not implement propersecurity at Layer 2 in the OSI model. We propose solutions to secure Layer 2 devices and thesesolutions are implemented by using attack tools. Security configurations are deployed to combatagainst attacks and protect the integrity, confidentiality, and availability of the network traffic.
2
Alsaid, Adil. "Enhancing end user security : attacks and solutions." Thesis, Royal Holloway, University of London, 2007. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.439012.
3
Bailey, Carmen F. "Analysis of security solutions in large enterprises." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2003. http://library.nps.navy.mil/uhtbin/hyperion-image/03Jun%5FBailey.pdf.
4
Ho, Sze-lok, and 何思樂. "Technical solutions for conducting investigations in digital age." Thesis, The University of Hong Kong (Pokfulam, Hong Kong), 2012. http://hub.hku.hk/bib/B48521802.
Анотація:
Confidentiality has always been a concern in secret operation. In this thesis, we consider the situation of legitimate data request and transfer between investigator and database owner who provides intelligence, where the identity of the investigation subject and the records in the database are both confidential. Current practice of secret investigation solely relies on the integrity and carefulness of the involved individuals to resist data leakage, but regulations, policy, agreement, such human means cannot give a promising solution, thus a technical means is needed. As appropriate solution for this confidential data request and transfer problem cannot be found from related research, our goal is to offer a means that can help keeping the investigation secret and protecting irrelevant data at the same time.
We present a technical solution for preserving two-way confidentiality between the investigator (legitimate data requester) and the database owner (legitimate data holder), which can accommodate the concerns of both sides during the specific information request and transfer. Two schemes, Sender-Based Scheme and Receiver-Based Scheme, have been proposed to solve the problem under different conditions, and illustration of executing our schemes is given through an example situation “Investigator and Private hospital” which is an ordinary scenario during investigation. Furthermore, a practical cost reduction methodology on the schemes and sensible proposals for extensions are suggested and discussed. The direction of future work is also considered.published_or_final_version
Computer Science
Master
Master of Philosophy
5
Alexander, James. "Promoting security imaginaries : an analysis of the market for everyday security solutions." Thesis, University of Manchester, 2014. https://www.research.manchester.ac.uk/portal/en/theses/promoting-security-imaginaries-an-analysis-of-the-market-for-everyday-security-solutions(1dc57433-40f6-40c1-bd13-56ab2347c35a).html.
Анотація:
This thesis is centred on the question of the effect security technologies, and the imaginaries associated with them, have on the formation of the present security doxa. With a more nuanced understanding of technology as process, and the role of imagination reintroduced into the nexus, this thesis aims to enable an understanding of how technological security solutions are deployed in everyday life and how this contributes to a reformulating of politics in a world gripped by anxiety about an uncertain future. Of primary interest is the way in which seemingly mundane technologies can enter the dominant security narrative and achieve deployment in everyday life, not only as the prime solution to concerns of risk, but as something to actively be desired in themselves. A vital and understudied arena for the dissemination of specific imaginaries of mundane security tools as the ultimate solution to a risky future – as an end in and of themselves – are the spaces of promotion for such technologies. The centrepiece of promotion is found at the trade fairs and exhibitions where one can witness the marketing and sale of the ‘latest and greatest’ tech fixes from an ever increasing range of private sector security entrepreneurs whose living is made from promoting security. By offering both a mapping of the wider expansion and logic of the security fair world, and an ethnographic study of interactions within the exhibition walls of the International Fire and Security Exhibition and Conference (IFSEC) over the course of three years, this thesis makes it possible to develop a better understanding of both the makeup and relations between these elements, and expose these gatherings as more than just sites of commerce and consumption, and much more than simply a metaphor for the wider security world. Instead, they can be thought of as hotspots of intensive exchange of knowledge, new ideas and network building. Thus, this thesis aims to demonstrate how international trade fairs and exhibitions are more than just an ever more important means of distributing security technologies. It is not a question of the relationship between visitors and exhibitors, or the particular effectiveness of marketing strategies deployed by individual firms. It is about the underpinning logic of a particular mind-set regarding what it means to consume security as a commodity, and a specific imagining of a secured future with such solutions as the ultimate end-in-themselves and how these spaces are pivotal in the dissemination, propagation and reformulation of changing attitudes towards security.
6
Skaria, Sherin, and Fazely Hamedani Amir Reza. "Network Security Issues, Tools for Testing Security in Computer Network and Development Solution for Improving Security in Computer Network." Thesis, Halmstad University, Halmstad University, Halmstad University, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-4396.
7
Raza, Shahid. "Lightweight Security Solutions for the Internet of Things." Doctoral thesis, Mälardalens högskola, Akademin för innovation, design och teknik, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-18863.
Анотація:
The future Internet will be an IPv6 network interconnecting traditional computers and a large number of smart object or networks such as Wireless Sensor Networks (WSNs). This Internet of Things (IoT) will be the foundation of many services and our daily life will depend on its availability and reliable operations. Therefore, among many other issues, the challenge of implementing secure communication in the IoT must be addressed. The traditional Internet has established and tested ways of securing networks. The IoT is a hybrid network of the Internet and resource-constrained networks, and it is therefore reasonable to explore the options of using security mechanisms standardized for the Internet in the IoT. The IoT requires multi-facet security solutions where the communication is secured with confidentiality, integrity, and authentication services; the network is protected against intrusions and disruptions; and the data inside a sensor node is stored in an encrypted form. Using standardized mechanisms, communication in the IoT can be secured at different layers: at the link layer with IEEE 802.15.4 security, at the network layer with IP security (IPsec), and at the transport layer with Datagram Transport Layer Security (DTLS). Even when the IoT is secured with encryption and authentication, sensor nodes are exposed to wireless attacks both from inside the WSN and from the Internet. Hence an Intrusion Detection System (IDS) and firewalls are needed. Since the nodes inside WSNs can be captured and cloned, protection of stored data is also important. This thesis has three main contributions. (i) It enables secure communication in the IoT using lightweight compressed yet standard compliant IPsec, DTLS, and IEEE 802.15.4 link layer security; and it discusses the pros and cons of each of these solutions. The proposed security solutions are implemented and evaluated in an IoT setup on real hardware. (ii) This thesis also presents the design, implementation, and evaluation of a novel IDS for the IoT. (iii) Last but not least, it also provides mechanisms to protect data inside constrained nodes. The experimental evaluation of the different solutions shows that the resource-constrained devices in the IoT can be secured with IPsec, DTLS, and 802.15.4 security; can be efficiently protected against intrusions; and the proposed combined secure storage and communication mechanisms can significantly reduce the security-related operations and energy consumption.
8
Hussein, Soran. "Lightweight Security Solutions for LTE/LTE-A Networks." Thesis, Paris 11, 2014. http://www.theses.fr/2014PA112366/document.
Анотація:
Récemment, le 3GPP (3rd Generation Partnership Project) a standardisé les systèmes LTE/LTE-A (Long Term Evolution/LTE-Advanced) qui ont été approuvés par l'UIT (Union Internationale des Télécommunications) comme des réseaux de télécommunications mobiles de 4éme génération. La sécurité est l'une des questions essentielles qui doivent être traitées avec soin pour protéger les informations de l'opérateur et des utilisateurs. Aussi, le 3GPP a normalisé plusieurs algorithmes et protocoles afin de sécuriser les communications entre les différentes entités du réseau. Cependant, l'augmentation du niveau de sécurité dans ces systèmes ne devrait pas leur imposer des contraintes lourdes telles qu’une grande complexité de calcul ou encore une forte consommation d'énergie. En effet, l'efficacité énergétique est devenue récemment un besoin critique pour les opérateurs afin de réduire l’empreinte écologique et les coûts opérationnels de ces systèmes. Les services de sécurité dans les réseaux mobiles tels que l'authentification, la confidentialité et l'intégrité des données sont le plus souvent effectués en utilisant des techniques cryptographiques. Toutefois, la plupart des solutions standardisées déjà adoptées par le 3GPP dépendent des algorithmes de chiffrement qui possèdent une grande complexité, induisant une consommation énergétique plus élevée dans les différentes entités communicantes du réseau. La confidentialité des données, qui se réfère principalement au fait de s'assurer que l'information n'est accessible qu'à ceux dont l'accès est autorisé, est réalisée au niveau de la sous-couche PDCP (Packet Data Convergence Protocol) de la pile protocolaire de LTE/LTE-A par l'un des trois algorithmes normalisés (EEA1, EEA2 et EEA3). Or, chacun des trois algorithmes exige une forte complexité de calcul car ils reposent sur la théorie de chiffrement de Shannon qui utilise les fonctions de confusion et de diffusion sur plusieurs itérations. Dans cette thèse, nous proposons un nouvel algorithme de confidentialité en utilisant le concept de substitution et de diffusion dans lequel le niveau de sécurité requis est atteint en un seul tour. Par conséquent, la complexité de calcul est considérablement réduite ce qui entraîne une réduction de la consommation d'énergie par les fonctions de chiffrement et de déchiffrement. De plus, la même approche est utilisée pour réduire la complexité des algorithmes 3GPP d'intégrité des données (EIA1, EIA2 et EIA3) dont le concept de chiffrement repose sur les mêmes fonctions complexes. Enfin, nous étudions dans cette thèse le problème d'authentification dans le contexte du paradigme D2D (Device to Device communications) introduit dans les systèmes 4G. Le concept D2D se réfère à la communication directe entre deux terminaux mobiles sans passer par le cœur du réseau. Il constitue un moyen prometteur pour améliorer les performances et réduire la consommation d'énergie dans les réseaux LTE/LTE-A. Toutefois, l'authentification et la dérivation de clé entre deux terminaux mobiles dans le contexte D2D n’ont pas fait l’objet d’études. Aussi, nous proposons un nouveau protocole léger d’authentification et de dérivation de clé permettant d’authentifier les terminaux D2D et de dériver les clés nécessaires à la fois pour le cryptage et pour la protection de l'intégrité des donnéesRecently, the 3rd Group Project Partnership (3GPP) has developed Long Term Evolution/ Long Term Evolution-Advanced (LTE/LTE-A) systems which have been approved by the International Telecommunication Union (ITU) as 4th Generation (4G) mobile telecommunication networks. Security is one of critical issues which should be handled carefully to protect user's and mobile operator's information. Thus, the 3GPP has standardized algorithms and protocols in order to secure the communications between different entities of the mobile network. However, increasing the security level in such networks should not compel heavy constrains on these networks such as complexity and energy. Indeed, energy efficiency has become recently a critical need for mobile network operators for reduced carbon emissions and operational costs. The security services in mobile networks such as authentication, data confidentiality and data integrity are mostly performed using cryptographic techniques.However, most of the standardized solutions already adopted by the3GPP depend on encryption algorithms which possess high computational complexity which in turn contributes in consuming further energy at the different network communication parties.Data confidentiality which mainly refers to the protection of the user’s information privacy is achieved at the Packet Data Convergence Protocol (PDCP) sub-layer in the LTE/LTE-A protocol stack by one of the three standardized algorithms (EEA1, EEA2 and EEA3). However, each of the three algorithms requires high computational complexity since they rely on Shannon’s theory of encryption algorithms by applying confusion and diffusion for several rounds. In our thesis we propose a novel confidentiality algorithm using the concept of substitution and diffusion in which the required security level is attained in only one round. Consequently the computational complexity is considerably reduced which in return results in reducing the energy consumption during both encryption and decryption procedures. Similarly, the same approach is used to reduce the complexity of 3GPP data integrity algorithms (EIA1, EIA2 and EIA3) which the core cipher rely on the same complex functions. Finally, we investigate in this thesis the authentication issue in Device to Device paradigms proposal in 4G systems. Device to Device communications refer to direct communications between two mobile devices without passing through the core network. They constitute a promising mean to increase the performance and reduce energy consumptions in LTE/LTE-A networks. In such context, the authentication and key derivation between two mobile devices have not been well investigated. Thus, a novel lightweight authentication and key derivation protocol is proposed to authenticate two communicating devices during session establishments as well as deriving necessary keys for both data encryption and integrity protection
9
Lejaha, Retselisitsoe. "SDN based security solutions for multi-tenancy NFV." Master's thesis, University of Cape Town, 2017. http://hdl.handle.net/11427/24474.
Анотація:
The Internet continues to expand drastically as a result of explosion of mobile devices, content, server virtualization, and advancement of cloud services. This increase has significantly changed traffic patterns within the enterprise data centres. Therefore, advanced technologies are needed to improve traditional network deployments to enable them to handle the changing network patterns. Software defined networks (SDN) and network function virtualisation (NFV) are innovative technologies that enable network flexibility, increase network and service agility, and support service-driven virtual networks using concepts of virtualisation and softwarisation. Collaboration of these two concepts enable cloud operator to offer network-as-a-service (NaaS) to multiple tenants in a data-centre deployment. Despite the benefits brought by these technologies, they also bring along security challenges that need to be addressed and managed to ensure successful deployment and encourage faster adoption in industry. This dissertation proposes security solution based on tenant isolation, network access control (NAC) and network reconfiguration that can be implemented in NFV multi-tenant deployment to guarantee privacy and security of tenant functions. The evaluation of the proof-of-concept framework proves that SDN based tenant isolation solution provides a high level of isolation in a multi-tenant NFV cloud. It also shows that the proposed network reconfiguration greatly reduces chances of an attacker correctly identifying location and IP addresses of tenant functions within the cloud environment. Because of resource limitation, the proposed NAC solution was not evaluated. The efficiency of this solution for multitenancy NFV has been added as part of future work.
10
Okwuibe, J. (Jude). "Performance evaluation of HIP-based network security solutions." Master's thesis, University of Oulu, 2015. http://jultika.oulu.fi/Record/nbnfioulu-201510102056.
Анотація:
Abstract. Host Identity Protocol (HIP) is a networking technology that systematically separates the identifier and locator roles of IP addresses and introduces a Host Identity (HI) name space based on a public key security infrastructure. This modification offers a series of benefits such as mobility, multi-homing, end-to-end security, signaling, control/data plane separation, firewall security, e.t.c. Although HIP has not yet been sufficiently applied in mainstream communication networks, industry experts foresee its potential as an integral part of next generation networks.
HIP can be used in various HIP-aware applications as well as in traditional IP-address-based applications and networking technologies, taking middle boxes into account. One of such applications is in Virtual Private LAN Service (VPLS), VPLS is a widely used method of providing Ethernet-based Virtual Private Network that supports the connection of geographically separated sites into a single bridged domain over an IP/MPLS network. The popularity of VPLS among commercial and defense organizations underscores the need for robust security features to protect both data and control information.
After investigating the different approaches to HIP, a real world testbed is implemented. Two experiment scenarios were evaluated, one is performed on two open source Linux-based HIP implementations (HIPL and OpenHIP) and the other on two sets of enterprise equipment from two different companies (Tempered Networks and Byres Security). To account for a heterogeneous mix of network types, the Open source HIP implementations were evaluated on different network environments, namely Local Area Network (LAN), Wireless LAN (WLAN), and Wide Area Network (WAN). Each scenario is tested and evaluated for performance in terms of throughput, latency, and jitter.
The measurement results confirmed the assumption that no single solution is optimal in all considered aspects and scenarios. For instance, in the open source implementations, the performance penalty of security on TCP throughput for WLAN scenario is less in HIPL than in OpenHIP, while for WAN scenario the reverse is the case. A similar outcome is observed for the UDP throughput. However, on latency, HIPL showed lower latency for all three network test scenarios. For the legacy equipment experiment, the penalty of security on TCP throughput is about 19% compared with the non-secure scenario while latency is increased by about 87%. This work therefore provides viable information for researchers and decision makers on the optimal solution to securing their VPNs based on the application scenarios and the potential performance penalties that come with each approach.HIP-pohjaisten tietoliikenneverkkojen turvallisuusratkaisujen suorituskyvyn arviointi. Tiivistelmä. Koneen identiteettiprotokolla (HIP, Host Identity Protocol) on tietoliikenneverkkoteknologia, joka käyttää erillistä kerrosta kuljetusprotokollan ja Internet-protokollan (IP) välissä TCP/IP-protokollapinossa. HIP erottaa systemaattisesti IP-osoitteen verkko- ja laite-osat, sekä käyttää koneen identiteetti (HI) -osaa perustuen julkisen avainnuksen turvallisuusrakenteeseen. Tämän hyötyjä ovat esimerkiksi mobiliteetti, moniliittyminen, päästä päähän (end-to-end) turvallisuus, kontrolli-informaation ja datan erottelu, kohtaaminen, osoitteenmuutos sekä palomuurin turvallisuus. Teollisuudessa HIP-protokolla nähdään osana seuraavan sukupolven tietoliikenneverkkoja, vaikka se ei vielä olekaan yleistynyt laajaan kaupalliseen käyttöön.
HIP–protokollaa voidaan käyttää paitsi erilaisissa HIP-tietoisissa, myös perinteisissä IP-osoitteeseen perustuvissa sovelluksissa ja verkkoteknologioissa. Eräs tällainen sovellus on virtuaalinen LAN-erillisverkko (VPLS), joka on laajasti käytössä oleva menetelmä Ethernet-pohjaisen, erillisten yksikköjen ja yhden sillan välistä yhteyttä tukevan, virtuaalisen erillisverkon luomiseen IP/MPLS-verkon yli. VPLS:n yleisyys sekä kaupallisissa- että puolustusorganisaatioissa korostaa vastustuskykyisten turvallisuusominaisuuksien tarpeellisuutta tiedon ja kontrolliinformaation suojauksessa.
Tässä työssä tutkitaan aluksi HIP-protokollan erilaisia lähestymistapoja. Teoreettisen tarkastelun jälkeen käytännön testejä suoritetaan itse rakennetulla testipenkillä. Tarkasteltavat skenaariot ovat verrata Linux-pohjaisia avoimen lähdekoodin HIP-implementaatioita (HIPL ja OpenHIP) sekä verrata kahden eri valmistajan laitteita (Tempered Networks ja Byres Security). HIP-implementaatiot arvioidaan eri verkkoympäristöissä, jota ovat LAN, WLAN sekä WAN. Kaikki testatut tapaukset arvioidaan tiedonsiirtonopeuden, sen vaihtelun (jitter) sekä latenssin perusteella.
Mittaustulokset osoittavat, että sama ratkaisu ei ole optimaalinen kaikissa tarkastelluissa tapauksissa. Esimerkiksi WLAN-verkkoa käytettäessä turvallisuuden aiheuttama häviö tiedonsiirtonopeudessa on HIPL:n tapauksessa OpenHIP:iä pirnempi, kun taas WAN-verkon tapauksessa tilanne on toisinpäin. Samanlaista käyttäytymistä havaitaan myös UDP-tiedonsiirtonopeudessa. HIPL antaa kuitenkin pienimmän latenssin kaikissa testiskenaarioissa. Eri valmistajien laitteita vertailtaessa huomataan, että TCP-tiedonsiirtonopeus huononee 19 ja latenssi 87 prosenttia verrattuna tapaukseen, jossa turvallisuusratkaisua ei käytetä. Näin ollen tämän työn tuottama tärkeä tieto voi auttaa alan toimijoita optimaalisen verkkoturvallisuusratkaisun löytämisessä VPN-pohjaisiin sovelluksiin.
11
Gaboriau-Couanau, Clément. "Security of Embedded Software : An Analysis of Embedded Software Vulnerabilities and Related Security Solutions." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-215703.
Анотація:
The increased use of computer systems for storing private data or doing critical operations leads to some security issues gathered in the area cybersecurity. This neologism leads people to think about the security of information systems and general-purpose computers. However, with the growth of the Internet of Things, embedded systems are also concerned with these issues. The speed of development of this area often leads to a backwardness in the security features. The thesis investigates the security of embedded systems by focusing on embedded software. After classifying the vulnerabilities which could be encountered in this field, a first part of this work introduces the realisation of a document gathering guidelines related to secure development of embedded software. This realisation is based on an analysis of the literature review, but also on the knowledge of engineers of the company. These guidelines are applied to the project of a client. The result of their application allows us to prove their consistency and to write a set of recommendations to enhance the security of the project. The thesis presents the implementation of some of them. Particularly, it introduces a way to secure an Inter-Process Communication (IPC) mean: D-Bus, through a proof of concept. The result shows that the security policy of D-Bus is efficient against some attacks. Nevertheless, it also points out that some att acks remain feasible. The solution is implemented on an embedded board to analyse the computational overhead related to this embedded aspect. As expected, a more complex and detailed a policy is, the higher the overhead tends to be. Nevertheless, this computational overhead is proportional to the number of rules of the policy.Den ökade användningen av datorsystem för att lagra privata data eller göra kritiska operationer leder till vissa säkerhetsproblem som samlas i området cybersäkerhet. Denna neologism leder människor att tänka på säkerhetssystemen för informationssystem och allmänt tillgängliga datorer. Men med tillväxten av saker i saken är inbyggda system också berörda av dessa frågor. Utvecklingshastigheten för detta område leder ofta till en underutveckling säkerhetsfunktionerna.Avhandlingen undersöker säkerheten för inbyggda system genom att fokusera på inbyggd programvara. Efter att ha klassificerat de sårbarheter som kan uppstå i det här fältet introducerar en första del av det här arbetet realisationen av ett dokument av riktlinjer om säker utveckling av inbyggd programvara. Denna insikt bygger på en analys av litteraturgranskningen, men också på kunskap om ingenjörer i företaget. Dessa riktlinjer tillämpas på en kunds projekt.Resultatet av deras ansökan gör det möjligt för oss att bevisa deras konsistens och att skriva rekommendationer för att förbättra projektets säkerhet. Avhandlingen presenterar genomförandet av några av dem. Ett sätt införs särskilt patt säkra en interprocesskommunikation (IPC) menande: DBus, genom ett konceptbevis. Resultatet visar att D-Busens säkerhetspolitik är effektiv mot vissa attacker. Det påpekar emellertid också att vissa attacker fortfarande är möjliga. Lösningen implementeras på ett inbyggd kort för att analysera beräkningsoverhead som är relaterad till denna inbyggda aspekt. Som förväntat är en mer komplex och detaljerad politik, desto högr e överhuvudtaget tenderar att vara. Ändå är denna beräkningskostnad proportionell mot antalet av regler av säkerhetspolitiken.
12
Bohio, Muhammad Junaid. "Identity-based security solutions for mobile ad hoc networks." Thesis, University of Ottawa (Canada), 2004. http://hdl.handle.net/10393/26586.
Анотація:
In this thesis, we propose security solutions for pairwise and broadcast communication in mobile ad hoc networks. We use identity-based keys that do not require certificates and that simplify key management. We use pairwise symmetric keys that are computed non-interactively by the nodes, which reduces communication overhead. Our pairwise-key management protocol requires a minimum number of keys, O(N), to be generated by the third party as compared to the conventional pairwise schemes with O(N2). We also propose an efficient identity-based signature scheme for an authenticated broadcast protocol, a collision-free method for computing broadcast keys, a key escrow free scheme and a signcryption scheme as an alternative to our signature-encryption algorithm for broadcast protocol. Since in the group key distribution in mobile ad hoc networks there is the possibility of packet loss due to the mobility of users and wireless channels, we also propose self-healing, mutual-healing and some optimization techniques for the recovery of lost session keys.
13
Aslam, Baber. "Networking and security solutions for VANET initial deployment stage." Doctoral diss., University of Central Florida, 2012. http://digital.library.ucf.edu/cdm/ref/collection/ETD/id/5109.
Анотація:
Vehicular ad hoc network (VANET) is a special case of mobile networks, where vehicles equipped with computing/communicating devices (called "smart vehicles") are the mobile wireless nodes. However, the movement pattern of these mobile wireless nodes is no more random, as in case of mobile networks, rather it is restricted to roads and streets. Vehicular networks have hybrid architecture; it is a combination of both infrastructure and infrastructure-less architectures. The direct vehicle to vehicle (V2V) communication is infrastructure-less or ad hoc in nature. Here the vehicles traveling within communication range of each other form an ad hoc network. On the other hand, the vehicle to infrastructure (V2I) communication has infrastructure architecture where vehicles connect to access points deployed along roads. These access points are known as road side units (RSUs) and vehicles communicate with other vehicles/wired nodes through these RSUs. To provide various services to vehicles, RSUs are generally connected to each other and to the Internet. The direct RSU to RSU communication is also referred as I2I communication. The success of VANET depends on the existence of pervasive roadside infrastructure and sufficient number of smart vehicles. Most VANET applications and services are based on either one or both of these requirements. A fully matured VANET will have pervasive roadside network and enough vehicle density to enable VANET applications. However, the initial deployment stage of VANET will be characterized by the lack of pervasive roadside infrastructure and low market penetration of smart vehicles. It will be economically infeasible to initially install a pervasive and fully networked roadside infrastructure, which could result in the failure of applications and services that depend on V2I or I2I communications. Further, low market penetration means there are insufficient number of smart vehicles to enable V2V communication, which could result in failure of services and applications that depend on V2V communications. Non-availability of pervasive connectivity to certification authorities and dynamic locations of each vehicle will make it difficult and expensive to implement security solutions that are based on some central certificate management authority. Non-availability of pervasive connectivity will also affect the backend connectivity of vehicles to the Internet or the rest of the world. Due to economic considerations, the installation of roadside infrastructure will take a long time and will be incremental thus resulting in a heterogeneous infrastructure with non-consistent capabilities. Similarly, smart vehicles will also have varying degree of capabilities. This will result in failure of applications and services that have very strict requirements on V2I or V2V communications. We have proposed several solutions to overcome the challenges described above that will be faced during the initial deployment stage of VANET. Specifically, we have proposed: 1) a VANET architecture that can provide services with limited number of heterogeneous roadside units and smart vehicles with varying capabilities, 2) a backend connectivity solution that provides connectivity between the Internet and smart vehicles without requiring pervasive roadside infrastructure or large number of smart vehicles, 3) a security architecture that does not depend on pervasive roadside infrastructure or a fully connected V2V network and fulfills all the security requirements, and 4) optimization solutions for placement of a limited number of RSUs within a given area to provide best possible service to smart vehicles. The optimal placement solutions cover both urban areas and highways environments.ID: 031001553; System requirements: World Wide Web browser and PDF reader.; Mode of access: World Wide Web.; Adviser: .; Title from PDF title page (viewed August 23, 2013).; Thesis (Ph.D.)--University of Central Florida, 2012.; Includes bibliographical references.
Ph.D.
Doctorate
Computer Science
Engineering and Computer Science
Computer Science
14
Galiulina, Irina, and Patrik Karlstén. "The suitability of LoRaWAN for battery powered security solutions." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-232130.
Анотація:
Many conventional forms of communication technology, such as Wi-Fi, 3G/4G or cable, require a lot of power. For battery powered devices that need to last a long time on a single charge, one alternative is the low-power, long range technology LoRaWAN. This thesis tries to answer the question how well do the properties of LoRaWAN meet the requirements for a battery powered security solution? Two identical prototype remote motion detectors were implemented for this purpose. The results show that while the prototypes do not meet the requirements for energy efficiency, LoRaWAN as a technology easily does. The results shows that if a solution to the reliability issues can be found, LoRaWAN would be well suited for battery powered security solutions.Många vanliga teknologier som används för kommunikation, så som Wi-Fi, 3G/4G eller fiber, kan vara väldigt strömkrävande. Ett alternativ för batteridrivna enheter som behöver kunna klara sig på en laddning under lång tid, är att använda en lågenergiteknologi med lång räckvidd LoRaWAN. Den här rapporten försöker att besvara frågan om hur väl LoRaWANs egenskaper tillgodoser de krav som ställs på batteridrivna säkerhetslösningar. För detta ändamål utvecklades två identiska prototyper av en batteridriven rörelsesensor. Resultaten visar på att även om prototyperna inte möter energikonsumptionskraven, så gör själva LoRaWAN-tekniken detta. Resultaten visar att om man kan hitta lösningar på problemen med pålitligheten hos LoRaWAN, så kan LoRaWAN mycket väl vara lämpligt för batteridrivna säkerhetslösningar.
15
Olandersson, Sandra, and Jeanette Fredsson. "Threats in Information Security : Beyond technical solutions. - Using Threat Tree Analysis." Thesis, Blekinge Tekniska Högskola, Institutionen för programvaruteknik och datavetenskap, 2001. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-3829.
Анотація:
To be able to protect an organisation's resources, it is important to understand what there is to protect and what to protect it from. The first step is to try to analyse the security threats that exist against an organisation's resources to explore the risks. Threats have to be identified, for the organisation to protect its resources and find where the optimal placement against threats is. This thesis analysis whether it is possible to obtain a Threat Tree Analysis that is useful for developing an information security policy for the municipality in Ronneby, using the SS 62 77 99-1 standard. A co-operation between the technical solutions and the administrative security is necessary to achieve information security, together with ordinary common sense. True, each of these can help improve security, but none of them is a complete solution. Security is not a product - it is a process. Threat trees form the basis of understanding that process. In this thesis, we have been using a qualitative method. The analysis method is a case study at the Social Department, at the municipality in Ronneby. Through interviews it has come us to hand, that the organisation has not established an information security policy which should give the code of practice for how the work of information security will pursue within the organisation. The organisation does neither use a model for structuring threats nor a method for collecting threats against information today. Through the structure of possible threats, the personnel generates an understanding of the organisation and takes active part finding adequate threats within the Social Department. As users understand the importance of security, how to use it, and where to report suspected violations, they can do a great deal to reduce the risk to loose information. Important to remember is that the education is an ongoing process, new users need training and trained users need reminding, especially when new technologies or processes are introduced. Thus, Threat Tree Analysis is useful for continuing towards developing an information security policy according to SS 62 77 99-1 standard.För att kunna skydda en organisations resurser är det viktigt att förstå vad organisationen behöver skydda och vad den ska skydda det ifrån. Det första steget är att analysera hot mot organisationens resurser för att uppskatta riskerna. Hot måste identifieras för att organisationen ska kunna skydda sina resurser och hitta den optimala placeringen av åtgärder mot hot. Denna uppsatsen undersöker om det är möjligt att skapa en hotträdsanalys som är användbar för skapandet av en informationssäkerhetspolicy för Ronneby kommun, genom att använda standarden SS 62 77 99-1. Vi betonar i uppsatsen att ett samarbete mellan existerande tekniska lösningar och administrativ säkerhet är nödvändigt för att uppnå informationssäkerhet. Visst kan var och en av dessa hjälpa till att förbättra säkerheten, men ingen av dem är ensam den kompletta lösningen. Säkerhet är inte en produkt - det är en process. Hotträd formar grunden för en förståelse av den processen. I denna uppsats har vi använt en kvalitativ metod. Analysmetoden är en fallstudie på Socialförvaltningen i Ronneby kommun. Genom intervjuer har vi fått fram att organisationen inte har etablerat en informationssäkerhetspolicy, vilken ska ge riktlinjer för hur säkerhetsarbetet ska fullföljas inom organisationen. Organisationen använder varken en modell för att identifiera hot mot information eller en metod för att strukturera hoten. Genom strukturen av möjliga hot, genererar personalen en förståelse för organisationen och tar aktivt del i att identifiera hot mot Socialförvaltningen. Detta medför att alla användare förstår hur viktigt det är med säkerhet, vart de ska rapportera misstänkta händelser och de kan göra mycket för att minska risken att förlora information. Det är viktigt att komma ihåg att utbildning är en pågående process, nya användare behöver utbildning och utbildade användare behöver vidareutbildning, speciellt när nya tekniker eller processer introduceras. Därför är hotträdsanalysen en användbar modell för arbetet mot att skapa en informationssäkerhetspolicy enligt standarden SS 62 77 99-1.
Sandra Olandersson Blåbärsvägen 27 372 38 RONNEBY 0457 / 12084 Jeanette Fredsson Villa Viola 372 36 RONNEBY 0457 / 26616
16
Zhang, Yanchao. "Security in heterogeneous wireless ad hoc networks challenges and solutions /." [Gainesville, Fla.] : University of Florida, 2006. http://purl.fcla.edu/fcla/etd/UFE0015609.
17
Nicanfar, Hasen. "Security and privacy in smart grid context : problems and solutions." Thesis, University of British Columbia, 2015. http://hdl.handle.net/2429/55190.
Анотація:
In order to improve the power grid and provision the Smart Grid concept, one well-defined approach would be to utilize new information and communication technology. Live power consumption data in addition to the time base power consumption rate are essential requirements in this context. These communications are supposed to be bi-directional between consumers, providers and smart grid administrations (market, operators, etc.). However, one of the most essential requirements that should be preserved is to address communication security and privacy. There are many opportunities for adversaries to attack the smart grid system, even remotely anywhere in the world, that could result in costly issues and damages in the system, even jeopardize user privacy. In the first part of this thesis, we concentrate on improving the efficiency of security mechanism and present our tailored authentication and key management mechanisms. We propose two solutions, one for communications between home appliances and a home gateway (smart meter), while the second solution aims at communications between the home smart meter and an appropriate server located in the smart grid utility network.We then propose enhancements on key management by developing two key construction mechanisms based on the Password Authentication Key Exchange (PAKE) protocol. The first is a cluster-based group key mechanism between smart grid entities, e.g. consumers in a neighbourhood area
network. The second enhancement is a multi-layer key mechanism motivated by controlling the home smart appliances using different smart grid controllers located in different layers of the controlling hierarchy network. The second part of the thesis concentrates on Privacy. In this part, we present a privacy mechanism based on enhanced network coding for communications between smart meters and utility servers via a mesh topology. Finally, we propose a privacy-aware security solution for mobile devices. For example, to support electric vehicles in buying and selling the power from and to the grid, or in case of the smart phones in the heterogeneous network (4G and/or 5G), to support handover between the access points.Applied Science, Faculty of
Electrical and Computer Engineering, Department of
Graduate
18
Ekhator, Stephen. "Evaluating Kismet and NetStumbler as Network Security Tools & Solutions." Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-5668.
Анотація:
ABSTRACT Despite advancement in computer firewalls and intrusion detection systems, wired and wireless networks are experiencing increasing threat to data theft and violations through personal and corporate computers and networks. The ubiquitous WiFi technology which makes it possible for an intruder to scan for data in the air, the use of crypto-analytic software and brute force application to lay bare encrypted messages has not made computers security and networks security safe more so any much easier for network security administrators to handle. In fact the security problems and solution of information systems are becoming more and more complex and complicated as new exploit security tools like Kismet and Netsh (a NetStumbler alternative) are developed. This thesis work tried to look at the passive detection of wireless network capability of kismet and how it function and comparing it with the default windows network shell ability to also detect networks wirelessly and how vulnerable they make secured and non-secured wireless network. Further analysis where made on captured network source packets using wireshark (a network analyzer). The discovery of MAC addresses, IP address, data frames, SSID’s by kismet and netsh and the further exposure of management traffic with wireshark is a source of concern given that such useful network parameters in the hands of an experienced hacker would be a valuable information that could be used in hacking into any network computer. Introduction to kismet and netstumbler application and their inherent capabilities in network detection is given an in depth look at the beginning of this work. A wide range of definitions and concepts of wireless technology application and uses as it applies to wireless networks, supported devices, security standards and protocols, firewalls and ad-hoc networks, wardriving and its legality, types of authentication, the Linux kernel, special TCP/UDP ports, the drone and third party firmware were all given an in depth look. kismet download and configurations on linux based OS and the netsh utility fucntionalities was explained for the purpose of clarity. Captured management data packets were opened with wireshark and management data frames found within the packets were analysed. Also, a look at the different file types and results of captured management traffic were displayed. Some of the challenges encountered in the course of this work were discoursed in details and comparison between kismet and netsh was done from the perspective of the vulnerability of a network and the poor channel hopping capability of kismet.The thesis is about deploying Kismet application software to capture wireless networks, analysis the capture data packets if there is any vulnerability and then compare the results with NETSH captures . NETSH is a Netstumbler alternative which comes as default in Windows vista.
19
Lensing, Daniel Paul. "Social Security: an evaluation of current problems and proposed solutions." Kansas State University, 2014. http://hdl.handle.net/2097/18219.
Анотація:
Master of ArtsDepartment of Economics
William F. Blankenau
This paper examines several different issues which could make the various Social Security programs insolvent. I evaluate each cause and how it is related to the problems experienced by each program to determine potential policy changes. I draw the majority of my data and information from peer-reviewed scholarly articles, as well as government agencies such as the Social Security Administration, Bureau of Labor Statistics, and the Congressional Research Service. Section 1 of the paper explains the history of the Social Security program and the circumstances creating it. Section 2 goes into greater detail explaining different issues which could make the system insolvent. These areas are: earnings inequality, changes in healthcare, increased life expectancy, changes in the dependency ratio, general trust fund issues, disability trust fund issues, political climate, and recessions/reduced earnings. In Section 3, I evaluate two different proposed plans to fix Social Security. The first plan is an academic plan, the Diamond-Orszag Plan; the second is a plan created by a think-tank, The Heritage Plan. Section 4 gives a conclusion of the implications of the paper and explains the benefits and drawbacks of the two evaluated plans. After evaluating all the problems with Social Security and the two proposed plans, I come to the conclusion that neither plan would be ideal by itself. The Diamond-Orszag Plan is the most politically feasible plan, as it doesn’t change the framework of the current program. A combination of the two plans would be most beneficial, as The Heritage Plan has policy specifically targeting the problems with the Medicare system, where the Diamond-Orszag Plan does not. The three different plans for changing the disability system I evaluate in Section 2.5 are specific, targeted plans and could be a nice addition to a plan such as the Diamond-Orszag Plan. In any case, the sooner politicians finally start taking Social Security’s instability seriously, the better. The longer we wait, the more complex and difficult the problem will become.
20
McGinthy, Jason M. "Solutions for Internet of Things Security Challenges: Trust and Authentication." Diss., Virginia Tech, 2019. http://hdl.handle.net/10919/91443.
Анотація:
The continuing growth of Internet-connected devices presents exciting opportunities for future technology. These Internet of Things (IoT) products are being manufactured and interleaved with many everyday activities, which is creating a larger security concern. Sensors will collect previously unimaginable amounts of private and public data and transmit all of it through an easily observable wireless medium in order for other devices to perform data analytics. As more and more devices are produced, many are lacking a strong security foundation in order to be the "first to market." Moreover, current security techniques are based on protocols that were designed for more-capable devices such as desktop computers and cellular phones that have ample power, computational ability, and memory storage. Due to IoT's technological infancy, there are many security challenges without proper solutions. As IoT continues to grow, special considerations and protections must be in place to properly secure this data and protect the privacy of its users. This dissertation highlights some of the major challenges related to IoT and prioritizes their impacts to help identify where gaps are that must be filled. Focusing on these high priority concerns, solutions are presented that are tailored to IoT's constraints. A security feature-based framework is developed to help characterize classes of devices to help manage the heterogeneous nature of IoT devices and networks. A novel physical device authentication method is presented to show the feasibility in IoT devices and networks. Additional low-power techniques are designed and evaluated to help identify different security features available to IoT devices as presented in the aforementioned framework.Doctor of Philosophy
The Internet has been gaining a foothold in our everyday lives. Smart homes, smart cars, and smart cities are becoming less science fiction and more everyday realities. In order to increase the public’s general quality of life, this new Internet of Things (IoT) technological revolution is adding billions of devices around us. These devices aim to collect unforeseen amounts of data to help better understand environments and improve numerous aspects of life. However, IoT technology is still in its infancy, so there are still many challenges still remaining. One major issue in IoT is the questionable security for many devices. Recent cyber attacks have highlighted the shortcomings of many IoT devices. Many of these device manufacturers simply wanted to be the first in a niche market, ignoring the importance of security. Proper security implementation in IoT has only been done by a minority of designers and manufacturers. Therefore, this document proposes a secure design for all IoT devices to be based. Numerous security techniques are presented and shown to properly protect the data that will pass through many of these devices. The overall goal for this proposed work aims to have an overall security solution that overcomes the current shortfalls of IoT devices, lessening the concern for IoT’s future use in our everyday lives.
21
Bragaglia, Elisa. "Analysis and partial solutions of security problems in automotive environments." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2015. http://amslaurea.unibo.it/8696/.
Анотація:
Questo scritto mira a fare una panoramica dei problemi legati alla sicurezza della comunicazione tra componenti interne dei veicoli e delle soluzioni oggigiorno disponibili. Partendo con una descrizione generale del circuito interno dell’auto analizzeremo i suoi punti di accesso e discuteremo i danni prodotti dalla sua manomissione illecita. In seguito vedremo se ´è possibile prevenire tali attacchi dando un’occhiata alle soluzioni disponibili e soffermandoci in particolare sui moduli crittografici e le loro applicazioni. Infine presenteremo l’implementazione pratica di un protocollo di autenticazione tra ECUs e una dimostrazione matematica della sua sicurezza.
22
Zaiets, Tetiana. "Diebold Nixdorf - global leader in providing innovative self-service technology, security systems and related services." Thesis, Київський національний університет технологій та дизайну, 2017. https://er.knutd.edu.ua/handle/123456789/6690.
23
Sarwar, Yasir, and Muhammad Arshad Ali. "Security Issues regarding MANET (Mobile Ad Hoc Networks) : Challenges and Solutions." Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-3150.
Анотація:
Now a day, it is no longer optional to have security solutions even inevitable for every kind of organizations and individuals. There are number of generic tools which are common for organizations as well as for individual users to provide security which includes; Anti-Spam, Anti-Virus etc., and network security have become essential issue in MANET. Security is one of the main issues in the MANET especially with respect to size and complexity of the network. The aim of the thesis is to discuss different aspects of security in MANET (e.g. multi-layer intrusion detection technique in multi hop network of MANET, security problems relates between multihop network and mobile nodes in MANET etc) and also implement some of the solutions (e.g. comparative study of different routing protocol (AODV, DSR and TORA) security threats within MANET network like intruder behavior, tapping and integrity, MANET link layer and network layer operations with respect to information security etc) with respect to MANET network. This report also discusses different number of scenarios of MANET network which we implement in our simulation. In our simulation we use to implement different routing protocols and also did comparative study that which one is better with respect to different aspects. We also use to implements mechanisms of intruder behavior, tapping and integrity, and MANET link layer and network layer operations with respect to information security.
24
Paananen, K. (Kimmo). "Evaluation of privacy, security and quality of Internet-based communication solutions." Master's thesis, University of Oulu, 2016. http://urn.fi/URN:NBN:fi:oulu-201605221866.
Анотація:
The privacy and security of communication in the Internet are gaining increased public interest. Highly popular Voice over Internet Protocol (VoIP) technology allows the use of easy, versatile and low-cost Internet communication solutions. There are, however, privacy and security concerns and threats related to VoIP-based communication, just like with any traffic transmitted over the public Internet. Possibility to integrate a VoIP solution as part of self-made applications is also important for many organizations. The problem is to find a low cost solution which provides possibility for integration, good level of security and privacy, and also acceptable service quality in varying wireless network conditions.
This thesis examined the fundamentals of VoIP technology, reasons and background of security threats, and presented the ways to mitigate the risks. Based on this information, publicly available communication solutions were searched and evaluated using Quality Function Deployment (QFD) derived method. The products were compared from the perspective of privacy and security they provide, taking into account in particular the purchase and operating costs, and connectivity into self-made applications. The best solution from the comparison was also taken to further tests for service availability and video quality Mean Opinion Score (MOS) in the real-world mobile network. The measurements aimed to reveal how the solution performs in different radio network conditions, and what kind of video quality it can offer.
The research results show that there were a few good solutions available based on search criteria. The best solution, Linphone, was taken to the further quality tests in the live 4G Long Term Evolution (LTE) network. Measurements revealed that Linphone can provide satisfactory quality and reliability even on poor network conditions, and also secure the traffic seemingly well. Only some minor problems with video stream starting were found during the tests. For the future work I would suggest more measurements using different wireless network technologies including Wi-Fi. The real protocol level security analysis of Linphone would also reveal if there are any security pitfalls in the current implementation.
25
Bouguetaia, Sabria. "Analysis and Evaluation of EndpointSecurity Solutions." Thesis, Högskolan Dalarna, Datateknik, 2006. http://urn.kb.se/resolve?urn=urn:nbn:se:du-2359.
Анотація:
The main objective for this degree project was to analyze the Endpoint Security Solutions developed by Cisco, Microsoft and a third minor company solution represented by InfoExpress. The different solutions proposed are Cisco Network Admission Control, Microsoft Network Access Protection and InfoExpress CyberGatekeeper. An explanation of each solution functioning is proposed as well as an analysis of the differences between those solutions. This thesis work also proposes a tutorial for the installation of Cisco Network Admission Control for an easier implementation. The research was done by reading articles on the internet and by experimenting the Cisco Network Admission Control solution. My background knowledge about Cisco routing and ACL was also used. Based on the actual analysis done in this thesis, a conclusion was drawn that all existing solutions are not yet ready for large-scale use in corporate networks. Moreover all solutions are proprietary and incompatible. The future possible standard for Endpoint solution might be driven by Cisco and Microsoft and a rude competition begins between those two giants.
26
Rehman, Sheikh Riaz Ur. "Investigation of different VPN Solutions." Thesis, Blekinge Tekniska Högskola, Avdelningen för telekommunikationssystem, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-3364.
Анотація:
Abstract The rapid growth of e-business in past few years has improved companies efficiency and revenue growth. E-business applications such as e-commerce, remote access has enabled companies to manage processes, lower operating costs and increased customer satisfaction. Also the need rises for the scalable networks that accommodate voice, video, and data traffic. With the increased dependability of networks the security issues are raised and networks become more and more vulnerable to different types of security threats. To overcome security issues different security technologies are in action by vendors and technologists. Also for the survival of many businesses to allow open access to network resources, today’s networks are designed with the requirement of availability to the Internet and public networks, therefore, information confidentiality is the major issue in these networks to ensure that the network resources and user data are as secure as possible. With the requirement of network security, concept of Virtual private network was established. A Virtual Private Network (VPN) can be defined as a network in which connectivity between multiple customers’ sites is deployed on a shared network with the same security as a private network. Different VPN technologies and protocols architectures are available in market among are MPLS VPN architecture, IPSec VPN architecture, and SSL VPN architecture. Like With the introduction of Multiprotocol Label Switching (MPLS), which combines the benefits of Layer 2 switching and Layer 3 routing, it became possible to construct a technology that combines the benefits of an overlay VPN with the benefits of peer-to-peer VPN implementation in which routing is simple. MPLS/VPN is a new and simple technology, which provides simpler to routing and also makes number of topologies easy to implement which are otherwise difficult to implement. All architectures have benefits and drawbacks, also each of them can be implemented separately or in combination of other according to customer security requirement and performance of the network.
27
Zhao, Weiliang, University of Western Sydney, of Science Technology and Environment College, and School of Computing and Information Technology. "Security techniques for electronic commerce applications." THESIS_CSTE_CIT_Zhao_W.xml, 2003. http://handle.uws.edu.au:8081/1959.7/127.
Анотація:
Electronic commerce and the internet provide greater opportunities for companies and individual person to be involved in commercial activities; the involved parties may not know or trust each other or may even be mutually suspicious of each other. The issue of fairness becomes more critical and must be well addressed. The aim of this thesis is to investigate security solutions with fairness for on-line transactions. A fair trading protocol with credit payment is proposed. The proof of equivalence of discrete logarithm to discrete loglogarithm is employed as the main tool to construct the protocol. The scheme provides a unique link between payment and gambling outcome so that the winner can be ensured to get the payment. Since an optimal fair exchange method is used in gambling message exchange, the proposed system guarantees that no one can successfully cheat during a gambling process. Our system requires an off-line Trusted Third Party (TTP). If cheating occurs, the TTP can resolve the problem and make the gambling process fair. An efficient and secure poker scheme is proposed. It is based on multiple encryption and decryption of individual cards. The protocol satisfies all major security requirements of a real mental poker. It gets rid of the Card Salesman and guarantees minimal effect due to collusion. The protocol is secure and more efficient compared with other known protocols. The strategies of players can be kept confidential with the introduction of a Dealer. The protocol is suitable to be implemented in an on-line gambling card game. The implementation of the fair on-line gambling protocol has been demonstrated and all utility classes for the implementation have been defined.Master of Science (Hons)
28
Gwozd, Ryszard. "Security of information systems, what technical solutions exist and what is needed." Thesis, National Library of Canada = Bibliothèque nationale du Canada, 2001. http://www.collectionscanada.ca/obj/s4/f2/dsk3/ftp04/MQ59323.pdf.
29
Bheemanathini, Sai Nikhil. "A Systematic Review of Blockchain Technology: Privacy Concerns, Security Challenges, and Solutions." University of Cincinnati / OhioLINK, 2019. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1563273858006378.
30
Fedoruk, M. "Energy efficiency in buildings as one of the solutions for achieving energy security." Thesis, Sumy State University, 2014. http://essuir.sumdu.edu.ua/handle/123456789/36062.
Анотація:
Energy is essential for economic development, food production and global security. According to the UN, the world will need at least 45% more energy by 2030.
It is well known that resources we are using today for the energy production have very negative impact on the planet, especially for the climate change. Alternative resources that are renewable and don't have CO2 emission also have own disadvantages. For example, solar panels are quite expensive, depend on climate, need a lot of place and also there is a big issue with utilization of panels in the end of their life cycle. Wind farmas and hydroelectric power stations are located to far from consumers and transmission looses are very high in these cases. Indeed, in future scientists will solve these problems, but so far we have to deal with them. It means that the best solution would be to combine alternative energy resources and energy saving.
When you are citing the document, use the following link http://essuir.sumdu.edu.ua/handle/123456789/36062
31
Edman, Johan, and Wilhelm Ågren. "Legal and Security Issues of Data Processing when Implementing IoT Solutions in Apartments." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277917.
Анотація:
The concept of the Internet of Things (IoT) and connected devices is a growing trend. New ways to integrate them with Smart Home Technology emerge each day. The use of sensors in IoT solutions enables large scale data collection that can be used in various ways. The European Union recently enforced a General Data Protection Regulation (GDPR) that sets guidelines for the collection and processing of personal information. The communication protocol M-Bus is a European standard (EN 13757-x) mainly used for remote reading of electrical, gas and water meters. M-Bus is being integrated with sensors because the protocol offers long battery times. There are however some known flaws with the protocol that might make it unsuitable for a large scale data collection system. A conceptualized data collection scenario with a system utilizing M- Bus is presented. The authors aim to investigate some of the security flaws with the M-Bus protocol, while also investigating the GDPR demands of the system. The thesis supplements a System Requirement Specification (SyRS) which can be used as a template for organizations implementing a similar system. An analysis of the system based on the SyRS is conducted to identify any shortcomings. Modifications to the system are proposed in order to comply with the defined SyRS. The authors concluded that M-Bus is a sufficiently reliable protocol to be used in the system, and has no inherent conflicts with GDPR. The system has a few flaws in terms of GDPR compliance, which require both administrative and technical work to comply with. The suggested modifications of the system are mainly focused on how the data is stored in various parts of it.Konceptet med Internet of Things (IoT) och uppkopplade enheter är en väx- ande trend, och nya sätt att integrera dem med det smarta hemmet framträder varje dag. Den Europeiska Unionen har nyligen verkställt en ny dataskydds- förordning, General Data Protection Regulation (GDPR), som sätter krav på insamling och behandling av personlig data. Användandet av IoT lösningar skapar möjligheten för storskalig datainsamling som kan användas på flera sätt. Kommunikationsprotokollet M-Bus är en europeisk standard (EN 13757-x) som huvudsakligen är framtagen för att avlägset läsa av el-, gas- och vattenmätare. På grund av ett litet avtryck och enkel implementation av sitt protokoll så är M-bus ofta ett val till uppkoplade sensorer för att möjliggöra lång drifttid. Det finns däremot ett antal säkerhetsbrister med protokollet som kan göra det olämpligt för ett datainsamlingssystem. Ett konceptualiserat datainsamlingscenario med ett system som utnyttjar M-Bus presenteras. Författarnas mål är att undersöka några av säkerhetsbristerna med M-Bus protokollet, samtidigt som det undersöker vilka krav GDPR ställer på ett sådant system. Uppsatsen sammanställer en kravspecifikation som kan användas som grund och riktlinje för organisationer som ska implementera liknande system. En analys av det konceptualiserade systemet baserat på kravspecifikationen genomförs för att identifiera potentiella brister. Modifikationer till system föreslås för att uppnå kraven definierade i kravspecifikationen. Författarna drog slutsatsen att M-Bus är ett tillräckligt tillförlitligt protokoll som kan användas för system likt detta. Det analyserade systemet har några brister gällande GDPR, som kräver både tekniska och administrativa åtgärder. De föreslagna modifikationerna av systemet är fokuserade primärt på hur den personliga informationen lagras i de olika delarna av systemet.
32
Ali, Ayaz. "Analysis of key security and privacy concerns and viable solutions in Cloud computing." Thesis, Linnéuniversitetet, Institutionen för datavetenskap och medieteknik (DM), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-90806.
Анотація:
Cloud Security and Privacy is the most concerned area in the development of newly advance technological domains like cloud computing, the cloud of things, the Internet of Things. However, with the growing popularity and diverse nature of these technologies, security and privacy are becoming intricate matters and affect the adoption of cloud computing. Many small and large enterprises are in conflict while migrating towards cloud technology and this is because of no proper cloud adoption policy guideline, generic solutions for system migration issues, systematic models to analyze security and privacy performance provided by different cloud models. Our proposed literature review focuses on the problems and identifies solutions in the category of security and privacy. A comprehensive analysis of various identified techniques published during 2010 – 2018 has been presented. We have reviewed 51 studies including research papers and systematic literature reviews on the factors of security and privacy. After analyzing, the papers have been classified into 5 major categories to get an appropriate solution for our required objectives of this study. This work will facilitate the researchers and as well the companies to select appropriate guideline while adopting cloud services.
33
Collins, Zachary. "Hardware Trojans in FPGA Device IP: Solutions Through Evolutionary Computation." University of Cincinnati / OhioLINK, 2019. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1554217182155068.
34
Bulusu, Santosh, and Kalyan Sudia. "A Study on Cloud Computing Security Challenges." Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-2820.
Анотація:
Context: Scientific computing in the 21st century has evolved from fixed to distributed work environment. The current trend of Cloud Computing (CC) allows accessing business applications from anywhere just by connecting to the Internet. Evidence shows that, switching to CC organizations' annual expenditure and maintenance are being reduced to a greater extent. However, there are several challenges that come along with various benefits of CC. Among these include security aspects. Objectives: This thesis aims to identify security challenges for adapting cloud computing and their solutions from real world for the challenge that do not have any proper mitigation strategies identified through literature review. For this the objective is to identify existing cloud computing security challenges and their solutions. Identify the challenges that have no mitigation strategies and gather solutions/guidelines/practices from practitioners, for a challenge with more references but no mitigation strategies identified (in literature). Methods: This study presents a literature review and a snowball sampling to identify CC security challenges and their solutions/mitigation strategies. The literature review is based on search in electronic databases and snowball sample is based on the primary studies searched and selected from electronic databases. Using the challenges and their solutions identified form literature review, challenges with no mitigation strategies are identified. From these identified challenges with no mitigation strategies, a challenge with more references is identified. The surveys are employed in the later stages to identify the mitigation strategies for this challenge. Finally the results from the survey are discussed in a narrative fashion. Results: 43 challenges and 89 solutions are identified from literature review using snowball sampling. In addition to these mitigation strategies few guidelines are also identified. The challenge with more (i.e., more articles mentioning the challenge) and no mitigation identified is incompatibility. The responses identified for the three insecure areas of incompatibility (i.e., interoperability, migration and IDM integration with CC) in cloud computing security are mostly guidelines/practices opined by experienced practitioners. Conclusions: This study identifies cloud computing security challenges and their solutions. Where these (challenges and solutions) are common to cloud computing applications and cannot be generalized to either service or deployment models (viz. SaaS, PaaS, IaaS, etc.). The study also identifies that there are methods guidelines/practices identified from practitioners) to provide secure interoperability, migration and integration of on-premise authentication systems with cloud applications, but these methods are developed by individuals (practitioners/organization) specific to their context. The study also identifies the non-existence of global standards for any of these operations (providing interoperability/migration/IDM integration with cloud). This identified non-existence of global standards and guidelines could be help academics to know the state of practice and formulate better methods/standards to provide secure interoperability. The identified cloud computing security challenges (43) and solutions (89), can be referred by practitioners to understand which areas of security need to be concentrated while adapting/migrating to a cloud computing environment.
35
Råman, Jari. "Regulating secure software development : analysing the potential regulatory solutions for the lack of security in software /." Rovaniemi : University of Lapland, 2006. http://www.loc.gov/catdir/toc/fy0803/2006499062.html.
36
Evans, Gary John. "Identifying security problems and devising control solutions in a local area network a case study approach /." Thesis, Monterey, California : Naval Postgraduate School, 1990. http://handle.dtic.mil/100.2/ADA239431.
Анотація:
Thesis (M.S. in Information Systems)--Naval Postgraduate School, September 1990.Thesis Advisor(s): Tung Xuan Bui. Second Reader: Smith, Henry H. "September 1990." Description based on title screen as viewed on December 16, 2009. DTIC Identifier(s): Local area networks, security, control systems, thesis. Author(s) subject terms: Computer security, local area network (LAN), security and control. Includes bibliographical references (p. 87-90). Also available in print.
37
Zhao, Weiliang. "Security techniques for electronic commerce applications." Thesis, View thesis View thesis, 2003. http://handle.uws.edu.au:8081/1959.7/127.
Анотація:
Electronic commerce and the internet provide greater opportunities for companies and individual person to be involved in commercial activities; the involved parties may not know or trust each other or may even be mutually suspicious of each other. The issue of fairness becomes more critical and must be well addressed. The aim of this thesis is to investigate security solutions with fairness for on-line transactions. A fair trading protocol with credit payment is proposed. The proof of equivalence of discrete logarithm to discrete loglogarithm is employed as the main tool to construct the protocol. The scheme provides a unique link between payment and gambling outcome so that the winner can be ensured to get the payment. Since an optimal fair exchange method is used in gambling message exchange, the proposed system guarantees that no one can successfully cheat during a gambling process. Our system requires an off-line Trusted Third Party (TTP). If cheating occurs, the TTP can resolve the problem and make the gambling process fair. An efficient and secure poker scheme is proposed. It is based on multiple encryption and decryption of individual cards. The protocol satisfies all major security requirements of a real mental poker. It gets rid of the Card Salesman and guarantees minimal effect due to collusion. The protocol is secure and more efficient compared with other known protocols. The strategies of players can be kept confidential with the introduction of a Dealer. The protocol is suitable to be implemented in an on-line gambling card game. The implementation of the fair on-line gambling protocol has been demonstrated and all utility classes for the implementation have been defined.
38
Sahd, Lize-Marie. "A structured approach to the identification of the significant risks related to enterprise mobile solutions at a mobile technology component level." Thesis, Stellenbosch : Stellenbosch University, 2015. http://hdl.handle.net/10019.1/96674.
Анотація:
Thesis (MComm)--Stellenbosch University, 2015.ENGLISH ABSTRACT: The consumerisation of mobile technology is driving the mobile revolution and enterprises are forced to incorporate mobile solutions into their business processes in order to remain competitive. While there are many benefits relating to the investment in and use of mobile technology, significant risks are also being introduced into the business. The fast pace of technological innovation and the rate of adoption of mobile technology by employees has, however, created an environment where enterprises are deploying mobile solutions on an ad hoc basis. Enterprises are only addressing the risks as they are occurring and resulting in losses. The key contributing factor to this lack of governance and management is the fact that those charged with governance do not understand the underlying mobile technology components. The purpose of this research is to improve the understanding of the underlying components of mobile technology. The research further proposes to use this understanding to identify the significant risks related to mobile technology and to formulate appropriate internal controls to address these risks. The findings of the research identified the following underlying components of mobile technology: mobile devices; mobile infrastructure, data delivery mechanisms and enabling technologies; and mobile applications. Based on an understanding of the components and subcategories of mobile technology, a control framework was used to identify the significant risks related to each component and subcategory. The significant risks identified included both risks to the users (including interoperability, user experience, connectivity and IT support) as well as risks to the enterprise’s strategies (including continuity, security, cost and data ownership). The research concludes by formulating internal controls that the enterprise can implement to mitigate the significant risks. This resulted in two matrixes that serve as quick-reference guides to enterprises in the identification of significant risks at an enterprise specific mobile technology component level, as well as the relevant internal controls to consider. The matrixes also assist enterprises in determining the best mobile solutions to deploy in their business, given their strategies, risk evaluation and control environment.
AFRIKAANSE OPSOMMING: Die mobiele revolusie word deur die verbruiker van mobiele tegnologie aangedryf en, ten einde kompeterend te bly, word ondernemings gedwing om mobiele tegnologie in hul besigheidsprosesse te implementeer. Terwyl daar baie voordele verbonde is aan die investering in en gebruik van mobiele tegnologie, word die besigheid egter ook blootgestel aan wesenlike risiko’s. Die vinnige tempo waarteen mobiele tegnologie ontwikkel en deur werknemers aangeneem word, het egter ʼn omgewing geskep waarin ondernemings mobiele tegnologie op ʼn ad hoc basis ontplooi. Besighede spreek eers die risiko’s aan nadat dit reeds voorgekom het en verliese as gevolg gehad het. Die hoof bydraende faktor tot die tekort aan beheer en bestuur van mobiele tegnologie is die feit dat diegene verantwoordelik vir beheer, nie onderliggend mobiele tegnologie komponente verstaan nie. Die doel van hierdie navorsing is om die begrip van die onderliggende komponente van mobiele tegnologie te verbeter. Die navorsing poog verder om die wesenlike risiko’s verbonde aan mobiele tegnologie te identifiseer en om toepaslike interne beheermaatreëls te formuleer wat die risiko’s sal aanspreek. Die bevindinge van die navorsing het die volgende onderliggende komponente van mobiele tegnologie geïdentifiseer: mobiele toestelle; mobiele infrastruktuur, data afleweringsmeganismes, en bemagtigende tegnologieë; en mobiele toepassings. Gebaseer op ʼn begrip van die komponente en subkategorieë van mobiele tegnologie, is ʼn kontrole raamwerk gebruik om die wesenlike risiko’s verbonde aan elke komponent en subkategorie van die tegnologie, te identifiseer. Die wesenlike risiko’s sluit beide risiko’s vir die gebruiker (insluitend kontinuïteit, gebruikerservaring, konnektiwiteit en IT ondersteuning) sowel as risiko’s vir die onderneming se strategieë (insluitend kontinuïteit, sekuriteit, koste en data eienaarskap) in. Die navorsing sluit af met die formulering van die beheermaatreëls wat geïmplementeer kan word om die wesenlike risiko’s aan te spreek. Dit het gelei tot twee tabelle wat as vinnige verwysingsraamwerke deur ondernemings gebruik kan word in die identifisering van wesenlike risiko’s op ʼn onderneming-spesifieke tegnologie komponentvlak asook die oorweging van relevante interne beheermaatreëls. Die tabelle help ondernemings ook om die beste mobiele tegnologie vir hul besigheid te implementeer, gebaseer op hul strategie, risiko evaluering en beheeromgewing.
39
Chapman, Erin Elizabeth. "A Survey and Analysis of Solutions to the Oblivious Memory Access Problem." PDXScholar, 2012. https://pdxscholar.library.pdx.edu/open_access_etds/891.
Анотація:
Despite the use of strong encryption schemes, one can still learn information about encrypted data using side channel attacks [2]. Watching what physical memory is being accessed can be such a side channel. One can hide this information by using oblivious simulation - hiding the true access pattern of a program. In this paper we will review the model behind oblivious simulation, attempt to formalize the problem and define a security game. We will review the major solutions pro- posed so far, the square root and hierarchical solutions, as well as propose a new variation on the square root solution. Additionally, we will show a new formalization for providing software protection by using an encryption scheme and oblivious simulation.
40
Noura, Mohamad. "Solutions cryptographiques efficaces et sécurisées pour les données médicales." Thesis, Bourgogne Franche-Comté, 2019. http://www.theses.fr/2019UBFCD037.
Анотація:
Dans cette thèse, des schémas cryptographiques efficaces et robustes ont été proposés pour surmonter les problèmes actuels de sécurité et de confidentialité des systèmes et applications médicaux récents. La principale contribution de cette thèse est d'atteindre un haut niveau de sécurité avec un minimum de surcoût de calcul contrairement à de nombreuses autres solutions existantes. Par conséquent, deux schémas de chiffrement et une approche de disponibilité des données ont été proposés pour les données médicales afin de garantir les services de sécurité suivants : confidentialité, intégrité et disponibilité des données ainsi que l'authentification de la source. Les solutions cryptographiques proposées sont basées sur les structures de chiffrement cryptographiques dynamiques pour assurer une meilleure résistance aux attaques existantes et modernes. De plus, ces solutions ont été conçues pour être légères et ne nécessitent qu'un petit nombre d'itérations. La fonction de chiffrement proposée n'est répétée qu'une seule fois et utilise une permutation de bloc dépendante de la clé.Elle satisfait également les propriétés de confusion et de diffusion requises, assurant ainsi les propriétés cryptographiques souhaitables. Les résultats de simulation et d'expérimentation ont démontré l'efficacité et la robustesse des solutions cryptographiques proposées. De plus, l'utilisation des schémas cryptographiques proposés ouvre la porte à des algorithmes cryptographiques dynamiques qui peuvent conduire à un gain de performance et de sécurité significatif par rapport à l'état de l'artIn this thesis, effective and robust cryptographic schemes were proposed to overcome the current security and privacy issues of recent medical systems and applications. The main contribution of this thesis is to reach a high level of security with minimum possible overhead contrary to many other existing solutions. Therefore, two cipher schemes and a data availability approach were proposed for medical data to ensure the following security services: data confidentiality, integrity and availability as well as source authentication. The proposed cryptographic solutions are based on the dynamic cryptographic cipher structures to ensure a better resistance against existing and modern attacks. Moreover, these solutions were designed to be lightweight and they require a small number of iterations. The proposed ciphers round function is iterated only once and uses a key dependent block permutation. It also satisfies the required confusion and diffusion properties, consequently ensuring the desirable cryptographic properties. Simulation and experimental results demonstrated the efficiency and the robustness of the proposed cryptographic solutions. Furthermore, employing the proposed cryptographic schemes open the door to a dynamic cryptographic algorithms that can lead to a significant performance and security gain compared with other recent related state-of-art
41
Lukacs, Andrea. "Investigation of IoT camera solutions in Smart Cities from a Technology, Information Security and Trust point of view." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-79300.
Анотація:
Smart cities utilize IoT cameras in a rushing pace. However, these high technological connected devices are back doors to safe systems. Implementation of high technological solutions without concerning other important aspects as information security and the factor of trust violates not only the quality aspect of the solutions, but also breaches the privacy of individuals. Secure solutions that reserve the trust of individuals with the help of high technological solutions is therefore significant. This study is aimed to investigate and find answer to how IoT camera solutions for smart cities can include all three of the important factors, which contributes for a deeper understanding of the whole product development process` possible improvements. Through a qualitative approach the research questions are investigated which resulted in a contribution that support the academic world of information security in presenting the importance of correct communication, collaboration and the including of the three factors during the development process of IoT camera solutions for smart cities. The results are open for further investigation as observed during research, but also key findings and recommendations are offered to the stakeholders of the IoT camera solution development industry.
42
Westling, Sebastian, and Marcus Eliasson. "E-handel : En studie kring betallösningar, säkerhetslösningar och certifieringar för små e-handelsföretag." Thesis, Mittuniversitetet, Institutionen för informationsteknologi och medier, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-16767.
Анотація:
Syftet har varit att på uppdrag av Periallo identifiera vad kunder tycker är viktigast ur ett säkerhetsperspektiv. Detta har skett genom att besvara frågorna vad som är viktigt för konsumenterna ur ett säkerhetsperspek-tiv när de handlar av små e-handelsföretag och vilka säkerhetslösningar samt betallösningar som är relevanta för små e-handelsföretag. Vi har även undersökt om det är värt för ett litet e-handelsföretag att investera i en certifiering. Arbetet har kartlagt betallösningar, säkerhetslösningar och certifieringar med hjälp av en kritisk litteraturstudie och med en enkät, det vill säga en kvantitativ metod. Resultatet av undersökningen har visat att de flesta kunderna känner sig trygga när de handlar på Internet. Den säkraste betallösningen anses vara faktura, medan de populäraste betalsätten är konto/kreditkort och direktbetalning. Utöver det har undersökningen också visat att det är viktigare för mindre och okända e-handelsföretag att tydligt visa vilka säkerhetslösningar de använder sig av gentemot de stora och kända företagen trots att de flesta av deltagarna inte var medvetna om vilka säkerhetslösningar som finns för att skydda företag och konsument.The purpose of this study is, on behalf of Periallo, to identify what it is that customers consider to be of greatest importance from a security perspective. This has been conducted from the answers given by consumers when asked a question concerning what they deem to be important from a security perspective when they shop from small e-commerce companies. In addition, a consideration has also been given to the security and payment solutions that are relevant to small e-commerce companies. An examination has also been conducted as to whether it is worth a small e-commerce company investing in a certification. In this work, payment solutions, security solutions and certifications have been identified by means of a critical literature review and a questionnaire, which is a quantitative method. The results of the study have shown that the majority of customers feel that it is safe to shop online. The most secure payment solution is considered to be an invoice, while the most popular payment methods are debit/credit cards and direct payment. In addition, the study has also shown that it is more important for a small and unknown e-commerce company to properly reflect upon the security solutions that they use against the large and well-known companies, even though, the majority of the participants in this study, were not aware of the security solutions available to protect companies and consumers.
43
Kardokas, Gintaras. "Bevielio tinklo diegimo įmonėje metodika." Master's thesis, Lithuanian Academic Libraries Network (LABT), 2008. http://vddb.library.lt/obj/LT-eLABa-0001:E.02~2008~D_20080612_151339-53813.
Анотація:
Pagrindiniu įmonės tikslu laikomas įmonės vertės didinimas gali būti realizuojamas plečiant rinkos dalį, didinat parduodamų prekių ar paslaugų kiekį, taip pat didinant darbo organizavimo efektyvumą įmonėje. Vienas iš efektyvumo didinimo įmonėje sprendimų yra bevielio kompiuterių tinklo įmonėje diegimas. Naudojant bevielį kompiuterių tinklą pasiekiamas didesnis personalo mobilumas ir darbo efektyvumas, kai reikiamą informaciją darbuotojas gali gauti būdamas bet kurioje įmonės vietoje. Darbe atlikta bevielio tinklo diegimo metodų teorinė analizė, pasiūloma bevielio tinklo diegimo vertinimo metodika ir atliekamas metodikos taikymo tyrimas.Darbe pateikiama bevielio tinklo diegimo įmonėje metodika leidžia apskaičiuoti mobilumo naudą įmonei per papildomos vert���s sukūrimą ir kaštų sumažinimą, bei parinkti tinkamą bevielio tinklo architektūros ir saugumo sprendimus, atsižvelgiant į įmonės poreikius. Pristatomas modelis, leidžiantis įvertinti bevielio tinklo teikiamą naudą įmonėje. Bevielio kompiuterių tinklo architektūrinių sprendimų pritaikymo įmonei metodika formuluojama, remiantis atliktų eksperimentinių tyrimų rezultatais.The main goal for a company is to increase its value which can be achieved by expanding the market share, increasing sales volume of its goods and services, improving labour productivity. One of the improvements aiming at achieving labour productivity is the implementation of wireless computer network. The use of wireless computer network gives a higher degree of mobility and efficiency for staff within the company, in particular when employee needs to access the information from any place in the territory of a company. This work contains from performed theoretic analysis of implementation methods of wireless network, the suggested methodology of Wireless Network evaluation and performed investigation of realised methodology of Wireless Network implementation in the company. The paper presents the methodology of wireless networks implementation in a company, evaluates the efficiency of wireless networks and suggests the possible architectural and security solutions for wireless networks implementation. Further more, the presented methodology enables to evaluate the benefits of mobility, in particular for added value creation and costs reduction, and allows choosing the appropriate architectural and security solutions of wireless computer network. The presented methodology is based on the results of experimental research.
44
Kandi, Mohamed Ali. "Lightweight key management solutions for heterogeneous IoT." Thesis, Compiègne, 2020. http://www.theses.fr/2020COMP2575.
Анотація:
L'Internet des objets (IdO) est une technologie émergente ayant le potentiel d'améliorer notre quotidien de différentes façons. Elle consiste à étendre la connectivité au-delà des appareils standards (tels que les ordinateurs, les tablettes et les smartphones) à tous les objets du quotidien. Ces appareils, également appelés objets intelligents, peuvent alors collecter des données de leur entourage, collaborer pour les traiter puis agir sur leur environnement. Cela augmente leurs fonctionnalités et leur permet d'offrir divers services au profit de la société. Cela dit, de nombreux défis ralentissent le développement de l'IdO. La sécurisation des communications entre ces appareils est l'un des problèmes les plus difficiles qui empêche cette technologie de révéler tout son potentiel. La cryptographie fournit un ensemble de mécanismes permettant de sécuriser les données. Pour leur bon fonctionnement, ces derniers ont besoin de paramètres secrets appelés clés. La gestion des clés est une branche de la cryptographie qui englobe toutes les opérations impliquant la manipulation de ces clés : génération, stockage, distribution et remplacement. Par ailleurs, la cryptographie légère consiste à étendre les mécanismes conventionnels (la gestion des clés comprise) aux appareils à ressources limitées. Afin d'être efficaces dans l'IdO, les nouveaux mécanismes doivent offrir un bon compromis entre sécurité, performance et consommation de ressources. La gestion légère des clés est donc l'essence de la communication sécurisée dans l'IdO et le cœur de notre travail. Dans cette thèse, nous proposons un nouveau protocole léger de gestion des clés pour sécuriser la communication entre les appareils hétérogènes et dynamiques de l'IdO. Pour concevoir notre solution, nous considérons trois modes de communication : d'appareil à appareil, de groupe et de multi-groupes. Alors que la plupart des travaux connexes se concentrent uniquement sur l'un de ces modes de communication, notre solution sécurise efficacement les trois. Aussi, elle équilibre automatiquement les charges entre les appareils hétérogènes en fonction de leurs capacités. Nous prouvons alors que cela rend notre protocole plus adapté à l'IdO étant donné qu'il est efficace et hautement évolutif. De plus, nous proposons une décentralisation de notre protocole basée sur la technologie blockchain et les contrats intelligents. Ainsi, nous montrons qu'en permettant à plusieurs participants de gérer les clés cryptographiques, la décentralisation résout les problèmes de confiance, réduit le risque de défaillance du système et améliorer la sécurité. Nous implémentons enfin notre solution sur des plateformes IoT à ressources limitées qui sont basées sur le système d'exploitation Contiki. L'objectif est d'évaluer expérimentalement les performances de notre solution et de compléter nos analyses théoriquesThe Internet of Things (IoT) is an emerging technology that has the potential to improveour daily lives in a number of ways. It consists of extending connectivity beyond standard devices (such as computers, tablets and smartphones) to all everyday objects. The IoT devices, also called smart objects, can collect data from their surroundings, collaborate to process them and then act on their environment. This increases their functionalities and allow them to offer various services for the benefit of society. However, many challenges are slowing down the development of the IoT. Securing communication between its devices is one of the hardest issue that prevents this technology from revealing its full potential. Cryptography provides a set of mechanisms to secure data. For their proper functioning, these mechanisms require secret parameters called keys. The Key Management is a branch of cryptography that encompasses all operations involving the handling of these of extending the conventional mechanisms (including the Key Management) to the resource-limited devices. To be efficient in the IoT, the new mechanisms must offer a good compromise between security, performance and resource requirements. Lightweight Key Management is the essence of secure communication in the IoT and the core of our work. In this thesis, we propose a novel lightweight Key Management protocol to secure communication between the heterogeneous and dynamic IoT devices. To design our solution, we consider three modes of communication: device-to-device, group and multi-group communication. While most of the related works focus only on one of these modes of communication, our solution efficiently secures all three of them. It also automatically balances the loads between the heterogeneous devices according to their capabilities. We then prove that this makes our protocol more suitable for the IoT as it is e_cient and highly scalable. Furthermore, we propose a decentralization of our protocol based on the blockchain technology and smart contracts. We show that, by empowering multiple participants to manage the cryptographic keys, decentralization solves trust issues, lowers risk of system failure and improves security. We finally implement our solution on resource-constrained IoT motes that are based on the Contiki operating system. The objective is to experimentally evaluate the performance of our solution and to complete our theoretical analyses
45
Kaced, Ahmed Réda. "Problèmes de sécurité posés par les proxies d'adaptation multimédia : proposition de solutions pour une sécurisation de bout-en-bout." Phd thesis, Télécom ParisTech, 2009. http://pastel.archives-ouvertes.fr/pastel-00005883.
Анотація:
L'évolution des techniques d'adaptation et des contenus multimédias adaptables a montré la nécessité de définir des techniques et des pratiques concernant la sécurité des échanges sur les réseaux. Dans la mesure où l'adaptation des documents multimédia nécessite d'autoriser la modification de ces documents entre le serveur et le client, il est important d'étudier les conditions nécessaires pour assurer ces modifications de façon sécurisée. Nous avons donc, dans ce cadre, à présenter un système de communication multimédia qui préserve l'authenticité et l'intégrité des contenus originaux de bout en bout tout en permettant l'adaptation de ces contenus par des intermédiaires. C'est l'objectif général de cette thèse. Dans ce mémoire, nous présentons SEMAFOR, une plate-forme de communication multimédia offrant aux utilisateurs la possibilité d'adapter leur contenus (selon les besoins) par des n\oe uds intermédiaires. La particularité de cette plate-forme est sa capacité de sécuriser le contenu émis de bout-en-bout, cette sécurisation repose sur deux mécanismes proposés et décrits dans cette thèse : AMCA pour l'authentification des contenu et XSST pour le chiffrement et rechiffrement intermédiaire. Les tests et les mesures de performances présentés à la fin de ce mémoire démontrent la validité des propositions décrites dans cette thèse et valident la pertinence des résultats obtenus.
46
Plateaux, Aude. "Solutions opérationnelles d'une transaction électronique sécurisée et respectueuse de la vie privée." Phd thesis, Université de Caen, 2013. http://tel.archives-ouvertes.fr/tel-01009349.
Анотація:
Avec l'utilisation de notre carte bancaire pour payer un achat sur Internet ou de notre téléphone portable pour nous connecter aux réseaux sociaux, les transactions électroniques font partie de notre quotidien et sont désormais incontournables. Malheureusement, lors de tels échanges, un grand nombre de données personnelles sont transférées et une telle informatisation n'est pas sans conséquence. Les problèmes de sécurisation et de protection de ces données sont bien présents. Dans cette thèse, nous nous concentrons sur la problématique de la protection de la vie privée des utilisateurs dans des systèmes informatiques. Pour cela, nous nous intéressons à trois domaines d'actualité. Dans un premier temps, nous proposons un système de gestion des données centré sur l'utilisateur. Ainsi, lors de sa navigation sur Internet, l'internaute sera guidé et aura la possibilité de faire appel aux huit fonctionnalités offertes par l'application. Un second problème, sur lequel nous avons travaillé, est le cas des dossiers médicaux des patients et de l'accès à ces documents confidentiels. Nous proposons une architecture de e-santé permettant la protection des informations personnelles des patients au sein d'un établissement de santé et entre plusieurs établissements. Pour finir, nous avons travaillé dans le domaine de la monétique et plus précisément sur le paiement en ligne. Nous exposons ainsi trois nouveaux protocoles respectant davantage les données personnelles des internautes. Deux d'entre eux sont une amélioration de protocoles existants : 3D-Secure et le protocole d'Ashrafi et Ng. La dernière architecture, totalement nouvelle, permet de procéder à un paiement sur Internet sans fournir aucune information bancaire du client. Pour chacune de ces infrastructures, des exigences de sécurité et de protection de la vie privée sont décrites. Les solutions existantes, ainsi que celles proposées, sont détaillées et analysées en fonction de ces exigences. Les propositions d'architectures respectueuses de la vie privée ont toutes fait l'objet d'une preuve de concept avec une implémentation logicielle.
47
Hasrouny, Hamssa. "Gestion de confiance et solutions de sécurité pour les réseaux véhiculaires." Thesis, Evry, Institut national des télécommunications, 2018. http://www.theses.fr/2018TELE0001/document.
Анотація:
Les réseaux véhiculaires sont constitués de véhicules capables de s’échanger des informations par voie radio afin d'améliorer la sécurité routière (diffusion de messages d'alerte en cas d’accident ou de ralentissement anormal, conduite collaborative entre véhicules…) ou de permettre aux passager d’accéder à l’Internet (applications de réseaux collaboratifs, jeux interactifs, gestion des espaces libres dans les parkings…). Malheureusement, les messages liés à la sécurité routière échangés entre les véhicules peuvent être falsifiés ou éliminés par des entités malveillantes afin de causer des accidents et mettre en péril la vie des personnes. Dans cette thèse, nous nous concentrons particulièrement sur la définition, conception et l’évaluation d’une solution de sécurité pour les communications entre véhicules afin d’assurer une communication sécurisée et un bon niveau de confiance entre les différents véhicules participants. En adoptant un modèle basé sur la formation de groupes, nous procédons à l'évaluation de niveau de confiance des véhicules participants à ces réseaux et nous développons un modèle de confiance qui sert à analyser leurs comportements dans leurs groupes respectifs tout en respectant la vie privée des participants et en maintenant une surcharge minimale dans le réseau. Ensuite, nous proposons un modèle hiérarchique et modulaire permettant la détection de comportement malveillant et la gestion de la révocation des certificats des véhicules concernésVANETs (Vehicular Ad-hoc Networks) consist of vehicles capable of exchanging information by radio to improve road safety (alerts in case of accidents or in case of abnormal slowdowns, collaborative driving…) or allow internet access for passengers (collaborative networks, infotainment, etc.). Road safety messages exchanged between vehicles may be falsified or eliminated by malicious entities in order to cause accidents and endanger people life. In this thesis, we focus on defining, designing and evaluating a security solution for V2V communications in VANET, to ensure a secure communication and a good level of confidence between the different participating vehicles. Adopting a group-based model, we consider the Trustworthiness evaluation of vehicles participating in VANET and we develop a Trust Model to analyze the behavior of the vehicles in the group while preserving the privacy of the participants and maintaining low network overhead. We then propose a hierarchical and modular framework for Misbehavior Detection and Revocation Management
48
Berglund, Sara, and Olivia Nilsson. "Integrated Solutions and the Needed Capabilities: A Supplier and Customer Perspective : A Case Study of a Public-Private Business Relationship within the Defence and Security Sector." Thesis, Karlstads universitet, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-78615.
Анотація:
The manufacturing industry has experienced a change in the business environment during the last decade and has started to explore the possibilities of integrating products and services into new bundled offerings. A great deal has been published about this new phenomenon and it is often referred to as integrated solutions. When implementing an integrated solution it requires changes in the organizational structure, resulting in a need to develop further capabilities. Capabilities are explained as complex bundles of skills and accumulated knowledge possessed by organizations that enables them to coordinate their activities and make use of their assets. Previous literature has focused on the capabilities needed for suppliers that develop integrated solutions, leaving uncertainties regarding the needed capabilities for the customer. This research intends to investigate the capabilities needed from both the supplier’s and customer’s perspective and how they affect the development of integrated solutions. To investigate this, a thorough literature review was conducted to create a foundation of knowledge regarding the research area and resulted in a theoretical framework. The research follows a qualitative case study approach where empirical data was collected primarily through interviews but also by analyzing documents that resulted in needed capabilities for both actors. Furthermore, economic models were developed to provide a holistic view of the integrated solution and enable comparison with the current trading situation. The research resulted in five dimensions including capabilities needed for the supplier and four dimensions including capabilities needed for the customer when developing the integrated solution. The dimensions are: Control capability, Economic capability, Organizational capability, Production capability, and Relational capability. In this specific case study, the production capability dimension was considered unique for the supplier and did not iterate from the perspective of the customer. Apart from this, the dimensions were considered important for both actors. The findings indicate that the capabilities possessed by both the supplier and the customer affect the integrated solution and that it is important to investigate the needed capabilities form the perspective of both actors before developing the integrated solution. However, there were differences since some capabilities were required by only one actor and some were considered more or less essential depending on the actor. Furthermore, the findings imply that the uniqueness of the business relationship and the industry may affect the needed capabilities.Under det senaste årtiondet har det skett en förändring i tillverkningsindustrin då flera företag har börjat undersöka möjligheterna att integrera produkter och tjänster till kombinerade erbjudanden. Denna förändring har förekommit frekvent i litteraturen och benämns ofta som integrerade lösningar. När man implementerar en integrerad lösning krävs förändringar i den organisatoriska strukturen vilket har resulterat i ett behov av att utveckla ytterligare förmågor. Förmågor definieras som komplexa kombinationer av kompetenser och den kunskap som finns hos organisationen som möjliggör att kunna koordinera sina möjligheter och utnyttja sina tillgångar optimalt. Tidigare litteratur har fokuserat på de förmågor som leverantörer behöver för att utveckla integrerade lösningar vilket skapar en osäkerhet gällande de förmågor som krävs av kunden. Studien avser att undersöka de förmågor som krävs både ur ett leverantörs- och kundperspektiv när man utvecklar integrerade lösningar. En noggrann litteraturundersökning gjordes för att skapa en grund av kunskap gällande forskningsområdet och resulterade i ett teoretiskt ramverk. En kvalitativ fallstudie utfördes där empirisk data samlades in genom huvudsakligen intervjuer men också genom att analysera dokument. Således resulterade fallstudien i de förmågor som krävdes av båda aktörerna för att utveckla den integrerade lösningen. För att skapa en helhetssyn över den integrerade lösningen utvecklades en ekonomisk modell vilket möjliggjorde för en jämförelse av den nuvarande handelssituationen. Undersökningen resulterade i fem dimensioner innehållande förmågor för leverantören respektive fyra dimensioner innehållande förmågor för kunden vid utveckling av den integrerade lösningen. Följande dimensioner identifierades: kontrollförmåga, ekonomisk förmåga, organisatorisk förmåga, produktionsförmåga och relationsförmåga. I denna specifika fallstudie ansågs produktionsförmågorna endast beröra leverantören och därav itererade dem inte ur ett kundperspektiv. Utöver denna förmåga ansågs alla dimensioner viktiga för båda aktörerna. Resultatet indikerar att det är viktigt att undersöka vilka förmågor som behövs både för leverantören och kunden vid utvecklingen av en integrerad lösning. Trots att många av de förmågor som identifierades i studien ansågs viktiga för båda aktörerna fanns det olikheter då vissa förmågor endast behövdes för en av aktörerna och vissa ansågs mer eller mindre viktiga beroende på aktör. Resultatet indikerar även att den unika affärsrelationen och den specifika industrin kan ha en påverkan på vilka förmågor som anses viktiga för aktörerna.
49
Signorini, Matteo. "Towards an internet of trust: issues and solutions for identification and authentication in the internet of things." Doctoral thesis, Universitat Pompeu Fabra, 2015. http://hdl.handle.net/10803/350029.
Анотація:
La Internet de las Cosas está avanzando lentamente debido a la falta de confianza en dispositivos que puedan interactuar de manera autónoma. Además, se requieren nuevos enfoques para mitigar o al menos paliar ataques de atacantes omnipresentes cada vez más poderosos. Para hacer frente a estas cuestiones, esta tesis investiga los conceptos de identidad y autenticidad.
En cuanto a la identidad, se propone un novedoso enfoque sensible al contexto basado en la tecnología de cadenas de bloques donde el paradigma estándar se sustituye por un enfoque basado en la identificación de atributos. Referente a la authentication, nuevas propuestas permiten validar mensajes en escenarios en línea y fuera de línea. Además, se introduce un nuevo enfoque basado en software para escenarios en línea que proporciona propiedades intrínsecas de hardware independientemente de elementos físicos. Por último, la tecnología PUF permite el diseño novel de protocolos de autenticación en escenarios donde sin conexión.The Internet of Things is advancing slowly due to the lack of trust in devices that can autonomously interact. Standard solutions and new technologies have strengthened its security, but ubiquitous and powerful attackers are still an open problem that requires novel approaches. To address the above issues, this thesis investigates the concepts of identity and authenticity. As regards identity, a new context-aware and self-enforced approach based on the blockchain technology is proposed. With this solution, the standard paradigm focused on fixed identifiers is replaced with an attribute-based identification approach that delineates democratically approved names. With respect to authentication, new approaches are analyzed from both the online and offline perspective to enable smart things in the validation of exchanged messages. Further, a new software approach for online scenarios is introduced which provides hardware-intrinsic properties without relying on any physical element. Finally, PUF technology is leveraged to design novel offline disposable authentication protocols.
50
Borhade, Anjali. "Challenges and possible solutions for ensuring health of urban migrants as a part of India's agenda for a sustainable urban growth story." Thesis, University of Oxford, 2018. https://ora.ox.ac.uk/objects/uuid:65e3dec5-09ec-4b73-8ca8-3de451c15237.
Анотація:
Internal labour migration is an important livelihood strategy for poor groups worldwide. Aims and objectives This research aims to answer the question "What is appropriate policy framework to address the health needs of the Indian urban migrants?" The research analyses existing policies and compares policies in arrange of countries that have developed mechanisms to address migrant's health needs. Transferable lessons will be drawn to develop a policy framework to address health needs of Indian migrants. Recommendations to improve the health of urban migrants will be made. Methods The research involves a mixed methods approach - literature review, questionnaire survey, qualitative interviews and site visits to understand successes and challenges in the implementation of migration and health policies in India and other countries. A literature review was conducted to understand the impact of migration - its health outcomes and policies in India and abroad. A pre-tested, interviewer-administered questionnaire survey was conducted using random sampling with 4000 migrants in Nashik to understand their access to health care. In-depth interviews were conducted with policy makers in ministries including health and labour, migrant's organizations and international agencies in India, China, Philippines, Sri Lanka and Vietnam to understand the successes and challenges in the implementation of migration and health policies and learn from their experiences. Conclusions Internal migration is rising in India mainly from the scheduled tribes and castes. Lack of migration specific data, state specific programmes/policies linked with state citizenship and lack of federal structures are key challenges to meet the unique needs of Indian migrants. Lessons for India were learnt from other countries included initiating a migration census, introducing a national portable health insurance and a comprehensive 'whole government approach'. Recommendations were made to enable the government to facilitate appropriate policy to improve the health and status of the migrants.