To see the other types of publications on this topic, follow the link: Electronic security.
Dissertations / Theses on the topic 'Electronic security'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Electronic security.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Pao, Hua-Fu. "Security management of electronic data interchange." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 1993. http://handle.dtic.mil/100.2/ADA272962.
Full text
2
Zhao, Weiliang, University of Western Sydney, of Science Technology and Environment College, and School of Computing and Information Technology. "Security techniques for electronic commerce applications." THESIS_CSTE_CIT_Zhao_W.xml, 2003. http://handle.uws.edu.au:8081/1959.7/127.
Full textAbstract:
Electronic commerce and the internet provide greater opportunities for companies and individual person to be involved in commercial activities; the involved parties may not know or trust each other or may even be mutually suspicious of each other. The issue of fairness becomes more critical and must be well addressed. The aim of this thesis is to investigate security solutions with fairness for on-line transactions. A fair trading protocol with credit payment is proposed. The proof of equivalence of discrete logarithm to discrete loglogarithm is employed as the main tool to construct the protocol. The scheme provides a unique link between payment and gambling outcome so that the winner can be ensured to get the payment. Since an optimal fair exchange method is used in gambling message exchange, the proposed system guarantees that no one can successfully cheat during a gambling process. Our system requires an off-line Trusted Third Party (TTP). If cheating occurs, the TTP can resolve the problem and make the gambling process fair. An efficient and secure poker scheme is proposed. It is based on multiple encryption and decryption of individual cards. The protocol satisfies all major security requirements of a real mental poker. It gets rid of the Card Salesman and guarantees minimal effect due to collusion. The protocol is secure and more efficient compared with other known protocols. The strategies of players can be kept confidential with the introduction of a Dealer. The protocol is suitable to be implemented in an on-line gambling card game. The implementation of the fair on-line gambling protocol has been demonstrated and all utility classes for the implementation have been defined.<br>Master of Science (Hons)
3
Zhao, Weiliang. "Security techniques for electronic commerce applications /." View thesis View thesis, 2003. http://library.uws.edu.au/adt-NUWS/public/adt-NUWS20030505.155156/index.html.
Full textAbstract:
Thesis (M.Sc. (Hons.)) -- University of Western Sydney, 2003.<br>"A thesis submitted for the degree of Master of Science (Honours) - Computing and Information Technology at University of Western Sydney" Bibliography : leaves 109-114.
4
González, Calabuig Andreu. "Electronic Tongues for food and security applications." Doctoral thesis, Universitat Autònoma de Barcelona, 2018. http://hdl.handle.net/10803/643301.
Full textAbstract:
En la present tesi doctoral s’aprofundeix en l’estudi de les llengües electròniques i el seu
desenvolupament com a línia d’investigació del grup de Sensors i Biosensors de la Universitat
Autònoma de Barcelona. Aquesta línea d’investigació posa el focus en l’aplicació dels
coneixements del grup d’investigació en desenvolupament de sensors electroquímics per a
desenvolupar matrius de sensors per al seu ús en aplicacions del tipus Llengua Electrònica en
diferents camps. La llengua electrònica es considera un nou paradigma en el món dels sensors
ja que millora el resultats analítics mitjançant el tractament amb eines quimio mètriques.
Les dades electroquímiques van ser obtingudes mitjançant la tècnica de voltamperometria en
les diferents variants: cíclica i diferencial de polsos. El tractament estadístic es va utilitzar per a
extreure i seleccionar la informació química rellevant de les dades originals; els mètodes
utilitzats van ser l’Anàlisi de Components Principals i l’Anàlisi Discriminant Lineal per estudis
qualitatius i la Regressió de Mínims Quadrats Parcials i les Xarxes Neuronals Artificials per
estudis quantitatius.
Les aplicacions descrites en el present manuscrit estan classificades en tres camps diferenciats:
seguretat, seguiment mediambiental i sector del vi.
En el primer camp, la seguretat, les Llengües Electròniques conjuntament amb les eines quimio
mètriques s’han utilitzat per a la quantificació de components com: TNT, Tetryl, HMX, RDX,
PETN i TATP. A l’apartat quantitatiu es determinaren mescles ternàries de TNT, Tetryl y TATP.
Les Llengües Electròniques desenvolupades en el camp mediambiental es divideixen en dos
camps. La primera va ser desenvolupada per a la detecció de metalls pesants en aigua on es
van desenvolupar dues aplicacions per detectar simultàniament cadmi, plom i coure o cadmi,
plom i mercuri. La segona aplicació és la quantificació de mescles ternàries de contaminants
persistents tals com: cresol, m-cresol i guaiacol en mostres d’aigua residual.
En el camp alimentari es presenten dos treballs: la detecció de defectes tipus Brett en vi,
causats per la presència de fenols volàtils i la classificació i predicció de la denominació
d’origen i la nota de tast de vins negres i blancs de Catalunya.<br>This thesis memory is focused on the continuation of the electronic tongue line of investigation
in the Sensors and Biosensors Group in the Department of Chemistry of Universistat Autònoma
de Barcelona. This line has been heavily focused on the application of the group know-how in
electrochemical sensor development to design several sensors arrays to be applied following
electronic tongue principles in different analytical scenarios. The electronic tongue principles
are the new paradigm in the sensor field, where a large number of sensors with low selectivity
are used in conjunction with chemometric data processing tools.
The electrochemical data was acquired using voltammetry in its different variants: cyclic
voltammetry and differential pulse voltammetry. Statistical treatment was performed to
extract and select the relevant chemical information from the data samples; the main methods
employed were Principal Component analysis and Lineal Determinant Analysis for qualitative
studies and Partial Least Squares and Artificial Neural Networks for quantitative studies.
The applications described in this thesis memory are comprised in 3 different fields: homeland
security, environmental monitoring and beverage field.
In the field of homeland security an Electronic Tongue system coupled with chemometric tools
was used to identify and quantify the explosive compounds such as: TNT, Tetryl, HMX, RDX,
PETN and TATP. Also a quantification study with ternary mixtures of TNT, Tetryl and TATP was
performed.
The Electronic Tongues developed in the field of environmental monitoring have 2 disctinct
branches. The first one is the detection of heavy metals in water, in this case two applications
where developed to simultaneously detect cadmium, lead and copper or cadmium, lead and
mercury. The second application is the quantification of ternary mixtures of persistent
phenolic pollutants such as: cresol, m-cresol and guaiacol in wastewaters
In the beverage field the works presented focus in the detection of the Brett defect in wines,
caused by the presence of certain volatile phenols, and the classification and prediction of
designation of origin and sensory panel scores in red and white wines.
5
Marais, Terrence K. "Electronic payment and security on the Internet." Thesis, Stellenbosch : Stellenbosch University, 2002. http://hdl.handle.net/10019.1/52819.
Full textAbstract:
Thesis (MBA)--Stellenbosch University, 2002.<br>ENGLISH ABSTRACT: The greatest potential worry that an on-line shopper has is what happens to his/her credit
card details from the moment "submit" is pressed on the computer. Is it possible for someone
on the Internet to intercept the message and use credit card details maliciously? Also, there is
a lot of talk about personal details being encrypted, but how sure is one that this was indeed
the case once "submit" has been pressed? Is there a way in which one can be sure that a
transaction will occur only once? Many of the security issues are new and many experts are
only learning how to deal with these now. This thesis offers suggestions and strategies a user
can follow to minimize misuse and abuse of payment details.
Electronic payment is the backbone of e-commerce, and the biggest threat towards
widespread acceptance and usage of e-commerce is security. Many innovative solutions
have been developed by vendors to address security issues. For example, the Secure
Electronic Transfer (SET) protocol was developed to ensure that credit card transactions
could be conducted safely and securely on the Internet. Secure Socket Layer (SSL) ensures
that all communications and transactions are conducted in a tightly secure environment. This
is critical for online or mobile banking and other financial activities. Others developments
include payment systems that ensure that credit card details are never exposed to a merchant
(e.g. SET), while some ensure that credit card numbers never enter the Internet.
The five corner stones of security are confidentiality, privacy, authentication, integrity and
non-repudiation. Authentication, non-repudiation and integrity can be resolved with digital
certificates, digital timestamps and digital signatures. Message confidentiality, on the other
hand, is ensured through the use of strong encryption.
Encryption systems mutilate data or a message to such an extent that it is totally useless to
someone who does not have the appropriate algorithm and key to decode it. The most widely
used encryption schemes are the secret key and public key encryption systems. The public
key cryptosystem generates two keys, called a public and private key. The public key can be
made generally known, but the private key must be kept secret. A unique property of the
scheme is that once data is encrypted with one key, only the corresponding other key of the
pair can decrypt it. This makes it possible to address issues of authentication, integrity and
non-repudiation.
Traditional payment instruments such as cash, cheques, debit and credit card transactions
are being replaced by their electronic equivalents. The driving forces behind these are
transactional security, efficiency and speed. Novel payment solutions and strategies have
been devised to meet the challenges of this new economy. For example, smart cards can act
as an electronic purse that can hold electronic money. Other information, such as personal
details, medical records, driver's licence, etc. can also be stored on the card.
Whilst many security experts are in agreement that security is not a barrier anymore for wider
usage of the Internet for financial transactions, many consumers are still apprehensive about
how secure and safe it really is. This work aims to diminish those fears and show that the
Internet is safe for business.<br>AFRIKAANSE OPSOMMING: Een van die grootste bekommernisse wat 'n kliënt met aankope op die Internet kan
ondervind, is die onsekerheid wat presies gebeur nadat betalings aangegaan is en "Submit" is
gedruk. Is dit moontlik dat iemand die boodskap kan onderskep en betaling besonderhede vir
eie gebruik kan herwin? Daar is ook baie publisiteit oor kodifisering, maar hoe kan die klient
verseker wees dat betalings besonderhede wel gekodifiseer is wanneer "Submit" gedruk
was? Is daar 'n manier waarmee 'n mens verseker kan wees dat betaling slegs eenkeer gaan
geskied? Baie van die sekuriteits lokvalle is nuut en sekuritiets kenners is tans besig om te
leer hoe om die probleme te hanteer. Die werkstuk offer wenke en strategieë vir die
verbruiker om die misbruik van betaling besondehede op die Internet te minimiseer.
Elektronies betalings meganisme is die ruggraat van elektroniese besigheid, en die grootste
struikelblok tot die grootskaalse gebruik daarvan is sekuriteit. Daar is baie innoverende
oplossings om die probleme hok te slaan. By voorbeeld, die Secure Electronic Transfer (SET)
protokol was ontwikkel om te verseker dat betalings met kredietkaart met hoë sekuriteit en
veiligheid aangegaan kan word. Secure Socket Layers (SSL), verseker dat alle
kommunikasies en transaksies in 'n sekuur en veilige omgewing plaasvind. Dit is veral krities
wanneer die verbruiker gebruik maak van die Internet of vanaf selfone om transaksies aan te
gaan met 'n bank. Ander ontwikkelinge sluit in betalings metodes wat verseker dat die
handelaar nooit die kredietkaart besonderhede sien nie (bv. SET). Ander verseker weer dat
die betalings besonderhede nooit oor die Internet hoef gestuur te word nie.
Die vyf hoekstene van sekuriteit is konfidensialiteit, privaatheid, outentisiteit, integriteit en
non-repudiasie. Outentisiteit, integriteit en non-repudiasie word opgelos deur die gebruik
maak van digitale sertifikate, digitale tydstempels en digitale handtekeninge. Konfidensialiteit
kan verseker word deur die boodskap te kodifiseer.
Kodifikasie behels die verandering van data of boodskappe op so 'n wyse dat dit van geen
betekenis is vir 'n persoon wat nie die korrekte algoritme en sleutel het om dit te dekodifiseer
nie. Die geheime en publieke kodifiserings stelsels word die meeste gebruik om data te
kodifiseer. Die publieke kodifiserings stelsel genereer twee sleutels, naamlik 'n privaat en
publieke sleutel. Die publieke sleutel kan alom bekend gemaak word, maar die private sleutel
moet slegs bekend wees aan sy gebruiker. 'n Unieke eienskap van die stelsel is dat indien 'n
boodskap gekodifiseer is met een sleutel, slegs die ander sleutel van die paar dit sal kan
dekodifiseer. Dit maak dit moontlik om outentisiteit, integriteit en non-repudiasie toe te pas.
Die tradisionele metodes van betaling soos kontant, tjek en debiet of kredietkaart, gaan
mettertyd vervang word deur hul elektroniese eweknie. Die dryfkrag agter die verskynsel is
die hoë sekuriteit, doeltreffendheid en spoed waarmee transaksies op die manier gehanteer
kan word. Vindingryke betaling metodes is ontdek om die besondere uitdagings van die nuwe
ekonomie aan te speek. Byvoorbeeld, knap kaarte kan gebruik word as 'n elektroniese
beursie wat elektroniese geld bêre. Ander persoonlike inligting, mediese records,
bestuurlisensies, ens. kan ook op die kaart geberg word.
Terwyl baie sekuriteits kenners glo dat sekuriteit nie meer 'n stuikelblok is om die Internet vir
besigheids transaksies te gebruik nie, bly baie van die verbruikers skepties. Die werkstuk se
doel is om daardie onsekerhede uit die weg te ruim, deur te verduidelik hoe sekuriteit toe
gepas word, en om te bewys dat die Internet interdaad veilig is as a medium vir besigheids
transaksies.
6
Khu-Smith, Vorpranee. "Enhancing the security of electronic commerce transactions." Thesis, Royal Holloway, University of London, 2003. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.406487.
Full text
7
DeWitt, Alexander John Anthony George. "Usability issues with security of electronic mail." Thesis, Brunel University, 2007. http://bura.brunel.ac.uk/handle/2438/1059.
Full textAbstract:
This thesis shows that human factors can have a large and direct impact on security, not only on the user’s satisfaction, but also on the level of security achieved in practice. The usability issues identified are also extended to include mental models and perceptions as well as traditional user interface issues. These findings were accomplished through three studies using various methodologies to best suit their aims. The research community have issued principles to better align security and usability, so it was first necessary to evaluate their effectiveness. The chosen method for achieving this was through a usability study of the most recent software specifically to use these principles. It was found that the goal of being simultaneously usable and secure was not entirely met, partially through problems identified with the software interface, but largely due to the user’s perceptions and actions whilst using the software. This makes it particularly difficult to design usable and secure software without detailed knowledge of the users attitudes and perceptions, especially if we are not to blame the user for security errors as has occurred in the past. Particular focus was given to e-mail security because it is an area in which there is a massive number of vectors for security threats, and in which it is technologically possible to negate most of these threats, yet this is not occurring. Interviews were used to gain in depth information from the user’s point of view. Data was collected from individual e-mail users from the general public, and organisations. It was found that although the literature had identified various problems with the software and process of e-mail encryption, the majority of problems identified in the interviews stemmed once again from user’s perceptions and attitudes. Use of encryption was virtually nil, although the desire to use encryption to protect privacy was strong. Remembering secure passwords was recurrently found to be problematic, so in an effort to propose a specific method of increasing their usability an empirical experiment was used to examine the memorability of passwords. Specially constructed passwords were tested for their ability to improve memorability, and therefore usability. No statistical significance in the construction patterns was found, but a memory phenomenon whereby users tend to forget their password after a specific period of non-use was discovered. The findings are discussed with reference to the fact that they all draw on a theme of responsibility to maintain good security, both from the perspective of the software developer and the end user. The term Personal Liability and General Use Evaluation (PLaGUE) is introduced to highlight the importance of considering these responsibilities and their effect on the use of security.
8
Cheang, Sek Lam. "Electronic commerce and security : risk identification and management." Thesis, University of Macau, 2001. http://umaclib3.umac.mo/record=b1636215.
Full text
9
Eriksson, Oskar, Kristian Maric, and Hans Olsberg. "Electronic Identification : Focus on bank services and security." Thesis, Jönköping University, Jönköping International Business School, 2005. http://urn.kb.se/resolve?urn=urn:nbn:se:hj:diva-62.
Full text
10
Rodrigues, Aniket. "SCADA security device: design and implementation." Thesis, Wichita State University, 2011. http://hdl.handle.net/10057/5195.
Full textAbstract:
Securing SCADA systems is a critical aspect of Smart grid security. As sophisticated attacks continue to target industrial systems, the focus should be on planning and developing new security techniques that will adapt to the SCADA environment and protocols. Traditional SCADA protocols such as DNP3, Modbus and ICCP do not support encryption, authentication and data integrity in their native form. Although they can be secured with VPN tunnels, IPSEC adds significant network overhead and complexity to the end hosts. SCADA devices may lack the computing resources to implement this kind of technique. In this thesis, a security design is proposed that can help make communications between the master stations and slave devices in a SCADA network secure without putting additional overhead on the remote devices. This research designs a SCADA Security Device (SSD), which can work in conjunction with other network elements to implement a secure architecture for SCADA protocols. Several components of the SSD were implemented and tested during this research to evaluate the security features in a SCADA network.<br>Thesis (M.S.)--Wichita State University, College of Engineering, Dept. of Electrical Engineering and Computer Science.
11
Shah, Payal Hemchand. "Security in live Virtual Machine migration." Thesis, Wichita State University, 2011. http://hdl.handle.net/10057/5205.
Full textAbstract:
Virtualization has become an essential technology for organizations. With on-demand services from vendors, a substantial rise in the use of virtualization has been noticed. Today there are various kinds of virtualization techniques offering different advantages. One of the important features of virtualization is live virtual machine (VM) migration. In live VM migration, the controls of a VM are migrated from one physical host to another. Workload balancing, and server maintenance becomes easy by migrating the VM. The ability to reboot or shut down the physical server without affecting running applications is greatly beneficial to an organization.
With this indispensable feature of live VM migration, the security factor is still unanswered. Very little research has been done in exploring the security concerns inherent while data moves between the two physical machines. This thesis looks at this poorly explored area and attempts to propose a proper solution, and thereby maintain security. Man–in–the–middle attack could be created by sniffing data between the hypervisors and confidentiality is lost. Data in transit could be read and then tampered with or misused, and can create havoc in the network and bring it down completely.
The research shows how a malicious attacker can sniff the data while performing live VM migration over Xen hypervisor and exploit information. Using this experiment the author proposes strategies that can be used to have a secure live migration process.<br>Thesis (M.S.)--Wichita State University, College of Engineering, Dept. of Electrical and Computer Engineering.
12
Bijani, Shahriar. "Securing open multi-agent systems governed by electronic institutions." Thesis, University of Edinburgh, 2013. http://hdl.handle.net/1842/8268.
Full textAbstract:
One way to build large-scale autonomous systems is to develop an open multi-agent system using peer-to-peer architectures in which agents are not pre-engineered to work together and in which agents themselves determine the social norms that govern collective behaviour. The social norms and the agent interaction models can be described by Electronic Institutions such as those expressed in the Lightweight Coordination Calculus (LCC), a compact executable specification language based on logic programming and pi-calculus. Open multi-agent systems have experienced growing popularity in the multi-agent community and are expected to have many applications in the near future as large scale distributed systems become more widespread, e.g. in emergency response, electronic commerce and cloud computing. A major practical limitation to such systems is security, because the very openness of such systems opens the doors to adversaries for exploit existing vulnerabilities. This thesis addresses the security of open multi-agent systems governed by electronic institutions. First, the main forms of attack on open multi-agent systems are introduced and classified in the proposed attack taxonomy. Then, various security techniques from the literature are surveyed and analysed. These techniques are categorised as either prevention or detection approaches. Appropriate countermeasures to each class of attack are also suggested. A fundamental limitation of conventional security mechanisms (e.g. access control and encryption) is the inability to prevent information from being propagated. Focusing on information leakage in choreography systems using LCC, we then suggest two frameworks to detect insecure information flows: conceptual modeling of interaction models and language-based information flow analysis. A novel security-typed LCC language is proposed to address the latter approach. Both static (design-time) and dynamic (run-time) security type checking are employed to guarantee no information leakage can occur in annotated LCC interaction models. The proposed security type system is then formally evaluated by proving its properties. A limitation of both conceptual modeling and language-based frameworks is difficulty of formalising realistic policies using annotations. Finally, the proposed security-typed LCC is applied to a cloud computing configuration case study, in which virtual machine migration is managed. The secrecy of LCC interaction models for virtual machine management is analysed and information leaks are discussed.
13
He, Ying. "Generic security templates for information system security arguments : mapping security arguments within healthcare systems." Thesis, University of Glasgow, 2014. http://theses.gla.ac.uk/5773/.
Full textAbstract:
Industry reports indicate that the number of security incidents happened in healthcare organisation is increasing. Lessons learned (i.e. the causes of a security incident and the recommendations intended to avoid any recurrence) from those security incidents should ideally inform information security management systems (ISMS). The sharing of the lessons learned is an essential activity in the “follow-up” phase of security incident response lifecycle, which has long been addressed but not given enough attention in academic and industry. This dissertation proposes a novel approach, the Generic Security Template (GST), aiming to feed back the lessons learned from real world security incidents to the ISMS. It adapts graphical Goal Structuring Notations (GSN), to present the lessons learned in a structured manner through mapping them to the security requirements of the ISMS. The suitability of the GST has been confirmed by demonstrating that instances of the GST can be produced from real world security incidents of different countries based on in-depth analysis of case studies. The usability of the GST has been evaluated using a series of empirical studies. The GST is empirically evaluated in terms of its given effectiveness in assisting the communication of the lessons learned from security incidents as compared to the traditional text based approach alone. The results show that the GST can help to improve the accuracy and reduce the mental efforts in assisting the identification of the lessons learned from security incidents and the results are statistically significant. The GST is further evaluated to determine whether users can apply the GST to structure insights derived from a specific security incident. The results show that students with a computer science background can create an instance of the GST. The acceptability of the GST is assessed in a healthcare organisation. Strengths and weaknesses are identified and the GST has been adjusted to fit into organisational needs. The GST is then further tested to examine its capability to feed back the security lessons to the ISMS. The results show that, by using the GST, lessons identified from security incidents from one healthcare organisation in a specific country can be transferred to another and can indeed inform the improvements of the ISMS. In summary, the GST provides a unified way to feed back the lessons learned to the ISMS. It fosters an environment where different stakeholders can speak the same language while exchanging the lessons learned from the security incidents around the world.
14
Pino, Luca. "Security aware service composition." Thesis, City University London, 2015. http://openaccess.city.ac.uk/13170/.
Full textAbstract:
Security assurance of Service-Based Systems (SBS) is a necessity and a key challenge in Service Oriented Computing. Several approaches have been introduced in order to take care of the security aspect of SBSs, from the design to the implementation stages. Such solutions, however, require expertise with regards to security languages and technologies or modelling formalisms. Furthermore, existing approaches allow only limited verification of security properties over a service composition, as they focus just on specific properties and require expressing compositions and properties in a model based formalism. In this thesis we present a unified security aware service composition approach capable of validation of arbitrary security properties. This approach allows SBS designers to build secure applications without the need to learn formal models thanks to security descriptors for services, being they self-appointed or certified by an external third-party. More specifically, the framework presented in this thesis allows expressing and propagating security requirements expressed for a security composition to requirements for the single activities of the composition, and checking security requirements over security service descriptors. The approach relies on the new core concept of secure composition patterns, modelling proven implications of security requirements within an orchestration pattern. The framework has been implemented and tested extensively in both a SBS design-time and runtime scenario, based respectively on Eclipse BPEL Designer and the Runtime Service Discovery Tool.
15
Hoernecke, Andrew Todd. "Security Integrated Messaging a protocol for secure electronic mail /." [Ames, Iowa : Iowa State University], 2007.
Find full text
16
Dagdelen, Özgür. "The Cryptographic Security of the German Electronic Identity Card." Phd thesis, tuprints, 2013. https://tuprints.ulb.tu-darmstadt.de/3538/7/%C3%96zg%C3%BCrDagdelen-Thesis.pdf.
Full textAbstract:
In November 2010, the German government started to issue the new electronic identity card (eID) to its citizens. Besides its original utilization as a ’visual’ identification document, the eID card can be used by the cardholder to prove one’s identity at border control and to enhance security of authentication processes over the Internet, with the eID card serving as a token to reliably
transmit personal data to service providers or terminals, respectively. To this end, the German Federal Office for Information Security (BSI) proposed several cryptographic protocols now deployed on the eID card.
The Password Authenticated Connection Establishment (PACE) protocol secures the wireless communication between the eID card and the user’s local card reader, based on a cryptographically weak password like the PIN chosen by the card owner. Subsequently, the Extended Access Control (EAC) protocol is executed by the chip and the service provider to mutually authenticate and agree on a shared secret session key. This key is then used in the secure channel protocol, called Secure Messaging (SM). Finally, an optional protocol,
called Restricted Identification (RI), provides a method to use pseudonyms such that they can be linked by individual service providers, but not across different service providers (even not by malicious ones).
This thesis consists of two parts. First, we present the above protocols and provide a rigorous analysis on their security from a cryptographic point of view. We show that the Germen eID card provides reasonable security for authentication and exchange of sensitive information allaying concerns regarding its usage.
In the second part of this thesis, we introduce two possible modifications to enhance the security of these protocols even further. Namely, we show how to (a) add to PACE an additional efficient chip authentication step, and (b) augment RI to allow also for signatures under pseudonyms.
17
Akinbi, Olushola Alexander. "An adaptive security framework for evaluating and assessing security implementations in PaaS cloud models." Thesis, Edge Hill University, 2015. http://repository.edgehill.ac.uk/7762/.
Full textAbstract:
The security risks of cloud computing and ambiguity of security mechanisms implemented on an ondemand cloud service such as Platform-as-a-Service (PaaS), continues to raise concerns by cloud consumers. These concerns continue to hinder the adoption of the potentials offered by provisioning of computer resources of this scale. It also indicates a lot needs to be done to improve security controls implemented on cloud computing services as a whole. There is the need to understand and evaluate security mechanisms and controls implemented to preserve the confidentiality, integrity and availability of data stored, processed and accessed in the cloud. Also there is the need to ensure these mechanisms meet security standards and requirements to mitigate any security risks. Although most organisations and cloud service providers (CSPs) have various information security management systems they used to evaluate their computer security and CSPs try to obtain security certifications based on industry standards, cloud customers are however not sure of the security mechanisms implemented on cloud services and how these mechanism are integrated to provide adequate security for their data and applications developed and deployed in the cloud. This research study highlights the use of a systematic and comprehensive approach developed by the researcher to understand in detail, the security architecture of PaaS clouds. This approach presents the development of a security framework which is used as a tool in an attempt to identify and evaluate security mechanism implemented on each PaaS component. The primary findings and preliminary analysis of the evaluation enabled the researcher determine the security provisions, capabilities and limitations of security features implemented on this type of cloud delivery model.
18
Hof, Sonja. "Alternative security approaches in E-government /." Linz : Trauner Verlag, 2005. http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&doc_number=014795036&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA.
Full text
19
Taramonli, Chryssanthi. "Energy conscious adaptive security." Thesis, University of Warwick, 2014. http://wrap.warwick.ac.uk/74094/.
Full textAbstract:
The rapid growth of information and communication systems in recent years has brought with it an increased need for security. Meanwhile, encryption, which constitutes the basis of the majority of security schemes, may imply a significant amount of energy consumption. Encryption algorithms, depending on their complexity, may consume a significant amount of computing resources, such as memory, battery power and processing time. Therefore, low energy encryption is crucial, especially for battery powered and passively powered devices. Thus, it is of great importance to achieve the desired security possible at the lowest cost of energy. The approach advocated in this thesis is based on the lack of energy implication in security schemes. It investigates the optimum security mode selection in terms of the energy consumption taking into consideration the security requirements and suggests a model for energy-conscious adaptive security in communications. Stochastic and statistical methods are implemented – namely reliability, concentration inequalities, regression analysis and betweenness centrality – to evaluate the performance of the security modes and a novel adaptive system is proposed as a flexible decision making tool for selecting the most efficient security mode at the lowest cost of energy. Several symmetric algorithms are simulated and the variation of four encryption parameters is examined to conclude the selection of the most efficient algorithm in terms of energy consumption. The proposed security approach is twofold, as it has the ability to adjust dynamically the encryption parameters or the energy consumption, either according to the energy limitations or the severity of the requested service.
20
Maarof, M. A. B. "Integrating security services into computer supported cooperative work." Thesis, Aston University, 2000. http://publications.aston.ac.uk/7989/.
Full textAbstract:
This research describes the development of a groupware system which adds security services to a Computer Supported Cooperative Work system operating over the Internet. The security services use cryptographic techniques to provide a secure access control service and an information protection service. These security services are implemented as a protection layer for the groupware system. These layers are called External Security Layer (ESL) and Internal Security Layer (ISL) respectively. The security services are sufficiently flexible to allow the groupware system to operate in both synchronous and asynchronous modes. The groupware system developed - known as Secure Software Inspection Groupware (SecureSIG) - provides security for a distributed group performing software inspection. SecureSIG extends previous work on developing flexible software inspection groupware (FlexSIG) Sahibuddin, 1999). The SecureSIG model extends the FlexSIG model, and the prototype system was added to the FlexSIG prototype. The prototype was built by integrating existing software, communication and cryptography tools and technology. Java Cryptography Extension (JCE) and Internet technology were used to build the prototype. To test the suitability and transparency of the system, an evaluation was conducted. A questionnaire was used to assess user acceptability.
21
Vives, Guasch Arnau. "Contributions to the security and privacy of electronic ticketing systems." Doctoral thesis, Universitat Rovira i Virgili, 2013. http://hdl.handle.net/10803/119683.
Full textAbstract:
Un bitllet electrònic és un contracte en format digital entre dues parts, l'usuari i el proveïdor de serveis, on hi queda reflectit l'acord entre ambdós per tal que l'usuari rebi el servei que desitja per part del proveïdor. Els bitllets són emprats en diferents tipus de serveis, com esdeveniments lúdics o esportius, i especialment en l'àmbit del transport. En aquest cas permet reduir costos donat l'alt volum d'usuaris, a més de facilitar la identificació del flux de viatges. Aquesta informació permet preveure i planificar els sistemes de transport de forma més dinàmica.
La seguretat dels bitllets electrònics és clau perquè es despleguin a l'entorn real, com també ho és la privadesa dels seus usuaris. La privadesa inclou tant l'anonimitat dels usuaris, és a dir, una acció no s'ha de poder atribuir fàcilment a un determinat usuari, com també la no enllaçabilitat dels diferents moviments d'un determinat usuari.
En aquesta tesi proposem protocols de bitllets electrònics que mantinguin les propietats dels bitllets en paper juntament amb els avantatges dels bitllets digitals. Primerament fem un estat de l'art amb les propostes relacionades, analitzant-ne els requisits de seguretat que compleixen. Presentem un protocol de bitllets electrònics que incorpora els nous requisits de seguretat d'exculpabilitat i reutilització, diferents dels que haviem analitzat, tot complint també la privadesa pels usuaris. Posteriorment, presentem una proposta de bitllets electrònics adaptada als sistemes de pagament depenent de l'ús, bàsicament enfocat al transport, que incorpora tant l'anonimat pels usuaris, com també la enllaçabilitat a curt termini, és a dir, complint la no enllaçabilitat dels diferents moviments del mateix usuari, però permetent la enllaçabilitat de les accions relacionades amb el mateix trajecte (p.ex. entrada i sortida). Finalment, mitjançant una evolució de la mateixa tècnica criptogràfica utilitzada en el sistema de pagament per ús, millorant-ne el temps de verificació per a múltiples bitllets alhora (verificació en ``batch''), presentem una proposta que pot ser útil per a varis sistemes de verificació massiva de missatges, posant com a cas d'ús l'aplicació a sistemes de xarxes vehiculars.<br>An electronic ticket is a digital contract between two parties, that is, the user and the service provider. An agreement between them is established in order that the user can receive the desired service. These tickets are used in different types of services, such as sports or entertainment events, especially in the field of transport. In the case of transport, costs can be reduced due to the high volume of users, and the identification of the travel flow is facilitated. This information allows the forecast and planification of transport systems more dynamically.
The security of electronic tickets is very important to be deployed in the real scenarios, as well as the privacy for their users. Privacy includes both the anonymity of users, which implies that an action cannot be easily attributed to a particular user, and also the unlinkability of the different movements of that user.
This thesis presents protocols which keep the same security requirements of paper tickets while offering the advantages of digital tickets. Firstly, we perform a state of the art with the related proposals, by analysing the security requirements considered. We then present an electronic ticketing system that includes the security requirements of exculpability and reusability, thus guaranteeing the privacy for users. We later present a proposal of electronic ticketing systems adapted to use-dependant payment systems, especially focused on transport, which includes both the anonymity of users and the short-term linkability of their movements. The related actions of a journey of a determined user can be linkable between them (i.e. entrance and exit of the system) but not with other movements that the user performs. Finally, as an extension of the previous use-dependant payment system solution, we introduce the case of mass-verification systems, where many messages have to be verified in short time, and we present a proposal as a vehicular network use case that guarantees privacy for users with short-term linkability and can verify these messages efficiently.
22
Divic, Mirela, and Ida Hveding Huse. "A Security Focused Integration Architecture for an Electronic Observation Chart." Thesis, Norwegian University of Science and Technology, Department of Computer and Information Science, 2005. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-9257.
Full textAbstract:
<p>An observation chart contains a collection of information from several different health information systems used at a hospital. Today, health personnel often has to access these health information systems during patient care and manually register information from them into the observation chart. Integration of the health information systems which constitute an observation chart is therefore needed. Integration means that systems used by a large amount of users are put together in such a way that all users gain access to the information they need. An integration will increase the efficiency of information flow by automatically retrieving information from relevant health information systems into an electronic observation chart. These improvements in turn will hopefully result in better quality of patient care, reduced time spent on treating each patient and therefore also reduced costs. This thesis describes a security focused integration architecture for an electronic observation chart system (EOC-system). This thesis also explores standards, strategies, laws and regulations relevant for the architectural description of the EOC-system. The EOC-system is going to be developed by CARDIAC, a company focusing on technology within health care, and the architectural description will be a support in this development process. The architectural description for CARDIACs EOC-system is based on the Model-based Architecture description Framework for Information Integration Abstraction (MAFIIA), which is an architectural description framework for software intensive systems with a specialization towards Information Integration Systems (IIS). The architectural description has also followed MAFIIAs two extensions, MAFIIA/H and MAFIIA/RBAC, which respectively relate to the health care domain and to role-based access control (RBAC). The work with this thesis, following the MAFIIA architectural description framework, has resulted in a detailed and structured architectural description which sees the architecture from several viewpoints and describes different aspects of it. Security and integration are emphasized in the architectural description; a combination of a service-oriented and portal-oriented integration architecture is chosen and the security mechanisms digital signing, secure communication, auditing and access control are ensured.</p>
23
Jaks, Liis. "Security Evaluation of the Electronic Control Unit Software Update Process." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-188171.
Full textAbstract:
A modern vehicle is controlled by a distributed network of embedded devices - Electronic Control Units. The software of these devices is updated over an easily accessible and standardised diagnostic interface. Their hardware capabilities are very low, and thereby the security implementations are fairly minimalistic. This thesis analyses the Electronic Control Units used in the heavy-duty vehicle company Scania for security vulnerabilities. First, a list of security requirements was compiled. The implementation of these requirements was verified on several Electronic Control Units by the application of software testing methods. Testing identified two potentially dangerous shortfalls: short encryption seeds used in the authentication challenge, and a lack of reliable software source verification. These vulnerabilities were validated by performing experimental attacks. A brute-force attack was performed on a device with 2-byte seeds and keys. Next, an active man-in-the-middle attack was successfuly carried out to bypass authentication and ash the Electronic Control Unit with arbitrary software. Additionally, a passive man-in-the-middle attack was performed to sniff and store software files. The final attack was a combination: a valid seed and authentication code pair was sniffed over a flashing session, followed by using the pair to gain access later. To mitigate these attacks, it is most important to use long authentication seeds and keys, and implement all security standards. Public-key cryptography may also be an alternative for authentication. Software data encryption could be considered for integrity and confidentiality. A less computation-intense solution would be adding cryptographic signatures to messages.
24
Glisson, William Bradley. "The Web Engineering Security (WES) methodology." Thesis, University of Glasgow, 2008. http://theses.gla.ac.uk/186/.
Full textAbstract:
The World Wide Web has had a significant impact on basic operational economical components in global information rich civilizations. This impact is forcing organizations to provide justification for security from a business case perspective and to focus on security from a web application development environment perspective. This increased focus on security was the basis of a business case discussion and led to the acquisition of empirical evidence gathered from a high level Web survey and more detailed industry surveys to analyse security in the Web application development environment. Along with this information, a collection of evidence from relevant literature was also gathered. Individual aspects of the data gathered in the previously mentioned activities contributed to the proposal of the Essential Elements (EE) and the Security Criteria for Web Application Development (SCWAD). The Essential Elements present the idea that there are essential, basic organizational elements that need to be identified, defined and addressed before examining security aspects of a Web Engineering Development process. The Security Criteria for Web Application Development identifies criteria that need to be addressed by a secure Web Engineering process. Both the EE and SCWAD are presented in detail along with relevant justification of these two elements to Web Engineering. SCWAD is utilized as a framework to evaluate the security of a representative selection of recognized software engineering processes used in Web Engineering application development. The software engineering processes appraised by SCWAD include: the Waterfall Model, the Unified Software Development Process (USD), Dynamic Systems Development Method (DSDM) and eXtreme Programming (XP). SCWAD is also used to assess existing security methodologies which are comprised of the Orion Strategy; Survivable / Viable IS approaches; Comprehensive Lightweight Application Security Process (CLASP) and Microsoft’s Trust Worthy Computing Security Development Lifecycle. The synthesis of information provided by both the EE and SCWAD were used to develop the Web Engineering Security (WES) methodology. WES is a proactive, flexible, process neutral security methodology with customizable components that is based on empirical evidence and used to explicitly integrate security throughout an organization’s chosen application development process. In order to evaluate the practical application of the EE, SCWAD and the WES methodology, two case studies were conducted during the course of this research. The first case study describes the application of both the EE and SCWAD to the Hunterian Museum and Art Gallery’s Online Photo Library (HOPL) Internet application project. The second case study presents the commercial implementation of the WES methodology within a Global Fortune 500 financial service sector organization. The assessment of the WES methodology within the organization consisted of an initial survey establishing current security practices, a follow-up survey after changes were implemented and an overall analysis of the security conditions assigned to projects throughout the life of the case study.
25
El, Salamouny Ehab. "Probabilistic trust models in network security." Thesis, University of Southampton, 2011. https://eprints.soton.ac.uk/179163/.
Full textAbstract:
One of the dominant properties of a global computing network is the incomplete information available to principals about each other. This was the motivation of using the notion of probabilistic trust as an approach to security sensitive decision making in modern open and global computing systems. In such systems any principal A uses the outcomes of past interactions with another principal B to construct a probabilistic model approximating the behaviour of B. Using this model, the principal A can take decisions regarding interactions with B by estimating its future actions. Many existing frameworks adopt the so-called ‘Beta model’. The main limitation of these frameworks is that they assume the behaviour of any principal to be fixed, which is not realistic in many cases. In this thesis, we first address the application of probabilistic trust to optimise security protocols, and specifically give an example where the Crowds anonymity protocol is extended to use trust information. We then address the problem of evaluating probabilistic trust in principals exhibiting dynamic behaviours. In this respect, we formally analyse the ‘exponential decay’ technique as an approach to coping with principals’ dynamic behaviours. Given the identified limitations of this technique, a more general framework for trust and reputation is introduced. In this framework, Hidden Markov Models (HMMs) are used for modelling the dynamic behaviours of principals. This framework is formally analysed in terms of a notion of ‘estimation error’. Using an experimental approach based on Monte-Carlo methods to evaluate the expected estimation error, the introduced HMM-based framework for trust and reputation is compared to the existing Beta framework. The results show in general that the latter is getting more promising in evaluating trust in principals (‘trustees’) having dynamic behaviours as longer sequences of observations are available about such trustees.
26
Elsadig, Abdalla Abdalla Mohamed. "Virtualization Security Issues : Security issues arise in the virtual environment." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-42474.
Full textAbstract:
The thesis is submitted in Partial Fulfilment of the Requirements of a Master's degree in network Forensics at Halmstad University, Sweden. The author had selected VirtualizationSecurity as a valid issue for cloud computing service. In choosing this topic had the intention to apply the acquired knowledge during the Master's course, in search of practical solutions for computer security issues. This study report is classified into six segments and a conclusion. These are the introduction, background, research methodology, literature review, summary, discussions, conclusion, and recommendation (future work). InformationTechnology (IT) sector had encountered numerous and ever-emerging security issues, including those in virtual environments, which have become a big concern for organizations. Virtualization is the use of software to accommodate multiple operating systems on a computer system simultaneously, which can be applied from anywhere, given that there is internet connectivity. So the user can have access and can resolve the security issues. However, some constraints are limiting the benefits of the Virtualization of servers. The objective of this project is to study Virtualization as a valid means of solving IT security issues. Also, to assess mitigation approaches that can enhance Virtualization in the computing environment. To accomplish such objectives, this study had undergone a systematic literature review to learn the variety and nature of security issues of the virtual environment. Accordingly, the study had undertaken the classification of security issues to determine effective mitigation methods. The study had realized that there are around twenty-two known security issues, which are classified and described in section six of the report. Virtualization, as the subject study: three mitigation schemes are reviewed and discussed to alleviate important virtualization security issues (chapter seven of this Thesis).Moreover, the effects of the proposed mitigation techniques on the virtualization security issues on the CIA model (Availability, Integrity, and Confidentiality) are explained in brief. The model allows the researcher to quickly find the appropriate mitigation technique to manage the security issues of any virtual environment. In conclusion, the study provided a metadata reading of the security issues in the virtual environment. And apply the selected methods to solve the security issues, which proves that the virtualization technology is the critical element of utilizing computing power to its maximum capacity by executing process simultaneously without downtime, however IT security issues are continuously evolving and the research mission is always to conceive new techniques.
27
Shah, Anant. "Performance analysis of security mechanism during handoff in Mobile IP." Thesis, Wichita State University, 2007. http://hdl.handle.net/10057/1557.
Full textAbstract:
With the advent of wireless devices, such as PDA, palmtops, the demand for staying connected to the internet have steadily increased. The traditional TCP/IP stack does not have support for mobility. In order to address these demands, Mobile IP protocol was proposed, which has support for mobility. With Mobile IP protocol, one can stay connected to the internet while they are moving. As the mobile node moves from one network to another, it undergoes handoff in order to register with new network. The traditional Mobile IP protocol does have built in support for security. Hence external security mechanisms such as IPSEC, AAA are used in order to address the security issues during handoff in Mobile IP. These security mechanisms introduce further delay during the handoff. This thesis focuses on addressing the delay introduced due to security mechanism during handoff in Mobile IP. This research is based on development of algorithm for securing the communication between the mobile node and the home network and also by reducing the delay associated during handoff. The main idea behind this algorithm is to use the key exchange server at the home agent and generate the subset of keys which are then used by different foreign agents to register the mobile node with the home network. In the proposed algorithm, wireless sensor networks are used to detect the movement of mobile node and inform to the respective mobility agents. Then the mobility agents and home network exchange the information and when the mobile node moves to the new network, it registers using the key generated previously. In this research, the effects of various parameters such as burst in traffic, different security mechanism have been studied. All the simulation in this research work was carried out using MATLAB and different parameters such as registration cost, handoff cost and movement cost have been studied and compared to that of previous proposed schemes.<br>Thesis (M.S)-- Wichita State University, College of Engineering, Dept. of Electrical and Computer Engineering<br>"December 2007."
28
Shah, Anant Pendse Ravindra. "Performance analysis of security mechanism during handoff in Mobile IP /." Thesis, A link to full text of this thesis in SOAR, 2007. http://hdl.handle.net/10057/1557.
Full text
29
Shonola, Shaibu A. "Mobile learning security in Nigeria." Thesis, University of Warwick, 2017. http://wrap.warwick.ac.uk/98529/.
Full textAbstract:
Innovation in learning technologies is driven by demands to meet students’ needs and make knowledge delivery easier by Higher Education Institutions. The technologies could play an important role in extending the possibilities for teaching, learning, and research in higher educational institutions (HEIs). Mobile learning emerged from this innovation as a result of massive use in the number of mobile devices due to availability and affordability among students. The lightweight nature of mobile devices in comparison to textbooks is also a source of attraction for students. Competition in the mobile device industry is encouraging mobile developers to be innovative and constantly striving to introduce new features in the devices. Consequently, newer sources of risks are being introduced in mobile computing paradigm at production level. Similarly, many m-learning developers are interested in developing learning content and instruction without adequate consideration for security of stakeholders’ data, whereas mobile devices used in m-learning can potentially become vulnerable if the security aspects are neglected. The purpose of this research is to identify the security concerns in mobile learning from the users’ perspective based on studies conducted in HEIs in Nigeria. While the challenges of adopting mobile learning in Nigerian universities are enormous, this study identifies the critical security challenges that learners and other users may face when using mobile devices for educational purposes. It examines the effects on the users if their privacy is breached and provides recommendations for alleviating the security threats. This research also, after considering users’ opinions and evaluating relevant literature, proposes security frameworks for m-learning as bedrocks for designing or implementing a secured environment. In identifying the security threats, the study investigates components of mobile learning systems that are prone to security threats and the common attack routes in m-learning, most especially among students in Nigerian universities. In order to reduce the security threats, the research presents a mobile security enhancement app, designed and developed for android smart mobile devices to promote security awareness among students. The app can also identify some significant security weaknesses by scanning/checking for vulnerabilities in m-learning devices as well as reporting any security threat. The responsibilities of the stakeholders in ensuring risk free mobile learning environments are also examined.
30
Cooke, John C. "Cryptographic techniques for personal communication systems security." Thesis, Aston University, 1995. http://publications.aston.ac.uk/8234/.
Full textAbstract:
The advent of personal communication systems within the last decade has depended upon the utilization of advanced digital schemes for source and channel coding and for modulation. The inherent digital nature of the communications processing has allowed the convenient incorporation of cryptographic techniques to implement security in these communications systems. There are various security requirements, of both the service provider and the mobile subscriber, which may be provided for in a personal communications system. Such security provisions include the privacy of user data, the authentication of communicating parties, the provision for data integrity, and the provision for both location confidentiality and party anonymity. This thesis is concerned with an investigation of the private-key and public-key cryptographic techniques pertinent to the security requirements of personal communication systems and an analysis of the security provisions of Second-Generation personal communication systems is presented. Particular attention has been paid to the properties of the cryptographic protocols which have been employed in current Second-Generation systems. It has been found that certain security-related protocols implemented in the Second-Generation systems have specific weaknesses. A theoretical evaluation of these protocols has been performed using formal analysis techniques and certain assumptions made during the development of the systems are shown to contribute to the security weaknesses. Various attack scenarios which exploit these protocol weaknesses are presented. The Fiat-Sharmir zero-knowledge cryptosystem is presented as an example of how asymmetric algorithm cryptography may be employed as part of an improved security solution. Various modifications to this cryptosystem have been evaluated and their critical parameters are shown to be capable of being optimized to suit a particular applications. The implementation of such a system using current smart card technology has been evaluated.
31
Ye, Ruyi. "An economic model of investment in information security /." View abstract or full-text, 2004. http://library.ust.hk/cgi/db/thesis.pl?ISMT%202004%20YE.
Full textAbstract:
Thesis (M. Phil.)--Hong Kong University of Science and Technology, 2004.<br>Includes bibliographical references (leaves 39-41). Also available in electronic version. Access restricted to campus users.
32
St, Leger Aaron. "Power system security assessment through analog computation /." Click for resource, 2008. http://hdl.handle.net/1860/2815.
Full text
33
Ciobâcǎ, Ştefan. "Verification and composition of security protocols with applications to electronic voting." Phd thesis, École normale supérieure de Cachan - ENS Cachan, 2011. http://tel.archives-ouvertes.fr/tel-00661721.
Full textAbstract:
This thesis is about the formal verification and composition of security protocols, motivated by applications to electronic voting protocols. Chapters 3 to 5 concern the verification of security protocols while Chapter 6 concerns composition.We show in Chapter 3 how to reduce certain problems from a quotient term algebra to the free term algebra via the use of strongly complete sets of variants. We show that, when the quotient algebra is given by a convergent optimally reducing rewrite system, finite strongly complete sets of variants exist and are effectively computable.In Chapter 4, we show that static equivalence for (classes of) equational theories including subterm convergent equational theories, trapdoor commitment and blind signatures is decidable in polynomial time. We also provide an efficient implementation.In Chapter 5 we extend the previous decision procedure to handle trace equivalence. We use finite strongly complete sets of variants introduced in Chapter 3 to get rid of the equational theory and we model each protocol trace as a Horn theory which we solve using a refinement of resolution. Although we have not been able to prove that this procedure always terminates, we have implemented it and used it to provide the first automated proof of vote privacy of the FOO electronic voting protocol.In Chapter 6, we study composition of protocols. We show that two protocols that use arbitrary disjoint cryptographic primitives compose securely if they do not reveal or reuse any shared secret. We also show that a form of tagging is sufficient to provide disjointness in the case of a fixed set of cryptographic primitives.
34
Flick, David Kenneth Gillum Charles Royce. "Electronic commerce : an analysis of financial transaction methods and associated security /." Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 1996. http://handle.dtic.mil/100.2/ADA333332.
Full textAbstract:
Thesis (M.S. in Information Technology Management) Naval Postgraduate School, September. 1996.<br>"September 1996." Thesis advisor(s): William J. Haga, Barry Frew. Includes bibliographical references (p. 165-178). Also available online.
35
Hussey, Phillip Ryan. "The Evolution of Electronic Surveillance: Balancing National Security and Civil Liberties." unrestricted, 2007. http://etd.gsu.edu/theses/available/etd-06152007-110824/.
Full textAbstract:
Thesis (honors)--Georgia State University, 2007.<br>Title from file title page. Robert Howard, thesis advisor. Electronic text (50 p.) : digital, PDF file. Description based on contents viewed Jan 17, 2008. Includes bibliographical references (p. 48-50).
36
Aldajani, Mouhamad. "Electronic patient record security policy in Saudi Arabia National Health Service." Thesis, De Montfort University, 2012. http://hdl.handle.net/2086/6016.
Full textAbstract:
Saudi Arabia is in the process of implementing Electronic Patient Records (EPR) throughout its National Health services. One of the key challenges during the adoption process is the security of EPR. This thesis investigates the current state of EPR security in Saudi Arabia’s National Health Services (SA NHS) both from a policy perspective and with regard to its implementation in SA NHS’s information systems. To facilitate the analysis of EPR security, an EPR model has been developed that captures the information that is stored as part of the electronic record system in conjunction with stated security requirements. This model is used in the analysis of policy consistency and to validate operational reality against stated policies at various levels within the SA NHS. The model is based on a comprehensive literature survey and structured interviews which established the current state of practice with respect to EPRs in a representative Saudi Arabian hospital. The key contribution of this research is the development and evaluation of a structured and model-based analysis approach to EPR security at the early adoption stage in SA, based on types of information present in EPRs and the needs of the users of EPRs. The key findings show that the SA EPR adoption process is currently proceeding without serious consideration for security policy to protect EPR and a lack of awareness amongst hospital staff.
37
Flick, David Kenneth, and Charles Royce Gillum. "Electronic commerce: an analysis of financial transaction methods and associated security." Thesis, Monterey, California. Naval Postgraduate School, 1996. http://hdl.handle.net/10945/32239.
Full textAbstract:
This study examines an obstacle to commerce on the Internet and the World Wide Web posed by a popular belief that the Internet and Web lack the technology needed for secure financial transactions. The reality behind such a belief has a direct effect upon commercial and financial transactions by DOD in view of an Executive Order that mandates Internet usage for electronic transactions. This study details and evaluates the methods available for secure financial transactions on the Internet. Each transaction method analysis provides security protocol functionalities, advantages and disadvantages and company profiles. The study also details the impediments to using the World Wide Web as a commercial medium. It concludes that the popular belief is unfounded. Implications are drawn for DOD practices and policy. DOD and the entire U.S. federal government has a stake in the Internet's capability to process secure financial transactions.
38
Ciobâcǎ, Ştefan. "Verification and composition of security protocols with applications to electronic voting." Thesis, Cachan, Ecole normale supérieure, 2011. http://www.theses.fr/2011DENS0059/document.
Full textAbstract:
Cette these concerne la verification formelle et la composition de protocoles de securite, motivees en particulier par l'analyse des protocoles de vote electronique. Les chapitres 3 a 5 ont comme sujet la verification de protocoles de securite et le Chapitre 6 vise la composition.Nous montrons dans le Chapitre 3 comment reduire certains problemes d'une algebre quotient des termes a l'algebre libre des termes en utilisant des ensembles fortement complets de variants. Nous montrons que, si l'algebre quotient est donnee par un systeme de reecriture de termes convergent et optimalement reducteur (optimally reducing), alors des ensembles fortement complets de variants existent et sont finis et calculables.Dans le Chapitre 4, nous montrons que l'equivalence statique pour (des classes) de theories equationnelles, dont les theories sous-terme convergentes, la theorie de l'engagement a trappe (trapdoor commitment) et la theorie de signature en aveugle (blind signatures), est decidable en temps polynomial. Nous avons implemente de maniere efficace cette procedure.Dans le Chapitre 5, nous etendons la procedure de decision precedente a l'equivalence de traces. Nous utilisons des ensembles fortement complets de variants du Chapitre 3 pour reduire le probleme a l'algebre libre. Nous modelisons chaque trace du protocole comme une theorie de Horn et nous utilisons un raffinement de la resolution pour resoudre cette theorie. Meme si nous n'avons pas reussi a prouver que la procedure de resolution termine toujours, nous l'avons implementee et utilisee pour donner la premiere preuve automatique de l'anonymat dans le protocole de vote electronique FOO.Dans le Chapitre 6, nous etudions la composition de protocoles. Nous montrons que la composition de deux protocoles qui utilisent des primitives cryptographiques disjointes est sure s'ils ne revelent et ne reutilisent pas les secrets partages. Nous montrons qu'une forme d'etiquettage de protocoles est suffisante pour assurer la disjonction pour un ensemble fixe de primitives cryptographiques<br>This thesis is about the formal verification and composition of security protocols, motivated by applications to electronic voting protocols. Chapters 3 to 5 concern the verification of security protocols while Chapter 6 concerns composition.We show in Chapter 3 how to reduce certain problems from a quotient term algebra to the free term algebra via the use of strongly complete sets of variants. We show that, when the quotient algebra is given by a convergent optimally reducing rewrite system, finite strongly complete sets of variants exist and are effectively computable.In Chapter 4, we show that static equivalence for (classes of) equational theories including subterm convergent equational theories, trapdoor commitment and blind signatures is decidable in polynomial time. We also provide an efficient implementation.In Chapter 5 we extend the previous decision procedure to handle trace equivalence. We use finite strongly complete sets of variants introduced in Chapter 3 to get rid of the equational theory and we model each protocol trace as a Horn theory which we solve using a refinement of resolution. Although we have not been able to prove that this procedure always terminates, we have implemented it and used it to provide the first automated proof of vote privacy of the FOO electronic voting protocol.In Chapter 6, we study composition of protocols. We show that two protocols that use arbitrary disjoint cryptographic primitives compose securely if they do not reveal or reuse any shared secret. We also show that a form of tagging is sufficient to provide disjointness in the case of a fixed set of cryptographic primitives
39
Jackson, Jennifer T. "A biodiversity approach to cyber security." Thesis, University of Warwick, 2017. http://wrap.warwick.ac.uk/106820/.
Full textAbstract:
Cyber crime is a significant threat to modern society that will continue to grow as technology is integrated further into our lives. Cyber attackers can exploit vulnerabilities to access computing systems and propagate malware. Of growing concern is the use of multiple exploits across layers of the software stack, plus faster criminal response times to newly disclosed vulnerabilities creating surges in attacks before signature-based malware protection can take effect. The wide scale adoption of few software systems fuels the problem, allowing identical vulnerabilities to be exploited across networks to maximise infection in a single attack. This requires new perspectives to tackle the threat. Biodiversity is critical in the functioning of healthy ecosystems. Whilst the idea of diversity benefiting computer security is not new, there are still gaps in understanding its advantages. A mathematical and an agent-based model have been developed using the ecosystem as a framework. Biodiversity is generated by individualised software stacks defined as genotypes with multiple loci. The models allow the protection offered by diversity to be quantified for ad hoc networks which are expected to become prevalent in the future by specifying how much diversity is needed to tolerate or mitigate two abstract representations of malware encompassing different ways multiple exploits target software stack layers. Outputs include the key components of ecosystem stability: resistance and resilience. Results show that diversity by itself can reduce susceptibility, increase resistance, and increase the time taken for malware to spread, thereby allowing networks to tolerate malware and maintain Quality of Service. When dynamic diversity is used as part of a multi-layered defence strategy with additional mechanisms such as blacklisting, virtualisation, and recovery through patching and signature based protection, diversity becomes more effective since the power of dynamic software updating can be utilised to mitigate attacks whilst maintaining network operations.
40
Katsikas, Stamatios. "Game theoretic models of networks security." Thesis, University of Warwick, 2017. http://wrap.warwick.ac.uk/102611/.
Full textAbstract:
Decision making in the context of crime execution and crime prevention can be successfully investigated with the implementation of game-theoretic tools. Evolutionary and mean-field game theory allow for the consideration of a large number of interacting players organized in social and behavioural structures, which typically characterize this context. Alternatively, `traditional' game-theoretic approaches can be applied for studying the security of an arbitrary network on a two player non-cooperative game. Theoretically underpinned by these instruments, in this thesis we formulate and analyse game-theoretic models of inspection, corruption, counter- terrorism, patrolling, and similarly interpreted paradigms. Our analysis suggests optimal strategies for the involved players, and illustrates the long term behaviour of the introduced systems. Our contribution is towards the explicit formulation and the thorough analysis of real life scenaria involving the security in network structures.
41
AlAdraj, Resala A. "Security and collaborative groupware tools usage." Thesis, University of Warwick, 2015. http://wrap.warwick.ac.uk/73319/.
Full textAbstract:
This thesis investigates the usage problems of Online Collaborative Groupware (OCG) tools for learning at the University of Bahrain (UOB) in the Kingdom of Bahrain. An initial study revealed that the main problems faced by students when they use OCG tools in the learning process are security and trust. SWFG (Skype, Wiki, Facebook, and Gmail) tools were proposed as being effective and commonly used OCG tools for learning. A quasi-experiment has been done with UOB students to identify the perceptions of the students towards security, privacy and safety relating to use of SWFG tools. Based on this experiment the researcher has derived the following results: Secure Skype has a positive relationship with Skype usage; Private Skype has a positive relationship with Skype trust; Secure Gmail has a negative relationship with Gmail usage and trust; Wiki usage has a negative relationship with trust in Wikis. Additionally, the research revealed that students may be more motivated to use OCG tools if the security and privacy of these tools was to be improved. The thesis also focuses on security and trust within email. In order to evaluate the usage of secure emails, students‘ awareness of the secure email awareness was investigated using quantitative and qualitative methods. The results of this evaluation informed the design of an experiment that was then conducted by tracking secure email usage and gathering information about the students‘ usage and awareness of their secure emails. The aim of this activity was to identify a clear representation of secure email usage over specified periods for both academic and non-academic purposes by students in both the UK and Bahrain. It has been concluded from this experiment that there are differences between the usage of secure email in each country when applied to both academic and non-academic purposes. Finally, based on these results, the researcher developed a framework which derives from the Technology Acceptance Model (TAM) model by testing security and trust effects on the ease of use and on usefulness. A case study has been conducted using a new secure email instructional model in order to validate the research framework. The study found that security provided by webmails and students‘ trust affects the webmail‘s perceived usefulness, and that in turn this leads to ease of use regardless of which type of email client is used. However, it was not proof that usefulness affects the usage of email. Evidence suggests that the model may be a suitable solution for increasing the usefulness of email in Computer Supported Collaborative Learning (CSCL), and can help to strengthen communication between faculty and students. This study has contributed valuable knowledge and information in this particular field of study. It has been able to gather a satisfactory amount of information from both students and teachers in both the University of Bahrain (UOB) and the University of Warwick (UOW). A number of different methods were used in this task – interviews, questionnaires, observations, experiments and student feedback, amongst others. The entire study was conducted in a way that it would empirically evaluate different dimensions of secure Online Collaborative Groupware (OCG) tools usage in the educational environment. The research framework applied in this investigation provided many insights into OCG tools. These new insights and information may be used to test and validate the framework with a large number of students.
42
Zhang, Jun Qi, University of Western Sydney, of Science Technology and Environment College, and School of Computing and Information Technology. "Oblivious transfer protocols for securing electronic commerce." THESIS_CSTE_CIT_Zhang_J.xml, 2002. http://handle.uws.edu.au:8081/1959.7/289.
Full textAbstract:
Security is a major issue for electronic commerce. Crytography is the foundation of security and oblivious transfer (OT) protocols are one primitive of modern cryptography. The main goal of this dissertation is to develop new and more efficient OT protocols and explore their applications in electronic commerce. A new m out of n OT scheme is proposed, its implementation, security and efficiency are discussed, and it is compared with a previous OT scheme. The analysis shows that the previous OT protocol can be regarded as a special case of the new proposed OT scheme. The new OT scheme's applicability in blind signatures is explored. A new non-interactive m out of n OT scheme is proposed that includes a newly developed public keys generation algorithm based on the discrete log problem and an OT protocol based on the Diffie-Hellman problem. The security of this scheme is discussed. A new buying digital goods scheme is proposed using the new m out of n priced OT which is based on the priced OT protocol developed by Bill Aiello, Yuval Isahai, and Omer Reingold. Tools used in this scheme are discussed and its security is analyzed. A concrete homomorphic protocol is given<br>Master of Science (Hons)
43
Jellen, Isabel. "Towards Security and Privacy in Networked Medical Devices and Electronic Healthcare Systems." DigitalCommons@CalPoly, 2020. https://digitalcommons.calpoly.edu/theses/2141.
Full textAbstract:
E-health is a growing eld which utilizes wireless sensor networks to enable access to effective and efficient healthcare services and provide patient monitoring to enable early detection and treatment of health conditions. Due to the proliferation of e-health systems, security and privacy have become critical issues in preventing data falsification, unauthorized access to the system, or eavesdropping on sensitive health data. Furthermore, due to the intrinsic limitations of many wireless medical devices, including low power and limited computational resources, security and device performance can be difficult to balance. Therefore, many current networked medical devices operate without basic security services such as authentication, authorization, and encryption.
In this work, we survey recent work on e-health security, including biometric approaches, proximity-based approaches, key management techniques, audit mechanisms, anomaly detection, external device methods, and lightweight encryption and key management protocols. We also survey the state-of-the art in e-health privacy, including techniques such as obfuscation, secret sharing, distributed data mining, authentication, access control, blockchain, anonymization, and cryptography. We then propose a comprehensive system model for e-health applications with consideration of battery capacity and computational ability of medical devices. A case study is presented to show that the proposed system model can support heterogeneous medical devices with varying power and resource constraints. The case study demonstrates that it is possible to signicantly reduce the overhead for security on power-constrained devices based on the proposed system model.
44
Du, Rong. "Secure electronic tendering." Queensland University of Technology, 2007. http://eprints.qut.edu.au/16606/.
Full textAbstract:
Tendering is a method for entering into a sales contract. Numerous electronic tendering systems have been established with the intent of improving the efficiency of the tendering process. Although providing adequate security services is a desired feature in an e-tendering system, current e-tendering systems are usually designed with little consideration of security and legal compliance. This research focuses on designing secure protocols for e-tendering systems. It involves developing methodologies for establishing security requirements, constructing security protocols and using formal methods in protocol security verification. The implication is that it may prove suitable for developing secure protocols in other electronic business domains. In depth investigations are conducted into a range of issues in relation to establishing generic security requirements for e-tendering systems. The outcomes are presented in a form of basic and advanced security requirements for e-tendering process. This analysis shows that advanced security services are required to secure e-tender negotiation integrity and the submission process. Two generic issues discovered in the course of this research, functional difference and functional limitations, are fundamental in constructing secure protocols for tender negotiation and submission processes. Functional difference identification derives advanced security requirements. Functional limitation assessment defines how the logic of generic security mechanisms should be constructed. These principles form a proactive analysis applied prior to the construction of security protocols. Security protocols have been successfully constructed using generic cryptographic security mechanisms. These protocols are secure e-tender negotiation integrity protocol suite, and secure e-tender submission protocols. Their security has been verified progressively during the design. Verification results show that protocols are secure against common threat scenarios. The primary contribution of this stage are the procedures developed for the complex e-business protocol analysis using formal methods. The research shows that proactive analysis has made this formal security verification possible and practical for complex protocols. These primary outcomes have raised awareness of security issues in e-tendering. The security solutions proposed in the protocol format are the first in e-tendering with verifiable security against common threat scenarios, and which are also practical for implementation. The procedures developed for securing the e-tendering process are generic and can be applied to other business domains. The study has made improvements in: establishing adequate security for a business process; applying proactive analysis prior to secure protocol construction; and verifying security of complex e-business protocols using tool aided formal methods.
45
Diepenbrock, Robert G. "Safety and security concerns: perceptions of preparedness of a rural school district." Diss., Wichita State University, 2010. http://hdl.handle.net/10057/3648.
Full textAbstract:
School safety and security continues to be a concern in schools throughout the world as it is not a matter of if, but when a crisis will occur. There is a large segment of the population that attends schools in rural settings making preparedness in rural schools a timely topic. The purpose of this study was to examine a Midwestern rural school district to learn the perceptions of how prepared the school‘s staff felt they were for a crisis situation and to compare their perceptions with local emergency responders. A theoretical framework of protection-motivation theory (PMT) was used throughout the study. PMT postulates when sufficient fear exists and a reasonable probability a catastrophic event could occur, then one is motivated toward protection.
It was concluded that the school district was well prepared for crisis situations they have faced, but was not prepared for disasters the school district has not faced. The rural school district has an ―it won‘t happen here‖ attitude regarding safety and security and as a result, has not kept crisis plans, training, and drills updated. The last thorough update took place shortly after the Columbine school shooting and subsequently, fear of a similar attack motivated the district to update their comprehensive crisis plan at that time. As that fear has waned, so has the preparedness of the district.<br>Thesis (Ed.D.)--Wichita State University, College of Education, Dept. of Educational Leadership
46
Jareen, Tania. "Improving performance, power, and security of multicore systems using smart cache organization." Thesis, Wichita State University, 2014. http://hdl.handle.net/10057/10964.
Full textAbstract:
The need of multicore/manycore systems for today's world is significantly increasing. But the multicore system is considered to be power-hungry as well as high latency system. Different researches show that it is possible to increase the performance to power ratio by wisely locking the memory blocks inside the cache memory. But this method introduces cache underutilization problem which reduces the effective cache size and also it is hard to configure. Also depending on the processor type, some processor may not have the option of cache locking. Also cache side channel attack and cache interference become a security threat for the cache design. In this paper, a smart cache technique is proposed which decreases the memory access latency and cache power consumption, as well as increases the overall system security. Propose smart victim cache (SVC) between level-1 cache (CL1) and leve-2 cache (CL2) eliminates the cache locking. SVC holds the higher missing memory blocks and also supports stream buffering. For security improvement for the cache, we randomize the cache mapping between main memory and CL1. The randomized cache mapping makes the attacker fool by showing the false positions of the memory blocks in the cache. In the experiment, a quad-core Intel-type system is used, where CL1 is private and CL2 is shared among the cores. A tree based analyzer HEPTANE (Hades Embedded Processor Timing Analyzer) and a system level simulator VisualSim are used on diverse applications (including MPEG-4 and H.264/AVC). From the simulation results, it is seen that 17% of memory access latency and 21% of total power consumption is reduced using SVC comparing with cache locking without using SVC. For 16-block CL1, it is estimated that the probability of cache side channel attack reduces from 40K to 1.<br>Thesis (M.S.)--Wichita State University, College of Engineering, Dept. of Electrical Engineering and Computer Science
47
Kim, Kamyoung. "Spatial analytical approaches for supporting security monitoring." Columbus, Ohio : Ohio State University, 2007. http://rave.ohiolink.edu/etdc/view?acc%5Fnum=osu1186593136.
Full text
48
Yu, Kin-ying, and 余見英. "Long term preservation of electronic documents." Thesis, The University of Hong Kong (Pokfulam, Hong Kong), 2004. http://hub.hku.hk/bib/B30073200.
Full text
49
Thulnoon, A. A. T. "Efficient runtime security system for decentralised distributed systems." Thesis, Liverpool John Moores University, 2018. http://researchonline.ljmu.ac.uk/9043/.
Full textAbstract:
Distributed systems can be defined as systems that are scattered over geographical distances and provide different activities through communication, processing, data transfer and so on. Thus, increasing the cooperation, efficiency, and reliability to deal with users and data resources jointly. For this reason, distributed systems have been shown to be a promising infrastructure for most applications in the digital world. Despite their advantages, keeping these systems secure, is a complex task because of the unconventional nature of distributed systems which can produce many security problems like phishing, denial of services or eavesdropping. Therefore, adopting security and privacy policies in distributed systems will increase the trustworthiness between the users and these systems. However, adding or updating security is considered one of the most challenging concerns and this relies on various security vulnerabilities which existing in distributed systems. The most significant one is inserting or modifying a new security concern or even removing it according to the security status which may appear at runtime. Moreover, these problems will be exacerbated when the system adopts the multi-hop concept as a way to deal with transmitting and processing information. This can pose many significant security challenges especially if dealing with decentralized distributed systems and the security must be furnished as end-to-end. Unfortunately, existing solutions are insufficient to deal with these problems like CORBA which is considered a one-to-one relationship only, or DSAW which deals with end-to-end security but without taking into account the possibility of changing information sensitivity during runtime. This thesis provides a proposed mechanism for enforcing security policies and dealing with distributed systems’ security weakness in term of the software perspective. The proposed solution utilised Aspect-Oriented Programming (AOP), to address security concerns during compilation and running time. The proposed solution is based on a decentralized distributed system that adopts the multi-hop concept to deal with different requested tasks. The proposed system focused on how to achieve high accuracy, data integrity and high efficiency of the distributed system in real time. This is done through modularising the most efficient security solutions, Access Control and Cryptography, by using Aspect-Oriented Programming language. The experiments’ results show the proposed solution overcomes the shortage of the existing solutions by fully integrating with the decentralized distributed system to achieve dynamic, high cooperation, high performance and end-to-end holistic security.
50
Zhang, Jun Qi. "Oblivious transfer protocols for securing electronic commerce /." View thesis View thesis, 2002. http://library.uws.edu.au/adt-NUWS/public/adt-NUWS20030417.113506/index.html.
Full text