To see the other types of publications on this topic, follow the link: Security architecture.
Dissertations / Theses on the topic 'Security architecture'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Security architecture.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Al-Azzani, Sarah. "Architecture-centric testing for security." Thesis, University of Birmingham, 2014. http://etheses.bham.ac.uk//id/eprint/5206/.
Full textAbstract:
This thesis presents a novel architecture-centric approach, which uses Implied Scenarios (IS) to detect design-vulnerabilities in the software architecture. It reviews security testing approaches, and draws on their limitations in addressing unpredictable behaviour in the face of evolution. The thesis introduces the concept of Security ISs as unanticipated (possibly malicious) behaviours that indicate potential insecurities in the architecture. The IS approach uses the architecture as the appropriate level of abstraction to tackle the complexity of testing. It provides potential for scalability to test large scale complex applications. It proposes a three-phased method for security testing: (1) Detecting design-level vulnerabilities in the architecture in an incremental manner by composing functionalities as they evolve. (2) Classifying the impact of detected ISs on the security of the architecture. (3) Using the detected ISs and their impact to guide the refinement of the architecture. The refinement is test-driven and incremental, where refinements are tested before they are committed. The thesis also presents SecArch, an extension to the IS approach to enhance its search-space to detect hidden race conditions. The thesis reports on the applications of the proposed approach and its extension to three case studies for testing the security of distributed and cloud architectures in the presence of uncertainty in the operating environment, unpredictability of interaction and possible security IS.
2
Moten, Daryl, and Sekaran Jambureskan. "Security Architecture for Telemetry Networks." International Foundation for Telemetering, 2014. http://hdl.handle.net/10150/578363.
Full textAbstract:
ITC/USA 2014 Conference Proceedings / The Fiftieth Annual International Telemetering Conference and Technical Exhibition / October 20-23, 2014 / Town and Country Resort & Convention Center, San Diego, CAThis paper develops a Security Architecture for a network of telemetry networks as is envisioned for future telemetry systems. We show a model for an aggregation of Test Centers as might be deployed for the envisioned network telemetry. We build a security architecture grounded in best practices for security design as captured in the NIST family of standards and guidelines captured in the SANS 20 critical controls.
3
Dukes, Renata. "Proposed iNET Network Security Architecture." International Foundation for Telemetering, 2009. http://hdl.handle.net/10150/605971.
Full textAbstract:
ITC/USA 2009 Conference Proceedings / The Forty-Fifth Annual International Telemetering Conference and Technical Exhibition / October 26-29, 2009 / Riviera Hotel & Convention Center, Las Vegas, NevadaMorgan State University's iNET effort is aimed at improving existing telemetry networks by developing more efficient operation and cost effectiveness. This paper develops an enhanced security architecture for the iNET environment in order to protect the network from both inside and outside adversaries. This proposed architecture addresses the key security components of confidentiality, integrity and authentication. The security design for iNET is complicated by the unique features of the telemetry application. The addition of encryption is complicated by the need for robust synchronization needed for real time operation in a high error environment.
4
Andersson, Martin. "Software Security Testing : A Flexible Architecture for Security Testing." Thesis, Växjö University, School of Mathematics and Systems Engineering, 2008. http://urn.kb.se/resolve?urn=urn:nbn:se:vxu:diva-2388.
Full textAbstract:
Abstract: This thesis begins with briefly describing a few vulnerability classes that exist in today’s software. We then continue by describing how these vulnerabilities could be discovered through dynamic testing. Both general testing techniques and existent tools are mentioned.
The second half of this thesis present and evaluates a new flexible architecture. This new architecture has the ability to combine different approaches and create a more flexible environment from where the testing can be conducted. This new flexible architecture aims towards reducing maintenance and/or adaptation time for existing tools or frameworks. The architecture consists of a given set of plug-ins that can be easily replaced to adapt test as needed. We evaluate this architecture by implementing test plug-ins. We also use this architecture and a set of test plug-ins to generate a fuzzer targeted to test a known vulnerable server.
5
Rodem, Magne. "Security in a Service-Oriented Architecture." Thesis, Norwegian University of Science and Technology, Department of Computer and Information Science, 2008. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-9719.
Full textAbstract:
In a service-oriented architecture (SOA), parts of software applications are made available as services. These services can be combined across multiple applications, technologies, and organizations. As a result, functionality can be more easily reused, and new business processes can be assembled at a low cost. However, as more functionality is exposed outside of the traditional boundaries of applications, new approaches to security are needed. While SOA shares many of the security threats of traditional systems, the countermeasures to some of these threats may differ. Most notably, eavesdropping, data tampering, and replay attacks must be countered on the message level in a complex SOA environment. In addition, the open and distributed nature of SOA leads to new ways of handling authentication, authorization, logging, and monitoring. Web Services are the most popular way of realizing SOA in practice, and make use of a set of standards such as WS-Security, XML Encryption, XML Signature, and SAML for handling these new security approaches. Guidelines exist for development of secure software systems, and provide recommendations for things to do or to avoid. In this thesis, I use my findings with regard to security challenges, threats, and countermeasures to create a set of security guidelines that should be applied during requirements engineering and design of a SOA. Practical use of these guidelines is demonstrated by applying them during development of a SOA-based system. This system imports personal data into multiple administrative systems managed by UNINETT FAS, and is designed using Web Services and XML-based security standards. Through this practical demonstration, I show that my guidelines can be used as a reference for making appropriate security decisions during development of a SOA.
6
Artz, Michael Lyle 1979. "NetSPA : a Network Security Planning Architecture." Thesis, Massachusetts Institute of Technology, 2002. http://hdl.handle.net/1721.1/29899.
Full textAbstract:
Thesis (M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2002.Includes bibliographical references (leaves 93-96).
Attack scenario graphs provide a concise way of displaying all possible sequences of attacks a malicious user can execute to obtain a desired goal, such as remotely achieving root undetected on a critical host machine. NETSPA, the Network Security Planning Architecture, is a C++ system that quickly generates worst-case attack graphs using a forward-chaining depth-first search of the possible attack space using actions modeled with REM, a simple attack description language. NETSPA accepts network configuration information from a database that includes host and network software types and versions, intrusion detection system placement and types, network connectivity, and firewall rulesets. It is controlled by command line inputs that determine a critical goal state, trust relationships between hosts, and maximum recursive depth. NETSPA was shown to efficiently provide easily understood attack graphs that revealed non-obvious security problems against a realistic sample network of 17 representative hosts using 23 REM defined actions. The largest useful graph was generated within 1.5 minutes of execution. NETSPA-executes faster and handles larger networks than any existing graph generation system. This allows NETSPA to be practically used in combination with other security components to develop and analyze secure networks.
by Michael Lyle Artz.
M.Eng.
7
Brown-Moorer, Charlotte A. "Traceable Enterprise Information Security Architecture Methodology." International Foundation for Telemetering, 2009. http://hdl.handle.net/10150/605972.
Full textAbstract:
ITC/USA 2009 Conference Proceedings / The Forty-Fifth Annual International Telemetering Conference and Technical Exhibition / October 26-29, 2009 / Riviera Hotel & Convention Center, Las Vegas, NevadaWith the introduction of networking into telemetry applications, these systems have become increasingly complex. This imposes significant strain on information security for architecture designs. It has been recognized that an organized or structured approach to developing security architectures is needed. Several enterprise architecture frameworks are available today that address system complexity. However they fall short of addressing security at a high enough level in the enterprise and address security too late in the design process. In this paper a methodology is proposed that bridges the gap between security requirements and architecture design development at the enterprise level. This approach is consistent with and traceable to the original needs of the customer. This paper introduces a systems engineering approach to develop an enterprise level methodology, and presents a worked example of this approach for the integrated Network Enhanced Telemetry system.
8
Bozios, Athanasios. "Fog Computing : Architecture and Security aspects." Thesis, Linnéuniversitetet, Institutionen för datavetenskap och medieteknik (DM), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-80178.
Full textAbstract:
As the number of Internet of Things (IoT) devices that are used daily is increasing, the inadequacy of cloud computing to provide neseccary IoT-related features, such as low latency, geographic distribution and location awareness, is becoming more evident. Fog computing is introduced as a new computing paradigm, in order to solve this problem by extending the cloud‟s storage and computing resources to the network edge. However, the introduction of this new paradigm is also confronted by various security threats and challenges since the security practices that are implemented in cloud computing cannot be applied directly to this new architecture paradigm. To this end, various papers have been published in the context of fog computing security, in an effort to establish the best security practices towards the standardization of fog computing. In this thesis, we perform a systematic literature review of current research in order to provide with a classification of the various security threats and challenges in fog computing. Furthermore, we present the solutions that have been proposed so far and which security challenge do they address. Finally, we attempt to distinguish common aspects between the various proposals, evaluate current research on the subject and suggest directions for future research.
9
Wang, Haiyuan. "Security Architecture for the TEAMDEC System." Thesis, Virginia Tech, 1999. http://hdl.handle.net/10919/9778.
Full textAbstract:
The prevalence of the Internet, client/server applications, Java, e-commerce, and electronic communications offers tremendous opportunities for business, education and communication, while simultaneously presenting big challenges to network security. In general, the web was designed with little concern for security. Thus, the issue of security is important in the design of network-based applications. The software architecture proposed in this thesis allows for the secure and efficient running of a team-based decision support system, specifically TEAMDEC. Based on the system's requirements and architecture, three types of possible attacks to the system are identified and a security solution is proposed that allows for user authentication, secure communication, and script access control. The implementation of these features will reduce security risk and allow effective use of the valuable system information data.Master of Science
10
Zhou, He. "High Performance Computing Architecture with Security." Diss., The University of Arizona, 2015. http://hdl.handle.net/10150/578611.
Full textAbstract:
Multi-processor embedded system is the future promise of high performance computing architecture. However, it still suffers low network efficiency and security threat. Simply upgrading to multi-core systems has been proven to provide only minor speedup compared with single core systems. Router architecture of network-on-chip (NoC) uses shared input buffers such as virtual channels and crossbar switches that only allow sequential data access. The speed and efficiency of on-chip communication is limited. In addition, the performance of conventional NoC topology is limited by routing latency and energy consumption due to its network diameter increases with the rising number of nodes. The security concern has also become a serious problem for embedded systems. Even with cryptographic algorithms, embedded systems are still very vulnerable to side channel attacks (SCAs). Among SCA approaches, power analysis is an efficient and powerful attack. Once the encryption location in an instruction sequence is identified, power analysis can be applied to exploit the embedded system. To improve on-chip network parallelism, this dissertation proposes a new router microarchitecture based on a new data structure called virtual collision array. Sequential data requests are partially eliminated in the virtual collision array before entering router pipeline. To facilitate the new router architecture, new workload assignment is applied to increase data request elimination. Through a task flow partitioning algorithm, we minimize sequential data access and then schedule tasks while minimizing the total router delay. For NoC topology, this dissertation presents a new hybrid NoC (HyNoC) architecture. We introduce an adaptive routing scheme to provide reconfigurable on-chip communication with both wired and wireless links. In addition, based on a mathematical model which established on cross-correlation, this dissertation proposes two obfuscation methodologies: Real Instruction Insertion and AES Mimic to prevent SCAs power analysis attack.
11
Komninos, Nikolaos. "Universal security architecture for future communication systems." Thesis, Lancaster University, 2003. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.413848.
Full text
12
Aldrawiesh, Khalid. "Security policy architecture for web services environment." Thesis, De Montfort University, 2012. http://hdl.handle.net/2086/7089.
Full textAbstract:
An enhanced observer is model that observes behaviour of a service and then automatically reports any changes in the state of the service to evaluator model. The e-observer observes the state of a service to determine whether it conforms to and obeys its intended behaviour or policy rules. E-observer techniques address most problems, govern and provide a proven solution that is re-usable in a similar context. This leads to an organisation and formalisation policy which is the engine of the e-observer model. Policies are used to refer to specific security rules for particular systems. They are derived from the goals of management that describe the desired behaviour of distributed heterogeneous systems and networks. These policies should be defended by security which has become a coherent and crucial issue. Security aims to protect these policies whenever possible. It is the first line of protection for resources or assets against events such as loss of availability, unauthorised access or modification of data. The techniques devised to protect information from intruders are general purpose in nature and, therefore, cannot directly enforce security that has no universal definition, the high degree of assurance of security properties of systems used in security-critical areas, such as business, education and financial, is usually achieved by verification. In addition, security policies express the protection requirements of a system in a precise and unambiguous form. They describe the requirements and mechanisms for securing the resources and assets between the sharing parties of a business transaction. However, Service-Oriented Computing (SOC) is a new paradigm of computing that considers "services" as fundamental elements for developing applications/solutions. SOC has many advantages that support IT to improve and increase its capabilities. SOC allows flexibility to be integrated into application development. This allows services to be provided in a highly distributed manner by Web services. Many organisations and enterprises have undertaken developments using SOC. Web services (WSs) are examples of SOC. WSs have become more powerful and sophisticated in recent years and are being used successfully for inter-operable solutions across various networks. The main benefit of web services is that they use machine-to-machine interaction. This leads initially to explore the "Quality" aspect of the services. Quality of Service (QoS) describes many techniques that prioritise one type of traffic or programme that operates across a network connection. Hence, QoS has rules to determine which requests have priority and uses these rules in order to specify their priority to real-time communications. In addition, these rules can be sophisticated and expressed as policies that constrain the behaviour of these services. The rules (policies) should be addressed and enforced by the security mechanism. Moreover, in SOC and in particular web services, services are black boxes where behaviour may be completely determined by its interaction with other services under confederation system. Therefore, we propose the design and implementation of the “behaviour of services,” which is constrained by QoS policies. We formulate and implement novel techniques for web service policy-based QoS, which leads to the development of a framework for observing services. These services interact with each other by verifying them in a formal and systematic manner. This framework can be used to specify security policies in a succinct and unambiguous manner; thus, we developed a set of rules that can be applied inductively to verify the set of traces generated by the specification of our model’s policy. These rules could be also used for verifying the functionality of the system. In order to demonstrate the protection features of information system that is able to specify and concisely describe a set of traces generated, we subsequently consider the design and management of Ponder policy language to express QoS and its associated based on criteria, such as, security. An algorithm was composed for analysing the observations that are constrained by policies, and then a prototype system for demonstrating the observation architecture within the education sector. Finally, an enforcement system was used to successfully deploy the prototype’s infrastructure over Web services in order to define an optimisation model that would capture efficiency requirements. Therefore, our assumption is, tracing and observing the communication between services and then takes the decision based on their behaviour and history. Hence, the big issue here is how do we ensure that some given security requirements are satisfied and enforced? The scenario here is under confederation system and based on the following: System’s components are Web-services. These components are black boxes and designed/built by various vendors. Topology is highly changeable. Consequently, the main issues are: • The proposal, design and development of a prototype of observation system that manages security policy and its associated aspects by evaluating the outcome results via the evaluator model. • Taming the design complexity of the observation system by leaving considerable degrees of freedom for their structure and behaviour and by bestowing upon them certain characteristics, and to learn and adapt with respect to dynamically changing environments.
13
Salazar, Carlos. "A security architecture for medical application platforms." Thesis, Kansas State University, 2014. http://hdl.handle.net/2097/18234.
Full textAbstract:
Master of ScienceDepartment of Computing and Information Sciences
Eugene Vasserman
The Medical Device Coordination Framework (MDCF) is an open source Medical Application Platform (MAP) that facilitates interoperability between heterogeneous medical devices. The MDCF is designed to be an open test bed for the conceptual architecture described by the Integrated Clinical Environment (ICE) interoperability standard. In contrast to existing medical device connectivity features that only provide data logging and display capabilities, a MAP such as the MDCF also allows medical devices to be controlled by apps. MAPs are predicted to enable many improvements to health care, however they also create new risks to patient safety and privacy that need to be addressed. As a result, MAPs such as the MDCF and other ICE-like systems require the integration of security features. This thesis lays the groundwork for a comprehensive security architecture within the MDCF. Specifically, we address the need for access control, device certification, communication security, and device authentication. We begin by describing a system for ensuring the trustworthiness of medical devices connecting to the MDCF. To demonstrate trustworthiness of a device, we use a chain of cryptographic certificates which uniquely identify that device and may also serve as non- forgeable proof of regulatory approval, safety testing, or compliance testing. Next, we cover the creation and integration of a pluggable, flexible authentication system into the MDCF, and evaluate the performance of proof-of-concept device authentication providers. We also discuss the design and implementation of a communication security system in the MDCF, which enables the creation and use of communication security providers which can provide data confidentiality, integrity, and authenticity. We conclude this work by presenting the requirements and a high level design for a Role-Based Access Control (RBAC) system within the MDCF.
14
SANTHANAM, LAKSHMI. "Integrated Security Architecture for Wireless Mesh Networks." University of Cincinnati / OhioLINK, 2008. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1202846575.
Full text
15
Friis, Ulla. "The European Security Architecture : the interaction between security institutions and national interest." Thesis, University of Kent, 2006. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.429791.
Full text
16
Edmison, Joshua Nathaniel. "Hardware Architectures for Software Security." Diss., Virginia Tech, 2006. http://hdl.handle.net/10919/29244.
Full textAbstract:
The need for hardware-based software protection stems primarily from the increasing value of software coupled with the inability to trust software that utilizes or manages shared resources. By correctly utilizing security functions in hardware, trust can be removed from software.
Existing hardware-based software protection solutions generally suffer from utilization of trusted software, lack of implementation, and/or extreme measures such as processor redesign. In contrast, the research outlined in this document proposes that substantial, hardware-based software protection can be achieved, without trusting software or redesigning the processor, by augmenting existing processors with security management hardware placed outside of the processor boundary. Benefits of this approach include the ability to add security features to nearly any processor, update security features without redesigning the processor, and provide maximum transparency to the software development and distribution processes. The major contributions of this research include the the augmentation methodology, design principles, and a graph-based method for analyzing hardware-based security systems.Ph. D.
17
Kalibjian, Jeffrey R. "The Impact of the Common Data Security Architecture (CDSA) on Telemetry Post Processing Architectures." International Foundation for Telemetering, 1999. http://hdl.handle.net/10150/608706.
Full textAbstract:
International Telemetering Conference Proceedings / October 25-28, 1999 / Riviera Hotel and Convention Center, Las Vegas, NevadaIt is an increasing requirement that commercial satellite telemetry data product be protected from unauthorized access during transmission to ground stations. While the technology (cryptography) to secure telemetry data product is well known, the software infrastructure to support such security is costly, and very customized. Further, many software packages have difficulty interoperating. The Common Data Security Architecture [1] [2] [3] (originally proposed by the Intel Corporation, and now adopted by the Open Group), is a set of common cryptographic [4] and public key infrastructure (PKI) application programming interfaces (APIs) which will facilitate better cryptographic interoperability as well as making cryptographic resources more readily available in telemetry post processing environments.
18
Cooper, Andrew. "Towards a trusted grid architecture." Thesis, University of Oxford, 2010. http://ora.ox.ac.uk/objects/uuid:42268964-c1db-4599-9dbc-a1ceb1015ef1.
Full textAbstract:
The malicious host problem is challenging in distributed systems such as grids and clouds. Rival organisations may share the same physical infrastructure. Administrators might deliberately or accidentally compromise users' data. The thesis concerns the development of a security architecture that allows users to place a high degree of trust in remote systems to process their data securely. The problem is tackled through a new security layer that ensures users' data can only be accessed within a trusted execution environment. Access to encrypted programs and data is authorised by a key management service using trusted computing attestation. Strong data integrity and confidentiality protection on remote hosts is provided by the job security manager virtual machine. The trusted grid architecture supports the enforcement of digital rights management controls. Subgrids allow users to define a strong trusted boundary for delegated grid jobs. Recipient keys enforce a trusted return path for job results to help users create secure grid workflows. Mandatory access controls allow stakeholders to mandate the software that is available to grid users. A key goal of the new architecture is backwards compatibility with existing grid infrastructure and data. This is achieved using a novel virtualisation architecture where the security layer is pushed down to the remote host, so it does not need to be pre-installed by the service provider. A new attestation scheme, called origin attestation, supports the execution of unmodified, legacy grid jobs. These features will ease the transition to a trusted grid and help make it practical for deployment on a global scale.
19
Hu, Ji. "A virtual machine architecture for IT-security laboratories." Phd thesis, [S.l.] : [s.n.], 2006. http://deposit.ddb.de/cgi-bin/dokserv?idn=980935652.
Full text
20
Kahvazadeh, Sarang. "Security architecture for Fog-To-Cloud continuum system." Doctoral thesis, Universitat Politècnica de Catalunya, 2019. http://hdl.handle.net/10803/668000.
Full textAbstract:
Nowadays, by increasing the number of connected devices to Internet rapidly, cloud computing cannot handle the real-time processing. Therefore, fog computing was emerged for providing data processing, filtering, aggregating, storing, network, and computing closer to the users. Fog computing provides real-time processing with lower latency than cloud. However, fog computing did not come to compete with cloud, it comes to complete the cloud. Therefore, a hierarchical Fog-to-Cloud (F2C) continuum system was introduced. The F2C system brings the collaboration between distributed fogs and centralized cloud. In F2C systems, one of the main challenges is security. Traditional cloud as security provider is not suitable for the F2C system due to be a single-point-of-failure; and even the increasing number of devices at the edge of the network brings scalability issues. Furthermore, traditional cloud security cannot be applied to the fog devices due to their lower computational power than cloud. On the other hand, considering fog nodes as security providers for the edge of the network brings Quality of Service (QoS) issues due to huge fog device’s computational power consumption by security algorithms. There are some security solutions for fog computing but they are not considering the hierarchical fog to cloud characteristics that can cause a no-secure collaboration between fog and cloud. In this thesis, the security considerations, attacks, challenges, requirements, and existing solutions are deeply analyzed and reviewed. And finally, a decoupled security architecture is proposed to provide the demanded security in hierarchical and distributed fashion with less impact on the QoS.Hoy en día, al aumentar rápidamente el número de dispositivos conectados a Internet, el cloud computing no puede gestionar el procesamiento en tiempo real. Por lo tanto, la informática de niebla surgió para proporcionar procesamiento de datos, filtrado, agregación, almacenamiento, red y computación más cercana a los usuarios. La computación nebulizada proporciona procesamiento en tiempo real con menor latencia que la nube. Sin embargo, la informática de niebla no llegó a competir con la nube, sino que viene a completar la nube. Por lo tanto, se introdujo un sistema continuo jerárquico de niebla a nube (F2C). El sistema F2C aporta la colaboración entre las nieblas distribuidas y la nube centralizada. En los sistemas F2C, uno de los principales retos es la seguridad. La nube tradicional como proveedor de seguridad no es adecuada para el sistema F2C debido a que se trata de un único punto de fallo; e incluso el creciente número de dispositivos en el borde de la red trae consigo problemas de escalabilidad. Además, la seguridad tradicional de la nube no se puede aplicar a los dispositivos de niebla debido a su menor poder computacional que la nube. Por otro lado, considerar los nodos de niebla como proveedores de seguridad para el borde de la red trae problemas de Calidad de Servicio (QoS) debido al enorme consumo de energía computacional del dispositivo de niebla por parte de los algoritmos de seguridad. Existen algunas soluciones de seguridad para la informática de niebla, pero no están considerando las características de niebla a nube jerárquica que pueden causar una colaboración insegura entre niebla y nube. En esta tesis, las consideraciones de seguridad, los ataques, los desafíos, los requisitos y las soluciones existentes se analizan y revisan en profundidad. Y finalmente, se propone una arquitectura de seguridad desacoplada para proporcionar la seguridad exigida de forma jerárquica y distribuida con menor impacto en la QoS.
21
Gudlaugsson, Rúnar. "Using security protocols to extend the FiLDB architecture." Thesis, University of Skövde, Department of Computer Science, 2002. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-640.
Full textAbstract:
With the escalating growth of e-commerce in today’s society, many e-commerce sites have emerged that offer products on the Internet. To be able to verify orders from customers, some sites require sensitive information from their customers such as credit card details that is stored in their databases. The security of these sites has become the concern of many and it is a common opinion among the public that such sites cannot be trusted.
The FiLDB architecture presents an interesting approach for increasing the security of Internet connected databases. This approach is, in short, based on firewall protection; one external firewall protecting an external network, which in turn is connected to an internal network, which was protected by a internal firewall. A database is kept on each network. There are however few issues that are unsolved in the FiLDB architecture. One of them and the problem that is covered in this report is how a user could securely insert, modify and fetch sensitive data into the internal database which stores the sensitive data.
In this work a few selected cryptographic protocols are studied by evaluating them with respect to five security criteria: confidentiality, authentication, integrity, key management and nonrepudiation. The initial selection of cryptographic protocols is mainly based on applicability in e-commerce systems. Based on the evaluation, one of the protocols is chosen to be implemented with the FiLDB architecture and then the extended architecture was evaluated.
This project shows that, by integrating a security protocol into architectures such as the FiLDB, the security of the system can be increased substantially.
22
Srivatsa, Mudhakar. "Security Architecture and Protocols for Overlay Network Services." Diss., Georgia Institute of Technology, 2007. http://hdl.handle.net/1853/16284.
Full textAbstract:
Conventional wisdom suggests that in order to build a secure system, security must be an integral component in the system design. However, cost considerations drive most system designers to channel their efforts on the system's performance, scalability and usability. With little or no emphasis on security, such systems are vulnerable to a wide range of attacks that can potentially compromise confidentiality, integrity and availability of sensitive data. It is often cumbersome to redesign and implement massive systems with security as one of the primary design goals. This thesis advocates a proactive approach that cleanly retrofits security solutions into existing system architectures. The first step in this approach is to identify security threats, vulnerabilities and potential attacks on a system or an application. The second step is to develop security tools in the form of customizable and configurable plug-ins that address these security issues and minimally modify existing system code, while preserving its performance and scalability metrics.
This thesis uses overlay network applications to shepherd through and address challenges involved in supporting security in large scale distributed systems. In particular, the focus is on two popular applications: publish/subscribe networks and VoIP networks. Our work on VoIP networks has for the first time identified and formalized caller identification attacks on VoIP networks. We have identified two attacks: a triangulation based timing attack on the VoIP network's route set up protocol and a flow analysis attack on the VoIP network's voice session protocol. These attacks allow an external observer (adversary) to uniquely (nearly) identify the true caller (and receiver) with high probability. Our work on the publish/subscribe networks has resulted in the development of an unified framework for handling event confidentiality, integrity, access control and DoS attacks, while incurring small overhead on the system. We have proposed a key isomorphism paradigm to preserve the confidentiality of events on publish/subscribe networks while permitting scalable content-based matching and routing. Our work on overlay network security has resulted in a novel information hiding technique on overlay networks. Our solution represents the first attempt to transparently hide the location of data items on an overlay network.
23
Wang, Sheng. "An Architecture for the AES-GCM Security Standard." Thesis, University of Waterloo, 2006. http://hdl.handle.net/10012/2885.
Full textAbstract:
The forth recommendation of symmetric block cipher mode of operation SP800-38D, Galois/Counter Mode of Operation (GCM) was developed by David A McGrew and John Viega. GCM uses an approved symmetric key block cipher with a block size of 128 bits and a universal hashing over a binary Galois field to provide confidentiality and authentication. It is built specifically to support very high data rates as it can take advantage of pipelining and parallel processing techniques. Before GCM, SP800-38A only provided confidentiality and SP800-38B provided authentication. SP800-38C provided confidentiality using the counter mode and authentication. However the authentication technique in SP800-38C was not parallelizable and slowed down the throughput of the cipher. Hence, none of these three recommendations were suitable for high speed network and computer system applications.
With the advent of GCM, authenticated encryption at data rates of several Gbps is now practical, permitting high grade encryption and authentication on systems which previously could not be fully protected. However there have not yet been any published results on actual architectures for this standard based on FPGA technology.
This thesis presents a fully pipelined and parallelized hardware architecture for AES-GCM which is GCM running under symmetric block cipher AES on a FPGA multi-core platform corresponding to the IPsec ESP data flow.
The results from this thesis show that the round transformations of confidentiality and hash operations of authentication in AES-GCM can cooperate very efficiently within this pipelined architecture. Furthermore, this AES-GCM hardware architecture never unnecessarily stalls data pipelines. For the first time this thesis provides a complete FPGA-based high speed architecture for the AES-GCM standard, suitable for high speed embedded applications.
24
Zhang, Min. "Development of security features for the FIPA architecture." Thesis, University of Ottawa (Canada), 2001. http://hdl.handle.net/10393/6081.
Full textAbstract:
In a highly heterogeneous computing environment, interoperability among different agent platforms is made possible by the Foundation for Intelligent Physical Agent (FIPA) specification. As long as they are all FIPA-compliant, agents of different systems or providers can communicate and interact directly using Agent Communication Language (ACL). However, neither the FIPA specification nor most of its implementations such as FIPA-OS (FIPA Open Source) fully address potential security threats to agents and agent platforms. In this thesis, we discuss the security concerns in FIPA and propose a two-layer architecture to add security features: a basic FIPA-OS agent platform as the management and communication infrastructure, and a security layer as the security extension. This architecture provides agents with two security-related services: a secure communication service and a secure execution environment service. The secure communication service prevents any eavesdropping or interference from the outside network. The secure execution environment service protects server resources and agent services from unauthorized access. The architecture's design and components are also described in terms of the two security services. In addition, this thesis describes a trust model of the two-layer architecture, which consists of a set of assumptions concerning the relationships of all entities.
25
Meng, Huan. "Security Architecture and Services for The Bitcoin System." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-177022.
Full textAbstract:
Bitcoin is a digital currency which is based on P2P network and open source software. It is avirtual currency without any control by any centralized organization. New Bitcoins are issuedby lots of specified algorithms. The whole Bitcoin network utilizes the distributed database toverify and record all the transactions through the nodes in the P2P network in which thedouble spending is prevented. No person or organization is able to control Bitcoin based on adecentralized P2P network and algorithm. The cryptographic functions of Bitcoin are designedto allow only the real Bitcoin owner to pay and transfer, and ensure the anonymity andmarketability.The purpose of this thesis is to analyze the security architecture and services for the Bitcoin system and describe of all the features and infrastructures of the whole Bitcoin network. A whole establishment demo including wallet client, mining server with GUI and mining client is implemented. Further improvement will be suggested and recommended for the system
26
Umeh, Njideka Adaku. "Security architecture methodology for large net-centric systems." Diss., Rolla, Mo. : University of Missouri-Rolla, 2007. http://scholarsmine.mst.edu/thesis/Umeh_09007dcc8049b3f0.pdf.
Full textAbstract:
Thesis (M.S.)--University of Missouri--Rolla, 2007.Vita. The entire thesis text is included in file. Title from title screen of thesis/dissertation PDF file (viewed December 6, 2007) Includes bibliographical references (p. 60-63).
27
Schmidt, Michael [Verfasser]. "A Security Architecture for Roving Consumers / Michael Schmidt." Aachen : Shaker, 2005. http://d-nb.info/1186577495/34.
Full text
28
Shepherd, Simon John. "A distributed security architecture for large scale systems." Thesis, University of Plymouth, 1992. http://hdl.handle.net/10026.1/2143.
Full textAbstract:
This thesis describes the research leading from the conception, through development, to the practical implementation of a comprehensive security architecture for use within, and as a value-added enhancement to, the ISO Open Systems Interconnection (OSI) model. The Comprehensive Security System (CSS) is arranged basically as an Application Layer service but can allow any of the ISO recommended security facilities to be provided at any layer of the model. It is suitable as an 'add-on' service to existing arrangements or can be fully integrated into new applications. For large scale, distributed processing operations, a network of security management centres (SMCs) is suggested, that can help to ensure that system misuse is minimised, and that flexible operation is provided in an efficient manner. The background to the OSI standards are covered in detail, followed by an introduction to security in open systems. A survey of existing techniques in formal analysis and verification is then presented. The architecture of the CSS is described in terms of a conceptual model using agents and protocols, followed by an extension of the CSS concept to a large scale network controlled by SMCs. A new approach to formal security analysis is described which is based on two main methodologies. Firstly, every function within the system is built from layers of provably secure sequences of finite state machines, using a recursive function to monitor and constrain the system to the desired state at all times. Secondly, the correctness of the protocols generated by the sequences to exchange security information and control data between agents in a distributed environment, is analysed in terms of a modified temporal Hoare logic. This is based on ideas concerning the validity of beliefs about the global state of a system as a result of actions performed by entities within the system, including the notion of timeliness. The two fundamental problems in number theory upon which the assumptions about the security of the finite state machine model rest are described, together with a comprehensive survey of the very latest progress in this area. Having assumed that the two problems will remain computationally intractable in the foreseeable future, the method is then applied to the formal analysis of some of the components of the Comprehensive Security System. A practical implementation of the CSS has been achieved as a demonstration system for a network of IBM Personal Computers connected via an Ethernet LAN, which fully meets the aims and objectives set out in Chapter 1. This implementation is described, and finally some comments are made on the possible future of research into security aspects of distributed systems.
29
Barros, Bruno Medeiros de. "Security architecture for network virtualization in cloud computing." Universidade de São Paulo, 2016. http://www.teses.usp.br/teses/disponiveis/3/3141/tde-18012017-094453/.
Full textAbstract:
Network virtualization has been a quite active research area in the last years, aiming to tackle the increasing demand for high performance and secure communication in cloud infrastructures. In special, such research eforts have led to security solutions focused on improving isolation among multiple tenant of public clouds, an issue recognized as critical both by the academic community and by the technology Industry. More recently, the advent of Software-Defined Networks (SDN) and of Network Function Virtualization (NFV) introduced new concepts and techniques for addressing issues related to the isolation of network resources in multi-tenant clouds while improving network manageability and flexibility. Similarly, hardware technologies such as Single Root I/O Virtualization (SR-IOV) enable network isolation in the hardware level while improving performance in physical and virtual networks. Aiming to provide a cloud network environment that effciently tackles multi-tenant isolation, we present three complementary strategies for addressing the isolation of resources in cloud networks. These strategies are then applied in the evaluation of existing network virtualization architectures, exposing the security gaps associated to current technologies, and paving the path for novel solutions. We then propose a security architecture that builds upon the strategies presented, as well as upon SDN, NFV and SR-IOV technologies, to implement secure cloud network domains. The theoretical and experimental analyses of the resulting architecture show a considerable reduction of the attack surface in tenant networks, with a small impact over tenants\' intra-domain and inter-domain communication performance.Virtualização de redes é uma área de pesquisa que tem ganho bastante atenção nos últimos anos, motivada pela necessidade de se implementar sistemas de comunicação seguros e de alta performance em infraestruturas de computação em nuvem. Em particular, os esforços de pesquisa nesta área têm levado ao desenvolvimento de soluções de segurança que visam aprimorar o isolamento entre os múltiplos inquilinos de sistemas de computação em nuvem públicos, uma demanda reconhecidamente crítica tanto pela comunidade acadêmica quanto pela indústria de tecnologia. Mais recentemente, o advento das Redes Definidas por Software (do inglês Software-Defined Networks - SDN) e da Virtualização de Funções de Rede (do inglês Network Function Virtualization - NFV) introduziu novos conceitos e técnicas que podem ser utilizadas para abordar questões de isolamento de redes virtualizadas em sistemas de computação em nuvem com múltiplos inquilinos, enquanto aprimoram a capacidade de gerenciamento e a flexibilidade de suas redes. Similarmente, tecnologias de virtualização assistida por hardware como Single Root I/O Virtualization - SR-IOV permitem a implementação do isolamento de recursos de hardware, melhorando o desempenho de redes físicas e virtualizadas. Com o intuito de implementar uma solução de virtualização de redes que aborda de maneira eficiente o problema de isolamento entre múltiplos inquilinos, nós apresentamos três estratégias complementares para o isolamento de recursos de rede em sistemas computação em nuvem. As estratégias apresentadas são então aplicadas na avaliação de arquiteturas de virtualização de rede existentes, revelando lacunas de segurança associadas às tecnologias utilizadas atualmente, e abrindo caminho para o desenvolvimento de novas soluções. Nós então propomos uma arquitetura de segurança que utiliza as estratégias apresentadas, e tecnologias como SDN, NFV e SR-IOV, para implementar domínios de rede seguros. As análises teórica e experimental da arquitetura proposta mostram considerável redução das superfícies de ataque em redes virtualizadas, com um pequeno impacto sobre o desempenho da comunicação entre máquinas virtuais de inquilinos da nuvem.
30
Covington, Michael J. "A flexible security architecture for pervasive computing environments." Diss., Available online, Georgia Institute of Technology, 2004:, 2004. http://etd.gatech.edu/theses/available/etd-06072004-131113/unrestricted/covington%5Fmichael%5Fj%5F200405%5Fphd.pdf.
Full text
31
Vendelson, Fanny. "Women's Co-housing : Solidarity for security." Thesis, Umeå universitet, Arkitekthögskolan vid Umeå universitet, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:umu:diva-160091.
Full text
32
Kaynar, Kaan. "Design And Implementation Of An Open Security Architecture For A Software-based Security Module." Master's thesis, METU, 2009. http://etd.lib.metu.edu.tr/upload/2/12610584/index.pdf.
Full textAbstract:
Main purpose of this thesis work is to design a comprehensive and open security architecture whose desired parts could be realized on a general-purpose embedded computer without any special cryptography hardware. The architecture provides security mechanisms that implement known cryptography techniques, operations of some famous network security protocols and appropriate system security methods. Consequently, a server machine may offload a substantial part of its security processing tasks to an embedded computer realizing the architecture. The mechanisms provided can be accessed by a server machine using a client-side API and via a secure protocol which provides message integrity and peer authentication. To demonstrate the practicability of the security architecture, a set of its security mechanisms was realized on an embedded PC/104-plus computer. A server machine was connected to and requested mechanisms from the embedded
computer over the Ethernet network interface. Four types of performance parameters were measured. They arenumber of executions of a symmetric encryption method by the embedded computer per second, number of executions of a public-key signing method by the embedded computer per second, footprint of the implementation on the embedded computer memory, and the embedded computer CPU power utilized by the implementation. Apart from various security mechanisms and the secure protocol via which they can be accessed, the architecture defines a reliable software-based method for protection and storage of secret information belonging to clients.
33
Franke, Benedikt. "Rethinking complex security cooperation with special reference to Africa's emerging peace and security architecture." Thesis, University of Cambridge, 2008. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.612245.
Full text
34
Tallos, Gregory T. D. "Equanimity of Security." University of Cincinnati / OhioLINK, 2009. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1242842315.
Full text
35
Hayton, Richard. "An open architecture for secure interworking services." Thesis, University of Cambridge, 1995. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.313860.
Full text
36
Hu, Ji, Dirk Cordel, and Christoph Meinel. "A virtual machine architecture for creating IT-security laboratories." Universität Potsdam, 2006. http://opus.kobv.de/ubp/volltexte/2009/3307/.
Full textAbstract:
E-learning is a flexible and personalized alternative to traditional education. Nonetheless, existing e-learning systems for IT security education have difficulties in delivering hands-on experience because of the lack of proximity. Laboratory environments and practical exercises are indispensable instruction tools to IT security education, but security education in con-ventional computer laboratories poses the problem of immobility as well as high creation and maintenance costs. Hence, there is a need to effectively transform security laboratories and practical exercises into e-learning forms.
This report introduces the Tele-Lab IT-Security architecture that allows students not only to learn IT security principles, but also to gain hands-on security experience by exercises in an online laboratory environment. In this architecture, virtual machines are used to provide safe user work environments instead of real computers. Thus, traditional laboratory environments can be cloned onto the Internet by software, which increases accessibilities to laboratory resources and greatly reduces investment and maintenance costs.
Under the Tele-Lab IT-Security framework, a set of technical solutions is also proposed to provide eective functionalities, reliability, security, and performance. The virtual machines with appropriate resource allocation, software installation, and system congurations are used to build lightweight security laboratories on a hosting computer. Reliability and availability
of laboratory platforms are covered by the virtual machine management framework. This management framework provides necessary monitoring and administration services to detect and recover critical failures of virtual machines at run time. Considering the risk that virtual machines can be misused for compromising production networks, we present security management solutions to prevent misuse of laboratory resources by security isolation at the system
and network levels.
This work is an attempt to bridge the gap between e-learning/tele-teaching and practical IT security education. It is not to substitute conventional teaching in laboratories but to add practical features to e-learning. This report demonstrates the possibility to implement hands-on security laboratories on the Internet reliably, securely, and economically.
37
Kalibjian, Jeff. "Data Security Architecture Considerations for Telemetry Post Processing Environments." International Foundation for Telemetering, 2017. http://hdl.handle.net/10150/626950.
Full textAbstract:
Telemetry data has great value, as setting up a framework to collect and gather it involve significant costs. Further, the data itself has product diagnostic significance and may also have strategic national security importance if the product is defense or intelligence related. This potentially makes telemetry data a target for acquisition by hostile third parties. To mitigate this threat, data security principles should be employed by the organization to protect telemetry data. Data security is in an important element of a layered security strategy for the enterprise. The value proposition centers on the argument that if organization perimeter/internal defenses (e.g. firewall, IDS, etc.) fail enabling hostile entities to be able to access data found on internal company networks; they will be unable to read the data because it will be encrypted.
After reviewing important encryption background including accepted practices, standards, and architectural considerations regarding disk, file, database and application data protection encryption strategies; specific data security options applicable to telemetry post processing environments will be discussed providing tangible approaches to better protect organization telemetry data.
38
Gutmann, Peter. "The Design and Verification of a Cryptographic Security Architecture." Thesis, University of Auckland, 2000. http://hdl.handle.net/2292/2310.
Full textAbstract:
A cryptographic security architecture constitutes the collection of hardware and software which protects and controls the use of encryption keys and similar cryptovariables. This thesis presents a design for a portable, flexible high-security architecture based on a traditional computer security model. Behind the API it consists of a kernel implementing a reference monitor which controls access to security-relevant objects and attributes based on a configurable security policy. Layered over the kernel are various objects which abstract core functionality such as encryption and digital signature capabilities, certificate management and secure sessions and data enveloping (email encryption). The kernel itself uses a novel design which bases its security policy on a collection of filter rules enforcing a cryptographic module-specific security policy. Since the enforcement mechanism (&e kernel) is completely independent of the policy database (the filter rules), it is possible to change the behaviour of the architecture by updating the policy database without having to make any changes to the kernel itself. This clear separation of policy and mechanism contrasts with current cryptographic security architecture approaches which, if they enforce controls at all, hardcode them into the implementation, making it difficult to either change the controls to meet application-specific requirements or to assess and verify them. To provide assurance of the correctness of the implementation, this thesis presents a design and implementation process which has been selected to allow the implementation to be verified in a manner which can reassure an outsider that it does indeed function as required. In addition to producing verification evidence which is understandable to the average user, the verification process for an implementation needs to be fully automated and capable of being taken down to the level of running code, an approach which is currently impossible with traditional methods. The approach presented here makes it possible to perform verification at this level, something which had previously been classed as "beyond Al" (that is, not achievable using any known technology). The versatility of the architecture presented here has been proven through its use in implementations ranging from l6-bit microcontrollers through to supercomputers, as well as a number of unusual areas such as security modules in ATMs and cryptographic coprocessors for general-purpose computers.Note: Updated version of the thesis now published as Gutmann, P (2004). Cryptographic security architecture: design and verification. New York: Springer. ISBN 9780387953876.
39
Gaspar, Lubos. "Crypto-processor - architecture, programming and evaluation of the security." Phd thesis, Université Jean Monnet - Saint-Etienne, 2012. http://tel.archives-ouvertes.fr/tel-00978472.
Full textAbstract:
Architectures of cryptographic processors and coprocessors are often vulnerable to different kinds of attacks, especially those targeting the disclosure of encryption keys. It is well known that manipulating confidential keys by the processor as ordinary data can represent a threat: a change in the program code (malicious or unintentional) can cause the unencrypted confidential key to leave the security area. This way, the security of the whole system would be irrecoverably compromised. The aim of our work was to search for flexible and reconfigurable hardware architectures, which can provide high security of confidential keys during their generation, storage and exchange while implementing common symmetric key cryptographic modes and protocols. In the first part of the manuscript, we introduce the bases of applied cryptography and of reconfigurable computing that are necessary for better understanding of the work. Second, we present threats to security of confidential keys when stored and processed within an embedded system. To counteract these threats, novel design rules increasing robustness of cryptographic processors and coprocessors against software attacks are presented. The rules suggest separating registers dedicated to key storage from those dedicated to data storage: we propose to partition the system into the data, cipher and key zone and to isolate the zones from each other at protocol, system, architectural and physical levels. Next, we present a novel HCrypt crypto-processor complying with the separation rules and thus ensuring secure key management. Besides instructions dedicated to secure key management, some additional instructions are dedicated to easy realization of block cipher modes and cryptographic protocols in general. In the next part of the manuscript, we show that the proposed separation principles can be extended also to a processor-coprocessor architecture. We propose a secure crypto-coprocessor, which can be used in conjunction with any general-purpose processor. To demonstrate its flexibility, the crypto-coprocessor is interconnected with the NIOS II, MicroBlaze and Cortex M1 soft-core processors. In the following part of the work, we examine the resistance of the HCrypt cryptoprocessor to differential power analysis (DPA) attacks. Following this analysis, we modify the architecture of the HCrypt processor in order to simplify its protection against side channel attacks (SCA) and fault injection attacks (FIA). We show that by rearranging blocks of the HCrypt processor at macroarchitecture level, the new HCrypt2 processor becomes natively more robust to DPA and FIA. Next, we study possibilities of dynamically reconfiguring selected parts of the processor - crypto-coprocessor architecture. The dynamic reconfiguration feature can be very useful when the cipher algorithm or its implementation must be changed in response to appearance of some vulnerability. Finally, the last part of the manuscript is dedicated to thorough testing and optimizations of both versions of the HCrypt crypto-processor. Architectures of crypto-processors and crypto-coprocessors are often vulnerable to software attacks targeting the disclosure of encryption keys. The thesis introduces separation rules enabling crypto-processor/coprocessors to support secure key management. Separation rules are implemented on novel HCrypt crypto-processor resistant to software attacks targetting the disclosure of encryption keys
40
Chivukula, Venkata Ramakrishna. "Detecting Cyber Security Anti-Patterns in System Architecture Models." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-293027.
Full textAbstract:
Organizations across the world have been on the receiving end of large-scale cyber-attacks. Over time, the number and the success of these attacks have grown to a high level. To prepare for these attacks, organizations have to test the resilience of their infrastructures. One way to manage the risk of these attacks and to ensure security is the use of threat modeling. Through threat modeling, organizations can analyze their infrastructure and identify vulnerabilities. The vulnerabilities then have to be patched to improve the overall security posture of the organization. When modeled, these vulnerabilities can occur in different forms. Certain vulnerabilities are specific to certain components in the system. On the other hand, some deficiencies occur in conjunction with multiple assets in the infrastructure. These are called structural deficiencies. Identifying and mitigating these structural deficiencies is very important. In this thesis, structural deficiencies are described and a catalog of some deficiencies is built through a survey. The deficiencies and the catalog are developed towork with Foreseeti AB’s securiCADmodeling software. Further, a deficiency model is defined that can enable description and search of these deficiencies in securiCAD models. Using the description model, all occurrences of the deficiency can be found. These occurrences then can be replaced with structural improvements. The improved securiCAD models are then tested with simulations. The results from the simulations show that the structural improvements are useful in significantly reducing the Time-To-Compromise (TTC) of important assets. Using the catalog and the deficiency model, system administrators can identify deficiencies and test the effect of different improvements in the securiCAD model which can then be applied to the actual infrastructure.Organisationer över hela världen har blivit måltavlor för storskaliga cyberattacker. Över tid har antalet framgångsrika attacker vuxit till en hög nivå. Som en förberedelse för dessa attacker måste organisationer testa sin infrastrukturs motståndskraft. Ett sätt att hantera risken för dessa attacker och säkerställa säkerhet är användningen av hotmodellering och attacksimuleringar. Genom hotmodellering och attacksimuleringar kan organisationer analysera egenskaperna för informationssäkerhet i sin infrastruktur och identifiera svaga punkter. Svagheterna måste sedan hanteras för att förbättra organisationens övergripande säkerhetsposition. När de modelleras kan dessa svagheter förekomma i olika former. Vissa är komponentspecifika och lokala till ett objekt i infrastrukturen. Dessa kan hanteras med hjälp av försvar som definieras i securi- CAD. Andra svagheter kan uppstå genom relationerna mellan flera objekt i infrastrukturen. Dessa kallas strukturella svagheter. Att identifiera och mildra dessa strukturella svagheter är mycket viktigt. I denna avhandling beskrivs strukturella svagheter och en katalog med svagheter har byggts upp. Vidare definieras en modell som möjliggör beskrivning av dessa svagheter och möjliggör identifiering av svagheter i securiCADmodeller. Med hjälp av beskrivningsmodellen kan alla förekomster av bristen hittas. Dessa händelser kan sedan ersättas med strukturella förbättringar. De förbättrade securiCAD-modellerna analyseras sedan. Resultaten visar att de strukturella förbättringarna är användbara för att avsevärt minska Time-To- Compromise (TTC) för viktiga tillgångar. Med hjälp av katalogen och modellen kan systemadministratörer identifiera svagheter och testa effekten av olika förbättringar i securiCAD-modellen som sedan kan tillämpas på den faktiska infrastrukturen.
41
Wailly, Aurélien. "End-to-end security architecture for cloud computing environments." Thesis, Evry, Institut national des télécommunications, 2014. http://www.theses.fr/2014TELE0020/document.
Full textAbstract:
La virtualisation des infrastructures est devenue un des enjeux majeurs dans la recherche, qui fournissent des consommations d'énergie moindres et des nouvelles opportunités. Face à de multiples menaces et des mécanismes de défense hétérogènes, l'approche autonomique propose une gestion simplifiée, robuste et plus efficace de la sécurité du cloud. Aujourd'hui, les solutions existantes s'adaptent difficilement. Il manque des politiques de sécurité flexibles, une défense multi-niveaux, des contrôles à granularité variable, ou encore une architecture de sécurité ouverte. Ce mémoire présente VESPA, une architecture d'autoprotection pour les infrastructures cloud. VESPA est construit autour de politiques qui peuvent réguler la sécurité à plusieurs niveaux. La coordination flexible entre les boucles d'autoprotection réalise un large spectre de stratégies de sécurité comme des détections et des réactions sur plusieurs niveaux. Une architecture extensible multi plans permet d'intégrer simplement des éléments déjà présents. Depuis peu, les attaques les plus critiques contre les infrastructures cloud visent la brique la plus sensible: l'hyperviseur. Le vecteur d'attaque principal est un pilote de périphérique mal confiné. Les mécanismes de défense mis en jeu sont statiques et difficile à gérer. Nous proposons une approche différente avec KungFuVisor, un canevas logiciel pour créer des hyperviseurs autoprotégés spécialisant l'architecture VESPA. Nous avons montré son application à trois types de protection différents : les attaques virales, la gestion hétérogène multi-domaines et l'hyperviseur. Ainsi la sécurité des infrastructures cloud peut être améliorée grâce à VESPASince several years the virtualization of infrastructures became one of the major research challenges, consuming less energy while delivering new services. However, many attacks hinder the global adoption of Cloud computing. Self-protection has recently raised growing interest as possible element of answer to the cloud computing infrastructure protection challenge. Yet, previous solutions fall at the last hurdle as they overlook key features of the cloud, by lack of flexible security policies, cross-layered defense, multiple control granularities, and open security architectures. This thesis presents VESPA, a self-protection architecture for cloud infrastructures. Flexible coordination between self-protection loops allows enforcing a rich spectrum of security strategies. A multi-plane extensible architecture also enables simple integration of commodity security components.Recently, some of the most powerful attacks against cloud computing infrastructures target the Virtual Machine Monitor (VMM). In many case, the main attack vector is a poorly confined device driver. Current architectures offer no protection against such attacks. This thesis proposes an altogether different approach by presenting KungFuVisor, derived from VESPA, a framework to build self-defending hypervisors. The result is a very flexible self-protection architecture, enabling to enforce dynamically a rich spectrum of remediation actions over different parts of the VMM, also facilitating defense strategy administration. We showed the application to three different protection scheme: virus infection, mobile clouds and hypervisor drivers. Indeed VESPA can enhance cloud infrastructure security
42
Radmand, Pedram. "An architecture framework for enhanced wireless sensor network security." Thesis, Curtin University, 2012. http://hdl.handle.net/20.500.11937/2095.
Full textAbstract:
This thesis develops an architectural framework to enhance the security of Wireless Sensor Networks (WSNs) and provides the implementation proof through different security countermeasures, which can be used to establish secure WSNs, in a distributed and self-healing manner. Wireless Sensors are used to monitor and control environmental properties such as sound, acceleration, vibration, air pollutants, and temperature. Due to their limited resources in computation capability, memory and energy, their security schemes are susceptible to many kinds of security vulnerabilities. This thesis investigated all possible network attacks on WSNs and at the time of writing, 19 different types of attacks were identified, all of which are discussed including exposures to the attacks, and the impact of those attacks. The author then utilises this work to examine the ZigBee series, which are the new generation of wireless sensor network products with built-in layered security achieved by secure messaging using symmetric cryptography. However, the author was able to uniquely identify several security weaknesses in ZigBee by examining its protocol and launching the possible attacks. It was found that ZigBee is vulnerable to the following attacks, namely: eavesdropping, replay attack, physical tampering and Denial of Services (DoS). The author then provides solutions to improve the ZigBee security through its security schema, including an end-to-end WSN security framework, architecture design and sensor configuration, that can withstand all types of attacks on the WSN and mitigate ZigBee’s WSN security vulnerabilities.
43
Muresu, Daniel. "Investigating the security of a microservices architecture : A case study on microservice and Kubernetes Security." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-302579.
Full textAbstract:
The concept of breaking down a bigger application into smaller components is not a new idea, but it has been more commonly adopted in recent years due to the rise of the microservice application architecture. What has not been elaborated on enough however, is the security of the microservice architecture and how it differs from a monolithic application architecture. This leads to question what the most relevant security vulnerabilities of integrating and using a microservice architecture are, and what the correlating metrics that can be used to detect intrusions based on the vulnerabilities can be. In this report, the security of the microservice architecture is elaborated on in a case study of the system at Skatteverket, the Swedish tax agency, which is a microservice based architecture running on Kubernetes. Interviews are conducted with people that have experience in Kubernetes and microservices separately, both employed at Skatteverket and elsewhere. In the interviews, vulnerabilities and intrusion detection metrics are identified, which are then analyzed with respect to a use case in the Skatteverket system. A survey is also done on the existing technologies that can mitigate the identified vulnerabilities that are related to a microservice architecture. The vulnerabilities present in the use case are then concluded to be most relevant, the identified intrusion detection metrics are elaborated on and the service mesh technology Istio is found to mitigate largest number of the identified vulnerabilities.Konceptet att bryta ner en större applikation i mindre komponenter är inte en ny idé, men den har blivit vanligare under de senaste åren på grund av växten i användning av mikrotjänstsarkitekturer. Vad som dock inte har utforskats tillräckligt är säkerheten för mikrotjänstarkitekturen och hur den skiljer sig från en monolitisk applikationsarkitektur. Detta leder till att fråga vilka de mest relevanta säkerhetsriskerna med att integrera och använda en mikrotjänstarkitektur är, och vilka mätvärden som kan användas för att upptäcka intrång baserat på riskerna kan vara. I denna rapport utforskas säkerheten för mikrotjänstarkitekturer genom en fallstudie av systemet hos Skatteverket, som är en mikrotjänstbaserad arkitektur som körs på Kubernetes. Intervjuer genomförs med personer som har erfarenhet av Kubernetes och mikrotjänster separat, både med anställda på Skatteverket och på annat håll. I intervjuerna identifieras risker och mätvärden för att märka av intrång som sedan analyseras med avseende på ett användningsfall i Skatteverketssystemet. En undersökning görs också om befintlig teknik som kan mildra de identifierade riskerna som är relaterade till en mikrotjänstarkitektur. De risker som förekommer i användningsfallet anses sedan till att vara mest relevanta i slutsatserna, de identifierade mätvärdena för att märka av intrång diskuteras och service mesh teknologin Istio anses mitigera störst antal av de identifierade riskerna.
44
Liu, Yin-Miao (Vicky). "An architecture for enhanced assurance in e-health systems." Thesis, Queensland University of Technology, 2011. https://eprints.qut.edu.au/47051/1/Vicky_Liu_Thesis.pdf.
Full textAbstract:
Notwithstanding the obvious potential advantages of information and communications technology (ICT) in the enhanced provision of healthcare services, there are some concerns associated with integration of and access to electronic health records. A security violation in health records, such as an unauthorised disclosure or unauthorised alteration of an individual's health information, can significantly undermine both healthcare providers' and consumers' confidence and trust in e-health systems. A crisis in confidence in any national level e-health system could seriously degrade the realisation of the system's potential benefits. In response to the privacy and security requirements for the protection of health information, this research project investigated national and international e-health development activities to identify the necessary requirements for the creation of a trusted health information system architecture consistent with legislative and regulatory requirements and relevant health informatics standards. The research examined the appropriateness and sustainability of the current approaches for the protection of health information. It then proposed an architecture to facilitate the viable and sustainable enforcement of privacy and security in health information systems under the project title "Open and Trusted Health Information Systems (OTHIS)". OTHIS addresses necessary security controls to protect sensitive health information when such data is at rest, during processing and in transit with three separate and achievable security function-based concepts and modules: a) Health Informatics Application Security (HIAS); b) Health Informatics Access Control (HIAC); and c) Health Informatics Network Security (HINS). The outcome of this research is a roadmap for a viable and sustainable architecture for providing robust protection and security of health information including elucidations of three achievable security control subsystem requirements within the proposed architecture. The successful completion of two proof-of-concept prototypes demonstrated the comprehensibility, feasibility and practicality of the HIAC and HIAS models for the development and assessment of trusted health systems. Meanwhile, the OTHIS architecture has provided guidance for technical and security design appropriate to the development and implementation of trusted health information systems whilst simultaneously offering guidance for ongoing research projects. The socio-economic implications of this research can be summarised in the fact that this research embraces the need for low cost security strategies against economic realities by using open-source technologies for overall test implementation. This allows the proposed architecture to be publicly accessible, providing a platform for interoperability to meet real-world application security demands. On the whole, the OTHIS architecture sets a high level of security standard for the establishment and maintenance of both current and future health information systems. This thereby increases healthcare providers‘ and consumers‘ trust in the adoption of electronic health records to realise the associated benefits.
45
Tham, Kevin Wen Kaye. "Developing security services for network architectures." Thesis, Queensland University of Technology, 2006. https://eprints.qut.edu.au/16546/1/Kevin_Wen_Kaye_Tham_Thesis.pdf.
Full textAbstract:
In the last 15 years, the adoption of enterprise level data networks had increased dramatically. This is mainly due to reasons, such as better use of IT resources, and even better coordination between departments and business units. These great demands have fuelled the push for better and faster connectivity to and from these networks, and even within the networks. We have moved from the slow 10Mbps to 1Gbps connectivity for end-point connections and moved from copper-based ISDN to fibre-linked connections for enterprise connections to the Internet. We now even include wireless network technologies in the mix, because of the greater convenience it offers.
Such rapid progress is accompanied by ramifications, especially if not all aspects of networking technologies are improved linearly. Since the 1960s and 1970s, the only form of security had been along the line of authentication and authorisation. This is because of the widely used mainframes in that era. When the Internet and, ultimately, the wide-spread use of the Internet influxed in the 1980s, network security was born, and it was not until the late 1980s that saw the first Internet Worm that caused damage to information and systems on the Internet. Fast forward to today, and we see that although we have come a long way in terms of connectivity (connect to anywhere, and anytime, from anywhere else), the proposed use of network security and network security methods have not improved very much. Microsoft Windows XP recently switched from using their own authentication method, to the use of Kerberos, which was last revised 10 years ago.
This thesis describes the many problems we face in the world of network security today, and proposes several new methods for future implementation, and to a certain extend, modification to current standards to encompass future developments. Discussion will include a proposed overview of what a secure network architecture should include, and this will lead into several aspects that can be improved on. All problems identified in this thesis have proposed solutions, except for one. The critical flaw found in the standard IEEE802.11 wireless technology was discovered during the course of this research. This flaw is explained and covered in great detail, and also, an explanation is given as to why this critical flaw is not fixable.
46
WALA, MAGDALENA A. "SECURITY ENTRANCE AND MEDIA CENTER FOR THE UNITED NATIONS." University of Cincinnati / OhioLINK, 2007. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1179353633.
Full text
47
Tham, Kevin Wen Kaye. "Developing security services for network architectures." Queensland University of Technology, 2006. http://eprints.qut.edu.au/16546/.
Full textAbstract:
In the last 15 years, the adoption of enterprise level data networks had increased dramatically. This is mainly due to reasons, such as better use of IT resources, and even better coordination between departments and business units. These great demands have fuelled the push for better and faster connectivity to and from these networks, and even within the networks. We have moved from the slow 10Mbps to 1Gbps connectivity for end-point connections and moved from copper-based ISDN to fibre-linked connections for enterprise connections to the Internet. We now even include wireless network technologies in the mix, because of the greater convenience it offers. Such rapid progress is accompanied by ramifications, especially if not all aspects of networking technologies are improved linearly. Since the 1960s and 1970s, the only form of security had been along the line of authentication and authorisation. This is because of the widely used mainframes in that era. When the Internet and, ultimately, the wide-spread use of the Internet influxed in the 1980s, network security was born, and it was not until the late 1980s that saw the first Internet Worm that caused damage to information and systems on the Internet. Fast forward to today, and we see that although we have come a long way in terms of connectivity (connect to anywhere, and anytime, from anywhere else), the proposed use of network security and network security methods have not improved very much. Microsoft Windows XP recently switched from using their own authentication method, to the use of Kerberos, which was last revised 10 years ago. This thesis describes the many problems we face in the world of network security today, and proposes several new methods for future implementation, and to a certain extend, modification to current standards to encompass future developments. Discussion will include a proposed overview of what a secure network architecture should include, and this will lead into several aspects that can be improved on. All problems identified in this thesis have proposed solutions, except for one. The critical flaw found in the standard IEEE802.11 wireless technology was discovered during the course of this research. This flaw is explained and covered in great detail, and also, an explanation is given as to why this critical flaw is not fixable.
48
Bradford, Bryan L. "Wireless security within hastily formed networks." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2006. http://library.nps.navy.mil/uhtbin/hyperion/06Sep%5FBradford.pdf.
Full textAbstract:
Thesis (M.S. in Information Systems and Operations)--Naval Postgraduate School, September 2006.Thesis Advisor(s): Carl Oros. "September 206." Includes bibliographical references (p. 69-70). Also available in print.
49
Divic, Mirela, and Ida Hveding Huse. "A Security Focused Integration Architecture for an Electronic Observation Chart." Thesis, Norwegian University of Science and Technology, Department of Computer and Information Science, 2005. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-9257.
Full textAbstract:
An observation chart contains a collection of information from several different health information systems used at a hospital. Today, health personnel often has to access these health information systems during patient care and manually register information from them into the observation chart. Integration of the health information systems which constitute an observation chart is therefore needed. Integration means that systems used by a large amount of users are put together in such a way that all users gain access to the information they need. An integration will increase the efficiency of information flow by automatically retrieving information from relevant health information systems into an electronic observation chart. These improvements in turn will hopefully result in better quality of patient care, reduced time spent on treating each patient and therefore also reduced costs. This thesis describes a security focused integration architecture for an electronic observation chart system (EOC-system). This thesis also explores standards, strategies, laws and regulations relevant for the architectural description of the EOC-system. The EOC-system is going to be developed by CARDIAC, a company focusing on technology within health care, and the architectural description will be a support in this development process. The architectural description for CARDIACs EOC-system is based on the Model-based Architecture description Framework for Information Integration Abstraction (MAFIIA), which is an architectural description framework for software intensive systems with a specialization towards Information Integration Systems (IIS). The architectural description has also followed MAFIIAs two extensions, MAFIIA/H and MAFIIA/RBAC, which respectively relate to the health care domain and to role-based access control (RBAC). The work with this thesis, following the MAFIIA architectural description framework, has resulted in a detailed and structured architectural description which sees the architecture from several viewpoints and describes different aspects of it. Security and integration are emphasized in the architectural description; a combination of a service-oriented and portal-oriented integration architecture is chosen and the security mechanisms digital signing, secure communication, auditing and access control are ensured.
50
Maninjwa, Prosecutor Mvikeli. "Managing an information security policy architecture : a technical documentation perspective." Thesis, Nelson Mandela Metropolitan University, 2012. http://hdl.handle.net/10948/d1020757.
Full textAbstract:
Information and the related assets form critical business assets for most organizations. Organizations depend on their information assets to survive and to remain competitive. However, the organization’s information assets are faced with a number of internal and external threats, aimed at compromising the confidentiality, integrity and/or availability (CIA) of information assets. These threats can be of physical, technical, or operational nature. For an organization to successfully conduct its business operations, information assets should always be protected from these threats. The process of protecting information and its related assets, ensuring the CIA thereof, is referred to as information security. To be effective, information security should be viewed as critical to the overall success of the organization, and therefore be included as one of the organization’s Corporate Governance sub-functions, referred to as Information Security Governance. Information Security Governance is the strategic system for directing and controlling the organization’s information security initiatives. Directing is the process whereby management issues directives, giving a strategic direction for information security within an organization. Controlling is the process of ensuring that management directives are being adhered to within an organization. To be effective, Information Security Governance directing and controlling depend on the organization’s Information Security Policy Architecture. An Information Security Policy Architecture is a hierarchical representation of the various information security policies and related documentation that an organization has used. When directing, management directives should be issued in the form of an Information Security Policy Architecture, and controlling should ensure adherence to the Information Security Policy Architecture. However, this study noted that in both literature and organizational practices, Information Security Policy Architectures are not comprehensively addressed and adequately managed. Therefore, this study argues towards a more comprehensive Information Security Policy Architecture, and the proper management thereof.