Global ETD Search

21	Secure IP Multicasting with Encryption Key Management Maharjan, Nadim, Moten, Daryl 10 1900 (has links) ITC/USA 2011 Conference Proceedings / The Forty-Seventh Annual International Telemetering Conference and Technical Exhibition / October 24-27, 2011 / Bally's Las Vegas, Las Vegas, Nevada / This paper presents the design for secure IP multicasting in an iNet environment using public key cryptography. Morgan State University has been conducting research to improve the telemetry network by improving network performance, implementing IP (Internet Protocol) multicasting and providing a stronger security system for the iNet environment. The present study describes how IP multicasting could be implemented to provide more secure communication in the iNet environment by reducing traffic and optimizing network performance. The multicast of data is closely tied to the key management center for secure applications. This paper develops a means of delivering keys between two or more parties showing a relationship between the multicast network and the Key Management Center (KMC). The KMC is an element of the system which distributes and manages session keys among multicast members. A public key encryption method is used to address the distribution of session keys in the multicast network. The paper will present a system level design of multicast and key management with dual encryption of session keys for the iNet system. IP Multicasting Public-key Cryptosystem Key Management Center Security Public Certificates iNET
22	A comparison of the security in ZigBee and the IEEE 802.15.9 standard and an experimental analysis of communication over IEEE 802.15.4 / En jämförelse av säkerheten gällande ZigBee och IEEE 802.15.9 standarden och en experimentell analys av kommunikation över IEEE 802.15.4 Silversved, Nicklas, Runesson, Hampus January 2019 (has links) The increasing number of IoT devices used in today’s society has led to a demand for better security in order to prevent attackers from gaining access to private information. The IoT brings a wide application scope and because of that there are a lot of ways to set up a secure network and manage keys in these kinds of networks. This paper presents a comparison between the security model in Zigbee and the new recommended practice for Key Management Protocols defined by the IEEE 802.15.9 standard. We investigate key establishment and transportation together with the vulnerabilities that this might bring regarding potential attacks like DoS and MitM. Since these protocols are built on the IEEE 802.15.4 standard, experimental tests have been made where we analyze the throughput, RTT and packet loss over varied distances and we try to determine the maximum transmission range for devices using IEEE 802.15.4 modules. The IEEE 802.15.9 standard works with different KMPs and depending on the KMP being used we can see both similarities and differences regarding key management and possible attacks when comparing it to ZigBee. Furthermore, we found that attacks on a ZigBee device is more likely to compromise the whole network while similar attacks would only affect the specific peers in an IEEE 802.15.9 communication. Based on the experiments we find that open areas, distance and interference have a negative effect on the throughput, RTT and packet loss of the communication. IEEE 802.15.4 IEEE 802.15.9 ZigBee security key establishment key management protocol Computer Engineering Datorteknik
23	A Lab System for Secret Sharing / Utveckling av laborationssystem för secret sharing Olsson, Fredrik January 2004 (has links) <p>Finnegan Lab System is a graphical computer program for learning how secret sharing works. With its focus on the algorithms and the data streams, the user does not have to consider machine-specific low-level details. It is highly modularised and is not restricted to secret sharing, but can easily be extended with new functions, such as building blocks for Feistel networks or signal processing. </p><p>This thesis describes what secret sharing is, the development of a new lab system designed for secret sharing and how it can be used.</p> Informationsteknik Cryptography Graph-Based Application Framework Java Key Management Secret Sharing Informationsteknik Information technology Informationsteknik
24	Wireless On-Board Diagnostics Schirninger, Rene, Zeppetzauer, Stefan January 2005 (has links) <p>Wireless On-board diagnostics functionality, which is a future outlook to vehicle system </p><p>parameter analysis, enables measurements and controlling without the limitation of a physical </p><p>connector. Today every vehicle must by law provide the possibility to analyze engine and </p><p>emission related parameters (OBD II). The wireless connection requires a high security level </p><p>to prevent unauthorized communication establishment with the truck’s bus system. The aim </p><p>of the project is to make a survey of the available security mechanisms and to find the most </p><p>promising solutions. Furthermore, several usage scenarios and access right levels are </p><p>specified and a risk analysis of the whole system is made. The greatest challenge is the </p><p>specification and implementation of a proper key-exchange mechanism between the analyzing </p><p>device and the truck’s bus system, which is therefore carried out with the highest possible </p><p>level of awareness. Consequently several different concepts have been formulated based on </p><p>the different usage scenarios.</p> Wireless LAN Security On-Board Diagnostics Pre-shared Key-Management Wireless Local Area Network LAN
25	Wireless On-Board Diagnostics Schirninger, Rene, Zeppetzauer, Stefan January 2005 (has links) Wireless On-board diagnostics functionality, which is a future outlook to vehicle system parameter analysis, enables measurements and controlling without the limitation of a physical connector. Today every vehicle must by law provide the possibility to analyze engine and emission related parameters (OBD II). The wireless connection requires a high security level to prevent unauthorized communication establishment with the truck’s bus system. The aim of the project is to make a survey of the available security mechanisms and to find the most promising solutions. Furthermore, several usage scenarios and access right levels are specified and a risk analysis of the whole system is made. The greatest challenge is the specification and implementation of a proper key-exchange mechanism between the analyzing device and the truck’s bus system, which is therefore carried out with the highest possible level of awareness. Consequently several different concepts have been formulated based on the different usage scenarios. Wireless LAN Security On-Board Diagnostics Pre-shared Key-Management Wireless Local Area Network LAN
26	Analysis of Random Key Predistribution Scheme for Wireless Sensor Network: An Adversarial Perspective Lin, Jiun-An 06 February 2012 (has links) Wireless sensor networks (WSNs) have been widely used in many areas, such as early earthquake monitoring, building structure monitoring, and military surveillance. In this thesis, we focus on the wireless sensor network deployed in the battlefield, using random key predistribution scheme. Firstly we presented an analysis of the security impacts by node capture attack. Also, based on the node cloning attack, we proposed a new attack scheme, called compromised key redistribution attack, and discussed related attack scenarios. Besides, we have found out and conjectured that, when the overlapping factor of compromised key set is larger than 0.05, it is very possible (almost 90%) that the number of distinct compromised keys is 10.5% of the original key pool. This conjecture helps the adversary estimate the approximated size of original key pool by calculating the overlapping factor, thus calculate the probability that malicious nodes successfully establish connections with legitimate nodes. prediction. node capture attack security analysis wireless sensor network key management scheme
27	Design and Analysis of a Novel Multicast Key Management Scheme for Secure Group Communications Wu, Chang-Po 24 July 2005 (has links) In this thesis, we propose an adaptive multicast key management scheme for secure group communications. In a secure communication session, group members could dynamically join and leave the group. Therefore, a multicast key management scheme is required to ensure that only legitimate users will continue to receive the latest information. In the literature, star-based key management schemes and tree-based key management schemes were proposed for secure group communications. In this thesis, we propose a novel canonical-tree-based key management scheme. We evaluate the average rekeying costs of the canonical-tree-based scheme as well as two well-known key management schemes. We find that the leaving probability of group members dominates the relative performance between the star-based scheme and the tree-based scheme. Based on the above observations, we propose an adaptive key management scheme that is superior to both the star-based scheme and the tree-based scheme in a dynamic environment. Balanced Tree Group Communication Canonical Tree Key Management Multicast Periodic Rekey
28	Key Management in Ad Hoc Networks / Nyckelhantering i Ad Hoc Nät Fokine, Klas January 2002 (has links) <p>This thesis covers the issue of securing ad hoc networks. Such networks exhibit a number of characteristics that make such a task challenging. One of the major challenges is that ad hoc networks typically lack a fixed infrastructure both in form of physical infrastructure such as routers, servers and stable communication links and in the form of an organizational or administrative infrastructure. Another difficulty lies in the highly dynamic nature of ad hoc networks since new nodes can join and leave the network at any time. </p><p>The major problem in providing security services in such infrastructure less networks is how to manage the cryptographic keys that are needed. In order to design practical and efficient key management systems it is necessary to understand the characteristics of ad hoc networks and why traditional key management systems cannot be used. These issues are covered and the thesis also provides a summary of those key management solutions that have been proposed in the research literature so far.</p> Informationsteknik ad hoc networking key management network security Informationsteknik Information technology Informationsteknik
29	Adaptive Cryptographic Access Control for Dynamic Data Sharing Environments Kayem, ANNE 21 October 2008 (has links) Distributed systems, characterized by their ability to ensure the execution of multiple transactions across a myriad of applications, constitute a prime platform for building Web applications. However, Web application interactions raise issues pertaining to security and performance that make manual security management both time-consuming and challenging. This thesis is a testimony to the security and performance enhancements afforded by using the autonomic computing paradigm to design an adaptive cryptographic access control framework for dynamic data sharing environments. One of the methods of enforcing cryptographic access control in these environments is to classify users into one of several groups interconnected in the form of a partially ordered set. Each group is assigned a single cryptographic key that is used for encryption/decryption. Access to data is granted only if a user holds the "correct" key, or can derive the required key from the one in their possession. This approach to access control is a good example of one that provides good security but has the drawback of reacting to changes in group membership by replacing keys, and re-encrypting the associated data, throughout the entire hierarchy. Data re-encryption is time-consuming, so, rekeying creates delays that impede performance. In order to support our argument in favor of adaptive security, we begin by presenting two cryptographic key management (CKM) schemes in which key updates affect only the class concerned or those in its sub-poset. These extensions enhance performance, but handling scenarios that require adaptability remain a challenge. Our framework addresses this issue by allowing the CKM scheme to monitor the rate at which key updates occur and to adjust resource (keys and encrypted data versions) allocations to handle future changes by anticipation rather than on demand. Therefore, in comparison to quasi-static approaches, the adaptive CKM scheme minimizes the long-term cost of key updates. Finally, since self-protecting CKM requires a lesser degree of physical intervention by a human security administrator, we consider the case of "collusion attacks" and propose two algorithms to detect as well as prevent such attacks. A complexity and security analysis show the theoretical improvements our schemes offer. Each algorithm presented is supported by a proof of concept implementation, and experimental results to show the performance improvements. / Thesis (Ph.D, Computing) -- Queen's University, 2008-10-16 16:19:46.617 Access Control Database Security Autonomic Computing Cryptographic Key Management Dynamic Data Sharing
30	Verifying Physical Endpoints to Secure Digital Systems Studer, Ahren M. 01 May 2011 (has links) The proliferation of electronic devices supporting sensing, actuation, and wireless communication enables the monitoring and/or control of a variety of physical systems with digital communication. Such “cyber physical systems” blur the boundaries of the digital and physical worlds, where correct information about the physical world is needed for the correct operation of the digital system. Often in these systems the physical source or destination of information is as important as the information itself. However, the omni-directional and invisible nature of wireless communication makes it difficult to determine communication endpoints. This allows a malicious party to intercept wireless messages or pose as other entities in the system. As such, these systems require new protocols to associate the endpoints of digital communication with physical entities. Traditional security approaches that associate cryptographic keys with names can help verify endpoints in static systems where a string accurately describes the role of a device. In other systems, the role of a device depends on its physical properties, such as location, which change over time. This dynamic nature implies that identification of an endpoint based on a static name is insufficient. Instead, we can leverage devices’ sensing and actuation capabilities to verify the physical properties and determine the physical endpoints of communication. We investigate three different scenarios where the physical source and/or destination is important and propose endpoint verification techniques: verifying the physical endpoints during an exchange between two smartphones, verifying the receiver of information is in a physical space to enable location-based access control, and verifying the source of information to protect Vehicle-to-Vehicle (V2V) applications. We evaluate our proposals in these systems and show that our solutions fulfill the security requirements while utilizing existing hardware. Exchanging Information Between Smartphones Shake on it (SHOT) allows users to verify the endpoints during an exchange of information between two smartphones. In our protocol, the phones use their vibrators and accelerometers to establish a human-observable communication channel. The users hold the phones together while the phones use this channel to bootstrap and verify the authenticity of an exchange that occurs over the higher-bandwidth wireless channel. Users can detect the injection of information from other devices as additional vibrations, and prevent such attacks. Our implementation of SHOT for the DROID smartphone is able to support sender and receiver verification during an exchange between two smartphones in 15 seconds on average. Location-Based Access Control We propose using location-based access control to protect sensitive files on laptops, without requiring any effort from the user to provide security. With a purely wireless electronic system, verifying that a given device is in a physical space is a challenge; either the definition of the physical space is vague (radio waves can travel beyond walls) or the solution requires expensive hardware to measure a message’s time of flight. Instead, we use infrared as a signal that walls can contain. We develop key derivation protocols that ensure only a receiver in the physical room with access to the signal can derive the key. We implement a system that uses the laptop’s webcam to record the infrared signal, derive a key, and decrypt sensitive files in less than 5 seconds. Source Verification for V2V Networks A number of V2V applications use information about nearby vehicles to prevent accidents or reduce fuel consumption. However, false information about the positioning of vehicles can cause erroneous behavior, including accidents that would not occur in the absence of V2V. As such, we need a way to verify which vehicle sent a message and that the message accurately describes the physical state of that vehicle. We propose using LED lights on vehicles to broadcast the certificate a vehicle is currently using. Receivers can use onboard cameras to film the encoding of the certificate and estimate the relative location of the vehicle. This visual channel allows a receiver to associate a physical vehicle at a known location with the cryptographic credentials used to sign a location claim. Our simulations indicate that even with a pessimistic visual channel, visual verification of V2V senders provides sufficient verification capabilities to support the relevant applications. System Security Mobile Computing Trust Establishment Key Management Secure Storage Vehicular Networks

Search results