Efficient Isolation Enabled Role-Based Access Control for Database Systems

Helal, Mohammad Rahat

January 2017

No description available.

Computer Science

Privacy in Database Designs: A Role Based Approach

Poe, Gary A

30 November 2007

Privacy concerns have always been present in every society. The introduction of information technology information has enabled a reduction in the cost of gathering information, management of that information and the permitted that same information to become increasingly portable. Coupled with these reductions of cost has been an increase in the demand for information as well as the concern that privacy expectations be respected and enforced through security systems that safeguard access to private-type data. Security systems enforce privacy expectations. Unfortunately there is no consensus on a definition of privacy making the specification of security often over broad and resulting in the loss of critical functionality in the systems produced. This research expands the understanding of privacy by proposing a replicable type-based taxonomy of privacy that is grounded in philosophy and law. This type-based system is applied to a Role Based Access Control System to specify and control access to data in a in a hospital setting as a proof of concept.

Privacy

Security

Taxonomy

Access Control Systems

Philosophy

Law

RBAC

Role Based Access Control

American Studies

Arts and Humanities

Electronic Access Control Systems: A New Approach

Janardhana Swamy, V C

09 1900

Security systems are gaining increasing importance in recent times to protect life and valuable resources. Many advanced methods of providing security have been developed and are in use in the last few decades. Of these, one important area is the security system required for military/strategic applications, which has advanced greatly. But, such systems being complex and expensive are useful in high-end applications only. However, with the recent progress in technology and the growing need for increased security in civilian and other applications, many low cost solutions for security systems have now emerged. As a result, many applications where only a simple intruder alarm was the means of providing security in earlier days are now able to associate with more advanced and foolproof access control techniques. And the field of Access Control Systems (ACSs) using modern approaches has become a major means of providing security in all applications, both military and civilian.

Computer Science

Cryptography

Computer Security

Access Control Systems (ACS)

System Design

Microcontrollers

Computers - Access Control

Hardware Design

Software Design

Docházkový a přístupový systém a jeho využití v podnikové praxi / Usage of Attendance and Access control system in company

Šimek, Jan

January 2014

The thesis deals with the problems of attendance and access systems and their importance in the company. The main aim is to clarify the present topic both to IT consultants and the public in an attempt to show the role of its own system, its implementation and operation in corporate practice. The work is divided into two main parts. The first part describes the historical development of monitoring attendance both from the point of view of the paper version and its successive software solution, as well as in respect of the hardware. Next, we give the legislative requirements and restrictions for monitoring and recording of the attendance of employees, the main source being the Labour Code itself and the Office for Personal Data Protection. After that, updated current attendance and access systems are introduced. The second part contains the actual procedure of selection and deployment of a particular attendance system, its configuration and operation. The process is described in detail in the thesis supplement. Emphasis is placed above all on clarity and easy understanding of the present topic, its impacts and benefit of its use. The main contribution of this work is the unification of views on the present subject matter, a comprehensive view of the system and its important role as an independent system co-operating with other software and hardware resources in the company.

Ethical Hacking of an Access Control System / Etisk hackning av ett passersystem

Almqvist, Oscar

January 2022

Cybersecurity within Internet of Things (IoT) is as relevant as ever, with the increase of digitalization and the connection of increasing numbers of intelligent devices. The devices within an electronic access control system, ranging from credential readers to management applications, are responsible for protecting various assets and users while still allowing for rich functionality. Regardless of its setting and context, the purpose of such a system is to ensure security. This thesis investigates the cybersecurity of an electronic access control system in an apartment building using penetration testing. The system was evaluated in a black-box setting, meaning no inside information about the system was known. This method consisted of an information gathering and enumeration phase, building a threat model that scored the identified threats based on their impact and consequences. Four devices and two software applications were investigated within the electronic access control system. Further, thirteen threats were identified on six attack surfaces: the physical interfaces, the firmware, the network services, web interfaces, a desktop application, and an embedded application. Twelve threats were tested to see if they are exploitable in practice. Results show that ten threats were exploitable, impacting residents and administrative users of the electronic access control system. The impact of the exploits consists of various degrees of sensitive data disclosure, authentication bypass, weak authentication, denial-of-service (DOS), and tampering, spread across the devices and software within the system. Exploits were successfully executed on every attack surface apart from the firmware. Additionally, the found exploits are reported to the affected manufacturer with suggestions to prevent the found vulnerabilities. / Med tanke på den ökande graden av digitalisering och intelligenta enheter i samhället är cybersäkerhet inom sakernas internet mer relevant än någonsin. Enheterna inom ett elektronisk passersystem har som uppgift att skydda både användare och objekt, oavsett miljö eller sammanhang. Detta, samtidigt som de ska erbjuda rik funktionalitet. Den här studien undersöker cybersäkerheten av ett passersystem installerat i ett lägenhetshus med hjälp av penetrationstestning. Systemet evaluerades genom black box testing, vilket betyder att ingen intern information om vare sig systemet eller enheterna var känd. Metoden inleddes av en informationsinsamlingsfas, som sedan ledde till en konstruktion av en hotmodell bestående av potentiella sårbarheter inom systemet. Sårbarheterna funna blev sedan betygsatta baserat på deras påverkan samt konsekvens ifall de skulle lyckas genomföras. Fyra enheter och två mjukvaruapplikationer inom passersystemet undersöktes. Tretton sårbarheter identifierades på de följande sex attackytorna: fysiska gränssnitt, firmware, nätverkstjänster, webbgränssnitt, datorprogram, samt inbäddade applikationer. Tolv sårbarheter testades för att se de kunde genomföras på systemet. Resultat visar att tio sårbarheter kunde genomföras, vilket påverkade både boende och administrativa användare i passersystemet. Detta resulterade i olika grader av utlämnande av känsliga uppgifter, förbikoppling av autentisering, denial-of-service (DOS), och manipulering, spritt över de olika enheterna och applikationerna i passersystemet. Förutom via firmware så hade samtliga attackytorna någon form av sårbarhet som gick att genomföras. De funna sårbarheterna blev rapporterade till passersystemets tillverkare med förslag på hur de kan åtgärdas.

Cybersecurity

Access control systems

IoT

Penetration testing

Threat modeling

Cybersäkerhet

Passersystem

Sakernas internet

Penetrationstestning

Hotmodellering

Computer Sciences

Datavetenskap (datalogi)

Mobile ID in physical access control applications

Simonetti, Jose Eduardo

10 November 2016

Submitted by Daniele Santos (danielesantos.htl@gmail.com) on 2017-02-21T21:04:19Z No. of bitstreams: 1 Eduardo.pdf: 1544695 bytes, checksum: ad700b85bc86a6f4889a9f52275ab887 (MD5) / Approved for entry into archive by Janete de Oliveira Feitosa (janete.feitosa@fgv.br) on 2017-02-23T17:38:59Z (GMT) No. of bitstreams: 1 Eduardo.pdf: 1544695 bytes, checksum: ad700b85bc86a6f4889a9f52275ab887 (MD5) / Made available in DSpace on 2017-03-02T13:43:19Z (GMT). No. of bitstreams: 1 Eduardo.pdf: 1544695 bytes, checksum: ad700b85bc86a6f4889a9f52275ab887 (MD5) Previous issue date: 2016-11-10 / Today there exist a myriad of different types of physical access control systems (PACS) that use a smart card or mobile device as a key. The mobile device enabled smart locks, as they are often referred to, operate using either Wi-Fi or Bluetooth. This thesis has explored the use of a third emerging wireless technology called Near Field Communication (NFC) available in mobile devices such as smartphones. Near Field Communication (NFC) technology is a relatively new technology that is on the rise and is included in almost every new mobile device. By leveraging Near Field Communication (NFC) enabled mobile devices, a highly secure access control system can be achieved and developed taking advantage of the computational power of smartphones in comparison to traditional methods the business implications are huge, Several different authentication and encryption protocols, mobile operating systems and Near Field Communication (NFC) modes of operation where analyzed and evaluated. After considerations technical considerations the Secure Remote Password authentication protocol on top of Near Field Communication (NFC) card emulation (CE) scheme with the client application running on smartphones operating system (OS) was selected. This thesis shows that Near Field Communication (NFC) enables a mobile device to act as a key in a secure access control system (PACS) and as the user base for NFC grows larger so will the likelihood that we will come to see more of these types of systems in business and organizations.

Mobile ID

Physical Access Control Systems (PACS)

Near Field Communication (NFC)

Applications

Tecnologia

Comunicação por campo de proximidade

Sistemas de comunicação sem fio

Sistemas de comunicação móvel

Segurança de informações

Computadores - Controle de acesso

Rozpoznávání obličejů v zabezpečovacích a dohledových kamerových systémech / Face Recognition in Security and Surveillance Camera Systems

Malach, Tobiáš

January 2020

Tato práce se zabývá zvýšením úspěšnosti rozpoznávání obličejů v dohledových CCTV systémech a systémech kontroly vstupu. K dosažení tohoto cíle je využit nový přístup - optimalizace vzorů obličejů. Optimalizace tvorby vzorů umožní vytvořit vzory, které zajistí zvýšení úspěšnosti rozpoznání. Měření a další zvyšování úspěšnosti rozpoznávání obličejů vyžaduje naplnění následujících dílčích cílů této práce. Prvním cílem je návrh a sestavení reprezentativní databáze obličejů, která umožní dosáhnout věrohodných a statisticky spolehlivých výsledků rozpoznávání obličejů v dohledových CCTV systémech a systémech kontroly vstupu. Druhým cílem je vytvoření metodiky pro statisticky spolehlivé porovnání výsledků, která umožní konstatování relevantních závěrů. Třetím cílem je výzkum tvorby vzorů a jejich optimalizace. Z dosažených výsledků vyplývá, že optimalizace tvorby vzorů zvyšuje úspěšnost rozpoznávání v uvedených a náročných aplikacích typicky o 4-8%, a v některých případech i 15%. Optimalizace tvorby vzorů přispívá použitelnosti rozpoznávání obličejů v uvedených aplikacích.