Evaluation of the operational effects of u-turn movement

Liu, Pan

01 June 2006

In Florida, the increased installation of non-traversable medians and directional median opening has produced an increased number of U-turns on multilane highways. Arguments have been advanced by some opponents of median modification projects that the increased numbers of U-turns may result in safety and operational problems on multilane highways. The primary objective of this study is to evaluate the operational effects of U-turn movement on multilane roadways. To achieve this research objective, extensive data were collected. Field measurements were conducted at 40 sites in the Tampa Bay area of Florida to collect traffic operations data. Besides, the crash histories of 179 selected roadway segments in central Florida were investigated. Statistical analysis was conducted based on the collected traffic operations data and crash data to quantitatively evaluate the operational performance of U-turn movement. Delay and travel time were compared for different driveway left- turn alternatives that are widely used in Florida and nationally. Crash rate models were developed to evaluate how the separation distance between a driveway exit and the downstream U-turn bay impacts the safety performance of vehicles making right-turns followed by U-turns (RTUT). With the crash data analysis results, the minimum separation distances under different roadway conditions were determined to facilitate driver use of RTUTs. The capacity of U-turn movement was analyzed under two different situations: (1) U-turns are provided at a signalized intersection; and (2) U-turns are provided at an unsignalized intersection. Adjustment factors were developed to quantify the impacts of the presence of U-turning vehicles on the capacity of a signalized intersection. The critical gaps and follow-up time for U-turn movement at unsignalized intersections were estimated. With the estimated critical gaps and follow-up time, the Harders model was used to determine the capacity of U-turn movem ent at an unsignalized intersection. This study also looks extensively at the minimum roadway width and median width required by vehicles to perform U-turn maneuvers on 4-lane divided roadways. It was found that a roadway width of 46 ft is generally sufficient for most types of design vehicles (except heavy vehicles) to perform a continuous U-turn maneuver without impedance.

Capacity

Delay

Travel time

Gap acceptance

Follow-up time

Adjustment factor

Directional median opening

Crash rate

Access management

American Studies

Arts and Humanities

A Comparative Analysis of SecurityServices Using Identity and AccessManagement (IAM)

Muddychetty, Nithya Sree

January 2024

Background: Identity and Access Management (IAM) is a critical IT securityframework for managing digital identities and resource access. With roots datingback to ancient civilizations, IAM has evolved from basic authentication to sophisticated methods. Okta, a leading cloud-based IAM platform founded in 2009, excelsin identity management, authentication, and access control. It is recognized for itscommitment to security and adaptability to cybersecurity challenges. As of October2023, Okta maintains its prominent position in the IAM market, acknowledged byGartner’s Magic Quadrant for Access Management, worldwide. Objectives: The objective of this thesis is to conduct a comprehensive comparative analysis of security services, specifically focusing on their integration with IAMsolutions. This investigation seeks to provide an examination of security serviceslike Multi-factor authentication (MFA) and Single Sign On (SSO) and evaluate theireffectiveness in conjunction with IAM. By doing so, we aim to determine which security approach offers the most robust protection in our digitally interconnected world. Methods: The primary goal of this methodology is to create a robust, secure,and user-friendly authentication and access management system using Okta withinan IAM framework. This involves the integration of both MFA and SSO features.To kickstart the process, we establish a controlled environment that mirrors thereal-world scenarios. Okta is chosen as the IAM tool, and its deployment involvesmanaging user identities, controlling access, and handling authentication. Results: The result of the study on the comparative analysis of security servicesusing IAM reveals distinct differences in the effectiveness and features among securityservices. Key findings highlight variations in authentication methods, authorizationmechanisms, and overall security robustness. This comprehensive examination provides valuable insights into the strengths and weaknesses of different IAM-basedsecurity services, offering a foundation for informed decision-making in selecting themost suitable solution for specific organizational needs. Conclusions: This thesis conclusively demonstrates the efficacy of integrating SSOand MFA into IAM. The incorporation of Biometric Authentication and Time basedOne Time-Password (TOTP) in MFA garnered strong user preference. SSO implementation streamlined authentication, reducing steps and enhancing ease of use.The overwhelmingly positive user feedback and robust security measures validateSSO+MFA as a valuable contribution to IAM, ensuring data security and user confidence.

Access Control Lists

Identity Access Management

Multi-Factor Authentication

One time password

Single sign on

System Usability Scale

Virtual private network

Computer Sciences

Datavetenskap (datalogi)

Das Paradigma des homogenen Enterprise Access Managements sowie ein Vorschlag zur unternehmensweit konsistenten Zugriffssteuerung

Rottleb, René

13 November 2003

Bei der Umsetzung moderner Managementkonzepte wie bspw. Supply Chain Management, Customer Relationship Management und Partner Relationship Management werden Anwendungssysteme wertschöpfungskettenübergreifend eingesetzt. Das bedeutet, dass sowohl interne als auch externe Benutzer auf verschiedene Anwendungssysteme eines Unternehmens zugreifen. Die daraus resultierenden Anforderungen werden als Paradigma des homogenen Enterprise Access Managements (hEAM) beschrieben. Zur Umsetzung dieser Anforderungen wird ein Referenzmodell zur anwendungssystemübergreifend konsistenten Zugriffssteuerung (MAKS) entwickelt. Eine entsprechende Realisierungsmöglichkeit in Form eines zentralen Rollen- und Rechtemanagementsystems (ZR2MS) ergibt sich aus der Referenzarchitektur zur anwendungssystemübergreifend konsistenten Zugriffssteuerung (A2KS).

A2KS

Access Management

Benutzermanagement

MAKS

Organisationsmodellierung

Referenzarchitektur

Referenzmodell

Rolle

Rollentyp

Verzeichnis

Verzeichnisdienste

Verzeichnissystem

ZR2MS

Zugriffssteuerung

Directory

Directory Services

Directory System

Enterprise Access Management

Enterprise Application Integration

Enterprise Portal

Extranet

Web Services

ddc:330

rvk:QP 530

Wertschöpfungskette

Das Paradigma des homogenen Enterprise Access Managements sowie ein Vorschlag zur unternehmensweit konsistenten Zugriffssteuerung

Rottleb, René

08 December 2003

Bei der Umsetzung moderner Managementkonzepte wie bspw. Supply Chain Management, Customer Relationship Management und Partner Relationship Management werden Anwendungssysteme wertschöpfungskettenübergreifend eingesetzt. Das bedeutet, dass sowohl interne als auch externe Benutzer auf verschiedene Anwendungssysteme eines Unternehmens zugreifen. Die daraus resultierenden Anforderungen werden als Paradigma des homogenen Enterprise Access Managements (hEAM) beschrieben. Zur Umsetzung dieser Anforderungen wird ein Referenzmodell zur anwendungssystemübergreifend konsistenten Zugriffssteuerung (MAKS) entwickelt. Eine entsprechende Realisierungsmöglichkeit in Form eines zentralen Rollen- und Rechtemanagementsystems (ZR2MS) ergibt sich aus der Referenzarchitektur zur anwendungssystemübergreifend konsistenten Zugriffssteuerung (A2KS).

info:eu-repo/classification/ddc/330

ddc:330

New authentication mechanism using certificates for big data analytic tools

Velthuis, Paul

January 2017

Companies analyse large amounts of sensitive data on clusters of machines, using a framework such as Apache Hadoop to handle inter-process communication, and big data analytic tools such as Apache Spark and Apache Flink to analyse the growing amounts of data. Big data analytic tools are mainly tested on performance and reliability. Security and authentication have not been enough considered and they lack behind. The goal of this research is to improve the authentication and security for data analytic tools.Currently, the aforementioned big data analytic tools are using Kerberos for authentication. Kerberos has difficulties in providing multi factor authentication. Attacks on Kerberos can abuse the authentication. To improve the authentication, an analysis of the authentication in Hadoop and the data analytic tools is performed. The research describes the characteristics to gain an overview of the security of Hadoop and the data analytic tools. One characteristic is that the usage of the transport layer security (TLS) for the security of data transportation. TLS usually establishes connections with certificates. Recently, certificates with a short time to live can be automatically handed out.This thesis develops new authentication mechanism using certificates for data analytic tools on clusters of machines, providing advantages over Kerberos. To evaluate the possibility to replace Kerberos, the mechanism is implemented in Spark. As a result, the new implementation provides several improvements. The certificates used for authentication are made valid with a short time to live and are thus less vulnerable to abuse. Further, the authentication mechanism solves new requirements coming from businesses, such as providing multi-factor authenticationand scalability.In this research a new authentication mechanism is developed, implemented and evaluated, giving better data protection by providing improved authentication.

Cloud Access Management

certificate on demand

Apache Spark

Apache Flink

Kerberos

transport security layer (TLS)

Authentication

Multi Factor Authentication

Authentication for data analytic tools

certificate based Spark authentication

public key encryption

distributed authentication

short valid authentication

Computer Sciences

Datavetenskap (datalogi)