Strong Authentication Protocol using PIV Card with Mobile Devices

Kunning, Mao

January 2013

Nowadays weak single-factor authentication mechanisms like passwords or passphrases are commonly used. Static passwords are easy to use, just remember them in mind. However it has many security weaknesses and even strong passwords are not strong enough. For example, strong secrets are difficult to remember, and people tend to share authentication credentials across systems, which reduce the overall security tremendously. Thus, for security sensitive environment we need strong multi-factors authentication. Smart card based certificate strong authentication solution can be used as a replacement for standard password-based schemes. And also a large existing base of deployed smart cards used to provide authentication in other areas can be reused to reduce costs significantly. This master thesis presents a study of how to implement certificate-based strong authentication on mobile devices using PIV smart card. It proposes a strong authentication protocol based on FIPS 201 Personal Identity verification standard, and FIPS 196 entity strong authentication protocol scheme, and describes the implementation of a mobile security application developed on iOS system using a smart card reader. Our solution can provide high level of security services for mobile applications, and can easily protect their confidentiality, integrity and authenticity.

Mobile Applications Security

Strong Authentication

Smart Card

Engineering and Technology

Teknik och teknologier

Security Services for Mobile Applications

Mumtaz, Majid

January 2012

In today's era of technology, information can revolve the whole world within seconds via Internet. Devices such as smartphones, tablets and smart applications running on them enable users to access information anytime and anywhere over the air network. Ubiquitous nature of smartphones stimulates the growth of applications development, especially for small scale devices. Protection and security of sensitive mobile applications and their resources against threats are new emerging challenges for mobile application developers. Even competitive enterprise application development organizations lack comprehensive security services for small scale devices. Ultimately unpredictable threats become active anytime and can easily hamper the whole infrastructure within short time frame. In future enterprise applications, to protect entities and overall access of back-end secure infrastructure and services secure and easy to deploy strong authentication and authorization services will play a key role. Complexity of security risks in wireless networks is changing the ways of protection mechanisms for mobile applications. Achieving security balance with convenience becomes a challenging task for application developers. Due to complex blurred picture of an attack in an enterprise applications development, usually the developers don't pay attention against the mitigation of such threats at the initial phase of application development. Due to this, weaknesses appear in latter stages that make an application system vulnerable. Conventionally it is a common practice by application developers to rely on username/password authentication mechanism, and even more secure way that is considered to be a One Time Password (OTP) or complex passphrase schemes. These schemes have a number of limitations and drawbacks regarding today’s diverse wireless environments. In this research we used Public Key Infrastructure (PKI) certificate-based strong authentication scheme for small scale devices which is a significant step-up from simple username/password, OTP and location-based authentication schemes. Leading standards which we followed FIPS 201 Personal Identity Verification standard and FIPS 196 Strong Authentication Protocol scheme. Our solution is based on secure smart microSD card that can be used for providing high level of security for mobile enterprise applications. Also other considerable security services included confidentiality of exchanged transaction messages between applications and back-end application provider server, integrity of transaction messages, and non-repudiation services.

Mobile Applications Security

Authentication

microSD

Secure Element

Engineering and Technology

Teknik och teknologier

Maintaining Web Applications Integrity Running on RADIUM

Ur-Rehman, Wasi

08 1900

Computer security attacks take place due to the presence of vulnerabilities and bugs in software applications. Bugs and vulnerabilities are the result of weak software architecture and lack of standard software development practices. Despite the fact that software companies are investing millions of dollars in the research and development of software designs security risks are still at large. In some cases software applications are found to carry vulnerabilities for many years before being identified. A recent such example is the popular Heart Bleed Bug in the Open SSL/TSL. In today’s world, where new software application are continuously being developed for a varied community of users; it’s highly unlikely to have software applications running without flaws. Attackers on computer system securities exploit these vulnerabilities and bugs and cause threat to privacy without leaving any trace. The most critical vulnerabilities are those which are related to the integrity of the software applications. Because integrity is directly linked to the credibility of software application and data it contains. Here I am giving solution of maintaining web applications integrity running on RADIUM by using daikon. Daikon generates invariants, these invariants are used to maintain the integrity of the web application and also check the correct behavior of web application at run time on RADIUM architecture in case of any attack or malware. I used data invariants and program flow invariants in my solution to maintain the integrity of web-application against such attack or malware. I check the behavior of my proposed invariants at run-time using Lib-VMI/Volatility memory introspection tool. This is a novel approach and proof of concept toward maintaining web application integrity on RADIUM.

Web application integrity

RADIUM

software bugs

daikon

Computer security.

Web applications -- Security measuers.

Computer networks -- Security measures.

Mobiliųjų aplikacijų saugumo sprendimai / Mobile application security salutions

Kelmelytė, Lina

17 June 2013

Šio darbo tikslas mobiliųjų aplikacijų saugumo sprendimų analizė populiariausioms mobiliųjų terminalų platformoms ir mobiliųjų aplikacijų saugumo rekomendacijų formulavimas projektuotojams ir vartotojams Pirmojoje darbo dalyje apžvelgiamos ir analizuojamos mobiliųjų aplikacijų saugumo grėsmės įvairiose mobiliųjų prietaisų operacinėse sistemose. Aptariamos ir analizuojamos silpnosios ir lengviausiai pažeidžiamos Android, iOS ir Windows Phone vietos, aptariamas jų pažeidžiamumas lyginant jas tarpusavyje. Atliekama mobiliųjų prietaisų saugumo analizė tinklo, prietaiso ir aplikacijų lygmenyse. Antrojoje darbo dalyje analizuojamos mobiliųjų aplikacijų testavimo galimybės ir būdai, analizuojami ir klasifikuojami įrankiai skirti apsaugoti nuo mobilių aplikacijų saugumo grėsmių. Projektinėje darbo dalyje apibendrintos ir suformuluotos mobiliųjų aplikacijų saugumo rekomendacijos pagal svarbiausias operacines aplinkas tiek vartotojams, tiek mobilių aplikacijų kūrėjams. / The aim of this work is to analyse the decisions of mobile application security and to provide recommendations and methods according to the results of the analysis of adaptation of mobile applications security solutions to operating systems. The paper aims to provide the ways how to improve mobile application security for users and companies. In the first part the threats for mobile application security in various operating systems are reviewed and analysed. The paper discusses and analyses the weak points of Android, iOS, and Windows Phone and compares their weakest points among the three. It also gives the analysis of the testing tools used for mobile means as well as the examination of their safety in the levels of a net, a tool and applications. The second part presents the analysis of possibilities and ways of mobile applications testing, as well as the classified tools created for the protection from mobile applications threats. The project part of the paper summarises and formulates mobile application safety recommendations according to the main operating systems, and gives these recommendations to users and creators of mobile applications.

Informatics

Mobiliosios aplikacijos

Aplikacijų saugumas

Android

IOS

Windows Phone

Mobile applications

Applications security

Android

IOS

Windows Phone

Developing a computer system for the generation of unique wrinkle maps for human faces : generating 2D wrinkle maps using various image processing techniques and the design of 3D facial ageing system using 3D modelling tools

Mehdi, Ali

January 2011

Facial Ageing (FA) is a very fundamental issue, as ageing in general, is part of our daily life process. FA is used in security, finding missing children and other applications. It is also a form of Facial Recognition (FR) that helps identifying suspects. FA affects several parts of the human face under the influence of different biological and environmental factors. One of the major facial feature changes that occur as a result of ageing is the appearance and development of wrinkles. Facial wrinkles are skin folds; their shapes and numbers differ from one person to another, therefore, an advantage can be taken over these characteristics if a system is implemented to extract the facial wrinkles in a form of maps. This thesis is presenting a new technique for three-dimensional facial wrinkle pattern information that can also be utilised for biometric applications, which will back up the system for further increase of security. The procedural approaches adopted for investigating this new technique are the extraction of two-dimensional wrinkle maps of frontal human faces for digital images and the design of three-dimensional wrinkle pattern formation system that utilises the generated wrinkle maps. The first approach is carried out using image processing tools so that for any given individual, two wrinkle maps are produced; the first map is in a binary form that shows the positions of the wrinkles on the face while the other map is a coloured version that indicates the different intensities of the wrinkles. The second approach of the 3D system development involves the alignment of the binary wrinkle maps on the corresponding 3D face models, followed by the projection of 3D curves in order to acquire 3D representations of the wrinkles. With the aid of the coloured wrinkle maps as well as some ageing parameters, simulations and predictions for the 3D wrinkles are performed.

502.85

Segurança biológica de implantes mamários de silicone: interrelação entre processos esterilizantes e biocompatibilidade / Biological safety of silicone mammary implants: interrelationship between sterilization processes and biocompatibility

Azevedo, Janice Campos de

25 March 2004

Os implantes mamários de silicone têm sido empregados, tanto nas cirurgias de aumento das mamas, quanto na reconstrução do tecido mamário após mastectomia. A segurança biológica dos implantes de silicone merece estudo relacionado aos processos de esterilização empregados, pois podem constituir-se em fator de comprometimento da estrutura química do polímero e, conseqüentemente, da biocompatibilidade. Este estudo consistiu na avaliação da biocompatibilidade de implantes mamários de silicone após terem sido submetidos aos processos de esterilização por calor seco, radiação gama e óxido de etileno. O parâmetro avaliado foi a viabilidade celular, empregando o método de difusão em agar e de captura do vermelho neutro. As amostras compreenderam implantes de silicone gel lisos, texturizados e revestidos com poliuretano e implantes texturizados pré-cheios com solução salina. Também foi realizado o teste de endotoxinas bacterianas pelo método do LAL e determinação da taxa de migração do gel de silicone (teste de bleed). Os três métodos de esterilização mostraram-se igualmente eficientes pela comprovação da condição de esterilidade dos implantes através de metodologia descrita na Farmacopéia Americana 27 edição. Os níveis de endotoxinas bacterianas dos implantes, também atenderam aos requisitos dos compêndios oficiais. Na avaliação da biocompatibilidade todos os implantes, independente dos processos de esterilização utilizados, apresentaram ausência de citotoxicidade. Os resultados do teste de bleed mostraram uma maior taxa de migração de gel para os implantes de superfície lisa em comparação com os implantes de superfície texturizada e revestida com poliuretano, quando esterilizados por calor seco. Ao comparar a taxa de migração do gel para os implantes de superfície lisa esterilizados por calor seco e óxido de etileno, obteve-se uma maior taxa de migração para aqueles implantes esterilizados por óxido de etileno. As diferentes avaliações realizadas neste estudo abrangeram aspectos biológicos, químicos e físicos relevantes para garantir um produto de boa qualidade e que, por assegurar a manutenção da característica de biocompatibilidade, resulta na segurança biológica deste tipo de implante. / Silicone breast implants have been widely used for mammary augmentation and reconstruction surgery. Biological safety of these implants can be damaged by sterilization methods. This study consisted of the biocompatibility assessment of breast implants through cell viability, employing the agar diffusion test and neutral red uptake. Four silicone breast implants were tested: smooth, textured, polyurethane covered silicone gel breast implant and textured saline-filled breast implant. Sterilization methods comprised dry-heat, ethylene oxide and γ-radiation. Detection of bacterial endotoxins employing LAL test and gel bleed was also performed. The three methods of sterilization revealed equally efficacious, through the sterility confirmation of implants employing methodology described in 27th edition of United States Pharmacopeia. At the same way the leveis of bacterial endotoxins of implants accorded with the pharmacopeial requirements. In theevaluation of biocompatibility ali the implants, independently of the sterilization process used, showed no cytotoxicity signals. The results of gel bleed revealed a higher migration rate from the smooth implants in comparison with the textured and polyurethane-covered implants sterilized by dry-heat. When was compared the gel migration of smooth implants sterilized by dry-heat and ethylene oxide, was obtained a higher rate of gel bleed of those implants sterilized by ethylene oxide. The different evaluations performed in this study comprised biological, chemical and physical aspects, that are relevant to assure a good quality product and by having maintained the characteristics of biocompatibility, resulted in the biological safety on this kind of implant.

Biocompatibilidade

Biocompatibility

Breast Implants

Esterilização

Implantes mamários

Mastectomia (Cuidados)

Mastectomy (Care)

Prostheses and implants (Security)

Proteses e implantes (Segurança)

Sterilization

Segurança biológica de implantes mamários de silicone: interrelação entre processos esterilizantes e biocompatibilidade / Biological safety of silicone mammary implants: interrelationship between sterilization processes and biocompatibility

Janice Campos de Azevedo

25 March 2004

Os implantes mamários de silicone têm sido empregados, tanto nas cirurgias de aumento das mamas, quanto na reconstrução do tecido mamário após mastectomia. A segurança biológica dos implantes de silicone merece estudo relacionado aos processos de esterilização empregados, pois podem constituir-se em fator de comprometimento da estrutura química do polímero e, conseqüentemente, da biocompatibilidade. Este estudo consistiu na avaliação da biocompatibilidade de implantes mamários de silicone após terem sido submetidos aos processos de esterilização por calor seco, radiação gama e óxido de etileno. O parâmetro avaliado foi a viabilidade celular, empregando o método de difusão em agar e de captura do vermelho neutro. As amostras compreenderam implantes de silicone gel lisos, texturizados e revestidos com poliuretano e implantes texturizados pré-cheios com solução salina. Também foi realizado o teste de endotoxinas bacterianas pelo método do LAL e determinação da taxa de migração do gel de silicone (teste de bleed). Os três métodos de esterilização mostraram-se igualmente eficientes pela comprovação da condição de esterilidade dos implantes através de metodologia descrita na Farmacopéia Americana 27 edição. Os níveis de endotoxinas bacterianas dos implantes, também atenderam aos requisitos dos compêndios oficiais. Na avaliação da biocompatibilidade todos os implantes, independente dos processos de esterilização utilizados, apresentaram ausência de citotoxicidade. Os resultados do teste de bleed mostraram uma maior taxa de migração de gel para os implantes de superfície lisa em comparação com os implantes de superfície texturizada e revestida com poliuretano, quando esterilizados por calor seco. Ao comparar a taxa de migração do gel para os implantes de superfície lisa esterilizados por calor seco e óxido de etileno, obteve-se uma maior taxa de migração para aqueles implantes esterilizados por óxido de etileno. As diferentes avaliações realizadas neste estudo abrangeram aspectos biológicos, químicos e físicos relevantes para garantir um produto de boa qualidade e que, por assegurar a manutenção da característica de biocompatibilidade, resulta na segurança biológica deste tipo de implante. / Silicone breast implants have been widely used for mammary augmentation and reconstruction surgery. Biological safety of these implants can be damaged by sterilization methods. This study consisted of the biocompatibility assessment of breast implants through cell viability, employing the agar diffusion test and neutral red uptake. Four silicone breast implants were tested: smooth, textured, polyurethane covered silicone gel breast implant and textured saline-filled breast implant. Sterilization methods comprised dry-heat, ethylene oxide and γ-radiation. Detection of bacterial endotoxins employing LAL test and gel bleed was also performed. The three methods of sterilization revealed equally efficacious, through the sterility confirmation of implants employing methodology described in 27th edition of United States Pharmacopeia. At the same way the leveis of bacterial endotoxins of implants accorded with the pharmacopeial requirements. In theevaluation of biocompatibility ali the implants, independently of the sterilization process used, showed no cytotoxicity signals. The results of gel bleed revealed a higher migration rate from the smooth implants in comparison with the textured and polyurethane-covered implants sterilized by dry-heat. When was compared the gel migration of smooth implants sterilized by dry-heat and ethylene oxide, was obtained a higher rate of gel bleed of those implants sterilized by ethylene oxide. The different evaluations performed in this study comprised biological, chemical and physical aspects, that are relevant to assure a good quality product and by having maintained the characteristics of biocompatibility, resulted in the biological safety on this kind of implant.

Biocompatibilidade

Esterilização

Implantes mamários

Mastectomia (Cuidados)

Proteses e implantes (Segurança)

Biocompatibility

Breast Implants

Mastectomy (Care)

Prostheses and implants (Security)

Sterilization

Enhancing IoT Security Using 5G Capabilities

Makkar, Ankush

January 2021

Internet of Things (IoT) is an ecosystem comprises CT (Communication Technology),IT (Information Technology) and sometime OT (Operational Technologies) wheredifferent machines and devices can interact with each other and exchange useful datawhich can be processed using different IoT applications to take decisions and performrequired actions. Number of IoT devices and IoT networks are growing exponentially.Security is of utmost importance and without proper security implementation, IoTNetworks with billions of devices will be hacked and used as botnets which can createdisaster. The new IoT use cases cannot be realized using the current communicationtechnologies due to the QoS (Quality of Service) and business requirements. 5Gnetwork are designed keeping IoT use cases in mind and with the development of 5Gnetwork, it will be easier to implement more secured IoT network and enable differentIoT use cases which are not feasible today.To build the future IoT networks with 5G, it’s important to study and understand 5Gsecurity features. Security is perceived as one of the most important considerationwhile building IoT solutions and to implement 5G network for IoT solutions require anoverall understanding of 5G security features. In the thesis, work have been done toidentify the gap in the current research with respect to 5G security features anddescribe 5G features that will enhance IoT security. After identifying key 5G securityfeatures, the implementation of the identified 5G security features will be describedwith the 5G based smart grid and smart factory use cases. The key finding is howdifferent 5G security capabilities secure IoT communication and another importantfinding is that not all security capabilities are applicable to all IoT use cases. Hence,security capabilities to be used based on the 5G use case requirement.

IoT

Security

5G Security

5G Core Network

5G IoT

Authentication

Applications Security

Network Layer

Smart Factories

Smart Grid

Industry 4.0

Computer Systems

Datorsystem