Design and Implementation of VoIP System with Accounting Application and Load Balance

Wu, Cheng-Yang

15 July 2009

As the maturation of the VoIP technique, VoIP can not only satisfy the communicating requirement of telecommunication but also provide network multimedia services. In the VoIP technique, Session Initiation Protocol (SIP) is precisely one of main protocol that is proposed by Next Generation Network (NGN) to be the first choice of voice and multimedia network control protocol. SIP also may make the union with traditional PSTN even to substitute, and is easier to use and to operate for the PSTN user. In our research, we make a network billing system in view of the SIP environment, and with the increasing of the VoIP population, using single server is unable to afford so much loading. It is possible that the large load makes the service stop anytime. Using RADIUS (remote authentication dial-in user service), an AAA (authentication, authorization, accounting) protocol, can be used for conveying accounting information between an SIP proxy server and an accounting server. To make the VoIP service work anytime, through the features of DNS (Domain Name System) and RADIUS to achieve the service that load balancing and VoIP can be provided anytime.

Accounting

Authorization

VoIP

Authentication

The Abacus: A New Approach to Authorization

Siebach, Jacob Aaron Jess

09 August 2021

The purpose of this thesis is to investigate the implementation of digital authorization for computer systems, specifically how to implement an efficient and secure authorization engine that uses policies and attributes to calculate authorization. The architecture for the authorization engine is discussed, the efficiency of the engine is characterized by various tests, and the security model is reviewed against other presently existing models. The resulting efforts showed an increase in efficiency of almost two orders of magnitude, along with a reduction in the amount of processing power required to run the engine. The main focus of the work is how to provide precise, performant authorization using policies and attributes in a way that does not require the authorization engine to break domain boundaries by directly accessing data stores. Specifically, by pushing attributes from source domains into the authorization service, domains do not require the authorization service to have access to the data stores of the domain, nor is the authorization service required to have credentials to access data via APIs. This model also allows for a significant reduction in data motion as attributes need only be sent over the network once (when the attribute changes) as opposed to every time that the engine needs the attribute or every time that an attribute cache needs to be refreshed, resulting in a more secure way to store attributes for authorization purposes.

authorization

RBAC

ABAC

domain-driven design

attribute-based authorization

Engineering

Requirements for a secure and efficientAuthentication System for a large organizationJuan Carlos

Crespo, Juan Carlos

January 2010

<p>In this thesis, a full review on what are the minimum requirements needed to perform an Authentication System is explained. While building the system we have in consideration the users of it, the security needed for each of the resources that must be accessed by the users and what methods can be applied to access to these resources.</p><p>In basics, an Authentication System is built when we need to keep track to who is entering on an organization, the bigger the organization is and the more information must be keep  safe the more complex the system will be.</p><p>Although there are other methods, I tried to keep it easy and understandable for all the possible readers. With this, the reader will understand the basics that he need to keep in mind when implementing such a system like this. The organization in mind for the system is a University that consist between twenty two thousand (22.000) and twenty five thousand (25.000) users.</p>

Authentication

Authorization

Accounting

AAA

Identification

Network Security

Requirements for a secure and efficientAuthentication System for a large organizationJuan Carlos

Crespo, Juan Carlos

January 2010

In this thesis, a full review on what are the minimum requirements needed to perform an Authentication System is explained. While building the system we have in consideration the users of it, the security needed for each of the resources that must be accessed by the users and what methods can be applied to access to these resources. In basics, an Authentication System is built when we need to keep track to who is entering on an organization, the bigger the organization is and the more information must be keep  safe the more complex the system will be. Although there are other methods, I tried to keep it easy and understandable for all the possible readers. With this, the reader will understand the basics that he need to keep in mind when implementing such a system like this. The organization in mind for the system is a University that consist between twenty two thousand (22.000) and twenty five thousand (25.000) users.

Authentication

Authorization

Accounting

AAA

Identification

Network Security

Pharmacists' experience with the exception drug status (EDS) program in Saskatchewan

Perepelkin, Jason Paul

07 September 2005

<p>In 1999, Saskatchewan Health sanctioned licensed pharmacists in the province to initiate Exception Drug Status (EDS), also referred to as prior approval, requests on behalf of their patients. The objectives of this study were to obtain pharmacists opinions about the benefits of the EDS program to stakeholders, and to identify factors associated with pharmacists initiating a request.</p><p>In the fall of 2004, a census of community-pharmacy managers in Saskatchewan was conducted using a postal questionnaire, consisting of an introductory letter, two survey mailings and one reminder card. The questionnaire consisted primarily of seven-point Likert scale questions, and was analyzed using descriptive statistics and frequencies, followed by non-parametric analysis using Mann-Whitney U and Kruskal-Wallis tests; post-hoc analysis was carried out using the Bonferroni test.</p><p>A response rate of 82.6% was achieved. Those living in Saskatoon or Regina made up 39% of respondents, with another 39% located in centres of less than 5,000 people.</p><p>A majority of respondents (63%) agreed or strongly agreed the EDS program benefited patients and the Drug Plan (64%). Only 15%, 37% and 39% of respondents agreed or strongly agreed EDS benefits pharmacists, physicians and the health care system respectively.</p><p>Factors that were important or very important to pharmacists in deciding whether they would initiate an EDS request on behalf of their patient were: the ability of the pharmacist to obtain the required information to initiate the EDS request (77%); their ability to contact the prescribing physician (70%); and patient centred concerns such as the ability to pay (74%) or the patient had exceeded their deductible (66%). However, time (39%) was not as important relative to other factors in whether the pharmacist would apply for EDS on behalf of their patient.</p><p>The majority of respondents agreed or strongly agreed that changing the policy in 1999 was beneficial to patient care (71%), while it also contributed substantially to their administrative workload (87%). </p><p>The results of this study indicate community pharmacy managers in Saskatchewan acknowledge that the Exception Drug Status process is beneficial for their patients. While pharmacists were supportive of the benefits of an EDS program, their apprehensions towards the program lie in the administrative processes, particularly in obtaining the required information, from physicians, to submit a claim. There is also concern with the methods pharmacists must use to apply for EDS, which can be burdensome and prolong the administrative process.</p><p>To enhance pharmacists support for the program it may be necessary to develop strategies designed to reduce the administrative workload associated with the program, and to streamline the efficient communication of required information between the prescriber and pharmacist. Alternatively, financial compensation to pharmacists for their expertise and efforts might be considered; although this would not address the workload and communication concerns of pharmacists, it does provide recognition for their professional role in securing appropriate drug therapy for their patients.

community pharmacy

pharmacist

pharmaceutical policy

prior authorization

Pharmacists' experience with the exception drug status (EDS) program in Saskatchewan

Perepelkin, Jason Paul

07 September 2005

<p>In 1999, Saskatchewan Health sanctioned licensed pharmacists in the province to initiate Exception Drug Status (EDS), also referred to as prior approval, requests on behalf of their patients. The objectives of this study were to obtain pharmacists opinions about the benefits of the EDS program to stakeholders, and to identify factors associated with pharmacists initiating a request.</p><p>In the fall of 2004, a census of community-pharmacy managers in Saskatchewan was conducted using a postal questionnaire, consisting of an introductory letter, two survey mailings and one reminder card. The questionnaire consisted primarily of seven-point Likert scale questions, and was analyzed using descriptive statistics and frequencies, followed by non-parametric analysis using Mann-Whitney U and Kruskal-Wallis tests; post-hoc analysis was carried out using the Bonferroni test.</p><p>A response rate of 82.6% was achieved. Those living in Saskatoon or Regina made up 39% of respondents, with another 39% located in centres of less than 5,000 people.</p><p>A majority of respondents (63%) agreed or strongly agreed the EDS program benefited patients and the Drug Plan (64%). Only 15%, 37% and 39% of respondents agreed or strongly agreed EDS benefits pharmacists, physicians and the health care system respectively.</p><p>Factors that were important or very important to pharmacists in deciding whether they would initiate an EDS request on behalf of their patient were: the ability of the pharmacist to obtain the required information to initiate the EDS request (77%); their ability to contact the prescribing physician (70%); and patient centred concerns such as the ability to pay (74%) or the patient had exceeded their deductible (66%). However, time (39%) was not as important relative to other factors in whether the pharmacist would apply for EDS on behalf of their patient.</p><p>The majority of respondents agreed or strongly agreed that changing the policy in 1999 was beneficial to patient care (71%), while it also contributed substantially to their administrative workload (87%). </p><p>The results of this study indicate community pharmacy managers in Saskatchewan acknowledge that the Exception Drug Status process is beneficial for their patients. While pharmacists were supportive of the benefits of an EDS program, their apprehensions towards the program lie in the administrative processes, particularly in obtaining the required information, from physicians, to submit a claim. There is also concern with the methods pharmacists must use to apply for EDS, which can be burdensome and prolong the administrative process.</p><p>To enhance pharmacists support for the program it may be necessary to develop strategies designed to reduce the administrative workload associated with the program, and to streamline the efficient communication of required information between the prescriber and pharmacist. Alternatively, financial compensation to pharmacists for their expertise and efforts might be considered; although this would not address the workload and communication concerns of pharmacists, it does provide recognition for their professional role in securing appropriate drug therapy for their patients.

community pharmacy

pharmacist

pharmaceutical policy

prior authorization

Authentication Via Multiple Associated Devices

Subils, Jean-Baptiste

16 September 2015

This thesis presents a practical method of authentication utilizing multiple devices. The factors contributing to the practicality of the method are: the utilization of devices already commonly possessed by users and the amenability to being implemented on a wide variety of devices. The term “device” refers to anything able to perform cryptographic operations, store data, and communicate with another such device. In the method presented herein, multiple devices need to be associated with a single user to provide this user an identity in the system. A public key infrastructure is used to provide this identity. Each of the devices associated with a user possesses a public and private key which allow cryptographic operations to be performed. These operations include signing and encrypting data and will prove the identity of each device. The addition of these identities helps authenticate a single user. A wide variety of devices qualifies to be used by this authentication method. The minimum requirements are: the storage of data such as a private key, the ability to communicate, and a processor to perform the cryptographic operations. Smart devices possess these requirements and the manufacture of such devices can be realized at a reasonable cost. This method is malleable and implemented in numerous authentication protocols. This thesis illustrates and explains several instances of these protocols. The method’s primary novelty is its resistance to theft-based attacks, which results from the utilization of multiple devices to authenticate users. A user associated with multiple devices needs to be in possession of these devices to correctly perform the authentication task. This thesis focuses on the system design of this novel authentication method.

Security

access control

authorization

Computer Sciences

Privacy Preserving Information Sharing in Modern and Emerging Platforms

Tian, Yuan

01 May 2018

Users share a large amount of information with modern platforms such as web platforms and social platforms for various services. However, they face the risk of information leakage because modern platforms still lack proper security policies. Existing security policies, such as permission systems and isolation, can help regulate information sharing. However, these policies have problems, such as coarse granularity, bad usability, and incompleteness, especially when new features are introduced. I investigate the security impacts of new features in web and mobile platforms and find design problems that lead to user information leakage. Based on these analyses, I propose design principles for permission systems that mediate how information should be shared in modern and emerging platforms, such as web and social platforms, to provide functionality with privacy preserved. I aim to design permission systems that only allow least-privilege information access. Specifically, I utilize program analysis and natural language processing to understand how applications use sensitive data and correlate these data with their functionality. With this understanding, I design schemes that ask for user consent about unexpected information access and automatically reduce overprivileged access. I provide guidelines for platform designers to build their permission systems according to respective adversary models and resources. In particular, I implement the new permission system for social platforms and Internet of Things (IoT) platforms that enable least-privilege information sharing. For the social platforms, I incorporate the primitives of Opaque handle, Opaque display, and User-driven access control (OOU) to design a least-privilege, user-friendly, developer-friendly, and feature-rich permission system. According to my study on Facebook, OOU can be applied to remove or replace 81.2% of sensitive permission instances without affecting functionality. For IoT platforms, I present a new authorization framework, SmartAuth, that supports user-centric, semantic-based authorization. SmartAuth automatically collects security-relevant information from an IoT application’s description, code, and annotations, and generates an authorization user interface to bridge the gap between the functionalities explained to the user and the operations the application actually performs.

Authorization

IoT security

Privacy protection

Security and Privacy

The Impact of Precertification on a Large Multispecialty Physician Group: An Illustrative Case Study

Price, Georganna Lynn

26 April 2021

No description available.

Health Care

Health Care Management

precertification

authorization

Secure Multi-party Authorization in Clouds

Lin, Wenjie

22 May 2015

No description available.

Computer Science

authorization

clouds

security

protocol