Flexible Certificate Management for Secure HTTPS Client/Server Communication

Zhang, Jing

January 2005

<p>Certificate management is a crucial element in PKI implementations, which includes certificate generation, distribution, storage, and revocation. Most of the existing research has been focusing on the security aspect or the functionality and the structure of certificate management systems. Very little has looked at the actual user requirements for the system and how users can use the system conveniently and practically, which is actually a very important factor for the whole security system to work properly and to be widely accepted.</p><p>In this thesis we have designed a framework that provides a flexible certificate management for different security levels according to user requirements and situations, and with a user-friendly interface. A certificate management system CSA (Certificate Server Adapter) is implemented for HP OpenView Operations for Windows (OVO/Windows), which is a management software product provided by Hewlett-Packard. The CSA helps OVO/Windows to provide secure HTTPS client/server communication. Tests show that it offers a good enough security for all situations without compromise and, at the same time, the best convenience and flexibility are achieved. However, the CSA can be further improved to have a lifetime management of the created certificates, an enhanced user interface, and an API to plug-in other PKI solutions.</p>

Certificate Management

PKI

HTTPS

Computer science

Datavetenskap

Flexible Certificate Management for Secure HTTPS Client/Server Communication

Zhang, Jing

January 2005

Certificate management is a crucial element in PKI implementations, which includes certificate generation, distribution, storage, and revocation. Most of the existing research has been focusing on the security aspect or the functionality and the structure of certificate management systems. Very little has looked at the actual user requirements for the system and how users can use the system conveniently and practically, which is actually a very important factor for the whole security system to work properly and to be widely accepted. In this thesis we have designed a framework that provides a flexible certificate management for different security levels according to user requirements and situations, and with a user-friendly interface. A certificate management system CSA (Certificate Server Adapter) is implemented for HP OpenView Operations for Windows (OVO/Windows), which is a management software product provided by Hewlett-Packard. The CSA helps OVO/Windows to provide secure HTTPS client/server communication. Tests show that it offers a good enough security for all situations without compromise and, at the same time, the best convenience and flexibility are achieved. However, the CSA can be further improved to have a lifetime management of the created certificates, an enhanced user interface, and an API to plug-in other PKI solutions.

Certificate Management

PKI

HTTPS

Computer science

Datavetenskap

The complexity of test washback an empirical study

Tsagari, Dina

January 2007

Zugl.: Lancaster, Univ., Diss., 2007

Digital Receipts: A System to Detect the Compromise of Digital Certificates

Seeley, Nathaniel Allen

11 November 2006

The ease of copying digital materials creates difficulty in detecting the theft of digital certificates. Uneducated users frequently fail to protect their digital certificate keys by not encrypting them, storing them in insecure places, and using them unwisely. In addition, there is no way to prove that protocols involving certificates are completely secure. This thesis introduces a system to ameliorate these problems by detecting the compromise of digital certificates. It leverages dual logging messages sent via side channels to a trusted third party. This third party correlates these messages and automatically detects when an imposter presents a certificate based on the collected evidence.

authentication

digital certificate

X.509

Computer Sciences

Projekt systému bezpečného podniku / Safe Enterprise System Project

Bohovič, Adrian

January 2020

The diploma thesis put its focus on the origin of harmful species in food during the production processes, and their subsequent optimization thus, that ought to decrease the occurrence of risk in processes and thus not directly endanger the consumer. This thesis determines and optimizes the occurrence of hazards when handling non-standard products from Kysucké pekárne, a.s. By using a questionnaire, which is issued under the auspices of the National Labor Inspectorate and consequently assesses the level of health and safety to ensure that the company meets all the requirements in accordance with Safe Company certificate for the Slovak Republic, and this rank means that the researched company belongs among companies that are above standard in terms of safety. The work is divided into several parts. The theoretical part explains the concepts that are closely related to the researched area of the thesis - risk analysis, risk management, the definition of risks. The analytical part contains an analysis of the current situation in the researched company, analysis of the risks regarding the production process, processing of technical waste and lastly, an assessment of the level of health and safety. The practical part focuses on corrective measures in the processes of bread production, processing of technological waste and improving safety and health at work so that the company achieves the Safe Company certificate.

Hardwarové kryptografické moduly pro zabezpečení LAN / Hardware cryptographic modules for LAN security

Loutocký, Tomáš

January 2008

The thesis deal with the problems of virtual private network (VPN). The first part of the thesis is focused on the description of the basic terms of computer security which are useful for better understanding the other parts. There is a description of VPN technology and its separation of VPN by various aspects in the second part of the thesis. The next chapter is dedicated to the description of realization of VPN by using IPSec. There is shown how to secure laboratory network by using of the products of the Safenet Company in the practical part of the thesis. There are also stated the modular techniques how to use products in the network in practical part. Some of the modular techniques describe security weaknesses of the products which are possible to exploit in the laboratory network and they also describe the ways how to protect them against misusage.

Simple SSH Management

Collett, Torstein Calvin

14 June 2021

SSH certificates are used by administrators so connections to the server can be verified. This ensures that only authorized administrators can access the server and that the server being accessed is the intended machine. Current solutions for managing SSH certificates are focused on commercial use, which makes them cumbersome for small groups and individuals to use. These solutions require running multiple services that companies already use but add significant overhead for smaller groups. We developed a new standalone system that makes it easy to manage SSH certificates for small amounts of servers and users, without requiring additional servers to be deployed. We evaluated our system with a user study to demonstrate its ease of use. We hope that this implementation can help guide future research toward a more simplified certificate authentication system for SSH.

SSH

certificate-based-authentication

Physical Sciences and Mathematics

Impact of national senior certificate examination diagnostic report on learner performance in mathematics

Chihambakwe, Thabani

January 2017

A dissertation submitted to the Faculty of Education in partial fulfilment of the requirements for the Degree of Masters in the Department of Educational Psychology and Special Needs Education at the University Of Zululand, 2017 / The study sought to determine whether the use of the National Senior Certificate Examination Diagnostic Report (NSCEDR) in an intervention programme would improve the performance of learners in Mathematics. The study utilised a mixed method approach. An action research that employed a quasi-experiment, one group, pre-test and post-test research design was used. A total of 74 grade twelve learners, 46 girls and 28 boys, were selected and participated in an intervention programme for six weeks. Three NSCEDR documents, from 2014 to 2016, were used to determine the topics that were challenging to learners in Mathematics, as well as the errors and misconceptions made by learners in examinations. The topics that were challenging were identified together with their frequency in the three documents. The marks of the learners before and after the intervention programme were compared and analysed. The Statistical Package of Social Sciences (SPSS) and Excel were used to analyse the research data. The results of the study revealed that the use of the NSCEDR findings in the intervention programme improved the performance of the learners, while the impact was indifferent for boys and girls, and as well as for low performers and high performers. Trigonometry, Euclidean Geometry and Counting Principle were some of the most challenging topics in Grade 12 Mathematics that were identified from the NSCEDR. Based on these results, it was recommended that the NSCEDR should be readily available to all teachers to use, as their use in the classroom improved the performance of the learners.

Factors influencing learners’ performance in Geography in the National Senior Certificate Examination in selected public high schools within uThungulu District

Ahiaku, Philip Kwashi Atiso

January 2017

A dissertation submitted to the Faculty of Education in fulfillment of the requirements for the Degree of Master of Education (Geography) in the Department of Curriculum and Instructional Studies at the University of Zululand, 2017 / The purpose of this study was to identify factors that influence the low academic performance of learners in geography during the National Senior Certificate examination within the uThungulu District. The study made use of the national and district matriculation results from the examination directorate of the Department of Basic Education. The conceptualisation developed from the contemporary literature was used to develop instruments for data collection. A questionnaire was developed to collect views from Grade 12 geography educators on factors influencing learner performance in the district. It also solicited ideas about what should be done to improve learner performance in the subject. The second phase of data collection was qualitative study, which was conducted to augment the quantitative findings, which took place at the same time. Fifty (50) questionnaires were issued and only forty (40) educators responded and ten (10) other educators were taken through an interview. The district geography subject adviser was also interviewed. The results indicate that there are various factors that impede learner performances in geography in the district. The results from both descriptive and inferential statistics reveal factors such as educator characteristics, school management and resource availability, parental involvement in education and learner characteristics as emerging factors influencing the performance of learners in geography. Learners’ average matriculation (matric) results from the schools were estimated against educators’ characteristics such as qualifications, experience in teaching the subject, approaches used in teaching, and matric marking experience. The relationship between the independent and the dependent variables was determined using the t-test at 0.05 level of significance. The result indicated that in the uThungulu District learners’ performance in geography is strongly influenced by educators’ qualifications, and experience in matric marking. Findings from the this study were compared with the existing contemporary literature to enable the researcher to make recommendations to stakeholders to remedy deficiencies found to impede learners’ performance in geography in the National Senior Certificate in public high schools within the uThungulu District.

PKI/PMI AND SMART TOKENS IN HEALTHCARE INFORMATION SYSTEMS

Liu, Hailong, Qi, Wenhua, Zhang, Qishan, Wu, Jinpei

10 1900

International Telemetering Conference Proceedings / October 20-23, 2003 / Riviera Hotel and Convention Center, Las Vegas, Nevada / While healthcare industry is striving to achieve e-health systems for improvements in healthcare quality, cost, and access, privacy and security about medical records should be considered carefully. This paper makes a deep study of Public Key Infrastructures (PKIs) and Privilege Management Infrastructures (PMIs) and how they can secure e-health systems. To access resources, e.g. patient records, both authentication and authorization are needed, so public key certificates and attribute certificates are both required to protect healthcare information. From a typical medical scenario, we see not only static but also dynamic permissions are required. Dynamic authorization maybe the most complex problem in e-health systems.

security

PKI

PMI

public key certificate

attribute certificate

smart token

e-health

digital signature