Spelling suggestions: "subject:"computer networks -- 2security measures"" "subject:"computer networks -- bsecurity measures""
111 |
Distributed authentication for resource controlBurdis, Keith Robert January 2000 (has links)
This thesis examines distributed authentication in the process of controlling computing resources. We investigate user sign-on and two of the main authentication technologies that can be used to control a resource through authentication and providing additional security services. The problems with the existing sign-on scenario are that users have too much credential information to manage and are prompted for this information too often. Single Sign-On (SSO) is a viable solution to this problem if physical procedures are introduced to minimise the risks associated with its use. The Generic Security Services API (GSS-API) provides security services in a manner in- dependent of the environment in which these security services are used, encapsulating security functionality and insulating users from changes in security technology. The un- derlying security functionality is provided by GSS-API mechanisms. We developed the Secure Remote Password GSS-API Mechanism (SRPGM) to provide a mechanism that has low infrastructure requirements, is password-based and does not require the use of long-term asymmetric keys. We provide implementations of the Java GSS-API bindings and the LIPKEY and SRPGM GSS-API mechanisms. The Secure Authentication and Security Layer (SASL) provides security to connection- based Internet protocols. After finding deficiencies in existing SASL mechanisms we de- veloped the Secure Remote Password SASL mechanism (SRP-SASL) that provides strong password-based authentication and countermeasures against known attacks, while still be- ing simple and easy to implement. We provide implementations of the Java SASL binding and several SASL mechanisms, including SRP-SASL.
|
112 |
Evaluation of virtual private network impact on network performanceNawej, Mukatshung Claude 09 1900 (has links)
The aim of the study is to investigate what impact the use of VPN has on network performance. An empirical investigation using quantitative research methods was carried out. Two sample scenarios were involved in the study: scenario without VPN and scenario with VPN. In both scenarios, three applications were used in turns, an HTTP, an FTP, and a CBR. FTP was configured to use window size and packet size, while CBR used connection rate and packet size. On the other side, the number of connection was the only parameter used for HTTP. These applications were injected in a 100 Mbps fixed link of an NS2 simulation environment. Throughput and delay averages were measured respectively for the two scenarios and values compared using Student’s t-test.
While the TCP and HTTP throughputs were found decreasing, the UDP throughput was not affected by the presence of this VPN. Concerning the delay; the TCP, UDP and HTTP delay were found increasing. / Electrical Engineering / M. Tech. (Electrical Engineering (Computer Systems))
|
113 |
Segurança em redes sem fio: estudo sobre o desenvolvimento de conjuntos de dados para comparação de IDSVilela, Douglas Willer Ferrari Luz [UNESP] 05 December 2014 (has links) (PDF)
Made available in DSpace on 2015-07-13T12:10:14Z (GMT). No. of bitstreams: 0
Previous issue date: 2014-12-05. Added 1 bitstream(s) on 2015-07-13T12:25:33Z : No. of bitstreams: 1
000836349.pdf: 1934096 bytes, checksum: c3f7c0657f64390bf9abd2cc13136962 (MD5) / O crescimento vertiginoso da tecnologia de redes sem fio tem sido muito significativo nos últimos anos, sua utilização ocorre em diversos setores da sociedade. O padrão IEEE 802.11 destaca-se nesse cenário. No entanto, os mecanismos de proteção empregados por este padrão de rede sem fio não tem apresentado eficiência no combate a ataques de negação de serviço. Os sistemas de detecção de intrusão são vistos como uma forma eficaz de minimizar essas ameaças. Nesta pesquisa foi proposta a construção de três conjuntos de dados que represente de forma significativa o tráfego de rede sem fio. Os conjuntos gerados têm finalidade de auxiliar na avaliação de algoritmos de detecção de intrusos para redes sem fio. Para a construção dos conjuntos de dados foram implementados três cenários de redes sem fio, todos em ambientes reais e operacionais. Em cada cenário foi habilitado um mecanismo de segurança: cenário 1 protocolo WEP, cenário 2 foi utilizado IEEE 802.11i e cenário 3 o IEEE 802.11i associada à emenda IEEE 802.11w. A escolha por cenários diferentes e divisão dos conjuntos de acordo com os ambientes tem a finalidade analisar a evolução dos mecanismos de segurança. Com isto é possível categorizar cada ambiente. Após a construção dos ambientes de rede sem fio foi inoculado tráfego de rede normal e anômalo, com isto iniciou-se a coleta dos dados. Com os dados coletados foi realizado um pré-processamento de cada conjunto capturando apenas os quadros do cabeçalho Media Access Control - MAC do IEEE 802.11. A escolha foi definida em virtude de este quadro possuir características especifica das redes sem fio. Para validar os conjuntos de dados foram empregadosalgoritmos de classificação e reconhecimento de padrões. Os algoritmos empregados na validação foram Multilayer Perceptron - MLP, Radial Basis Function - RBF e Bayes Net. Os resultados obtidos com a avaliação dos conjuntos de dados gerados... / The fast growth of wireless network technology has been very significant lately, its occurs in diverse sectors of society. The standard IEEE 802.11 stands out in this scenario. However, the protection mechanisms employed by this standard wireless network has not shown effectiveness in combating denial of service attacks. The intrusion detection systems are seen as an effective way to minimize these threats. We proposed in this research to build three data sets, which represent traffic wireless network. The sets are generated auxiliary purpose in assessing intrusion detection algorithms for wireless networks. For the construction of the data sets three scenarios of wireless networks, all in real operational environments and have been implemented. In each scenario was one enabled security mechanisms: WEP protocol scenario 1, scenario 2 was used IEEE 802.11i scenario 3 the associated IEEE 802.11i amendment to the IEEE 802.11w. The choice of different sets of scenarios and divide according to the environments aims to analyze the evolution of the security mechanisms. This makes it possible to categorize each environment. After the construction of wireless network environments normal and anomalous traffic were inoculated and thus collect the data. With the collected data pre-processing each set only extracting the frames from the MAC header was conducted. The choice was defined as this has specific characteristics of wireless networks. To validate the data sets and sorting algorithms were employed pattern recognition. The algorithms were used in the validation MLP, RBF and Bayes Net. The results obtained from the evaluation of the generated data sets demonstrate that the proposed approach is quite promising
|
114 |
Analysis of a South African cyber-security awareness campaign for schools using interdisciplinary communications frameworksLeppan, Claudette January 2017 (has links)
To provide structure to cyber awareness and educational initiatives in South Africa, Kortjan and Von Solms (2014) developed a five-layer cyber-security awareness and education framework. The purpose of the dissertation is to determine how the framework layers can be refined through the integration of communication theory, with the intention to contribute towards the practical implications of the framework. The study is approached qualitatively and uses a case study for argumentation to illustrate how the existing framework can be further developed. Drawing on several comprehensive campaign planning models, the dissertation illustrates that not all important campaign planning elements are currently included in the existing framework. Proposed changes in the preparation layer include incorporating a situational and target audience analysis, determining resources allocated for the campaign, and formulating a communication strategy. Proposed changes in the delivery layer of the framework are concerned with the implementation, monitoring and adjustment, as well as reporting of campaign successes and challenges. The dissertation builds on, and adds to, the growing literature on the development of campaigns for cyber-security awareness and education aimed at children.
|
115 |
User-centred design to engender trust in e-commerceObioha, Chinonye Leuna January 2016 (has links)
Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2016. / Consumer trust is a core element for any e-commerce website. This study aimed to explore attributes of business-to-consumers (B2C) e-commerce websites that can communicate and engender trust from the users’ perspective using user-centred design. E-commerce websites are known to have features such as security certificates and encryption methods to ensure trust, but this requires technical knowhow to understand. The technologies used to develop websites have improved so far, but it has little effect on improving the trust of the users of e-commerce mostly in developing countries (Africa in particular). E-commerce users do not realise that these features have been put in place for the trustworthiness of the websites which contributes to their reluctance to conduct business transactions online, thus reducing their buying intentions. There is a need to design e-commerce websites to communicate/ convey trust from the users’ perspective. The study explored various sources of data to obtain insight and understanding of the research problem—user-centred design (UCD) group activity with users, interviews with developers, and secondary prior literature. Using UCD as the main methodology, an intensive UCD workshop activity with a group of eight e-commerce users was carried out. Furthermore, to obtain the view of experts (developers) on what is currently done to engender trust in B2C e-commerce websites, interviews with four respondents were also carried out. These interviews were intended to reduce any prejudice or bias and to obtain a clearer understanding of the phenomenon being studied. The findings from the study revealed six main attributes to engender trust, namely aesthetics design, security and information privacy, functionality design, trustworthiness based on content, development process, and vendor attributes. Proposed guidelines for each of the attributes were outlined. The findings from the users showed that those who were acquainted with the e-commerce technologies were those whose backgrounds are computer and technology related. Most users focused on aesthetics design, functionality, and security of their privacy and private details. Less emphasis was placed on the technology behind the e-commerce websites. Users use their aesthetic and cognitive value in their judgement for trust. The findings from the research were further validated using the Domestication of Technology Theory (DTT), which resulted in the development of a user-centred e-commerce trust model.
|
116 |
A framework for software patch management in a multi-vendor environmentHughes, Grant Douglas January 2016 (has links)
Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2016. / Software often requires patches to be installed post-implementation for a variety of reasons. Organisations and individuals, however, do not always promptly install these patches as and when they are released. This study investigated the reasons for the delay or hesitation, identified the challenges, and proposed a model that could assist organisations in overcoming the identified challenges. The research investigated the extent to which the integration of software patch management and enterprise data security is an important management responsibility, by reviewing relevant documents and interviewing key role players currently involved in the patch management process. The current challenges and complexities involved in patch management at an enterprise level could place organisations at risk by compromising their enterprise-data security.
This research primarily sought to identify the challenges causing the management of software patches to be complex, and further attempted to establish how organisations currently implement patch management. The aim of the study was to explore the complexities of software patch management in order to enhance enterprise data security within organisations. A single case study was used, and data were obtained from primary sources and literature. The study considered both technological and human factors, and found that both factors play an equally important role with regard to the successful implementation of a patch management program within an organisation.
|
117 |
Managing infrastructure risks in information communication technology outsourced projects : a case study at Transnet, South AfricaBasson, Delton Jade January 2017 (has links)
Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2017. / The balance between the dependency on Information and Communications Technology (ICT) and reducing costs has led to an increase in ICT outsourcing in many organisations. ICT outsourcing has benefits, but organisations have limited knowledge on information security and risks when outsourcing these functions. A lack of information security knowledge or a poor organisational risk culture carries the risk of project failure and security breaches. It is unclear how to manage information risks through the usage of ICT infrastructure risk management when outsourcing ICT projects, and this exposes organisations to ICT security risks. The aim of the study is to explore how a selected transport organisation can manage information risks through the usage of infrastructure risk management when outsourcing ICT projects.
Two primary research questions are posed namely, “what information risks does the ICT department manage when outsourcing ICT projects?”, and “how can the ICT department protect their information through the usage of infrastructure risk management against ICT security threats when outsourcing ICT?” To answer these two questions, a study was conducted at a transport organisation in South Africa. A subjective ontological and interpretivist epistemological stance has been adopted and an inductive research approach was followed. The research strategy was a case study. Data for this study was gathered through interviews (17 in total) using semi-structured questionnaires. Data collected were transcribed, summarised, and categorised to provide a clear understanding of the data.
For this study, forty findings and eight themes were identified. The themes are ICT outsourcing, information risks, costs, ICT vendor dependency, vendor access and management, risk management, user awareness, and frameworks. Guidelines are proposed, comprising six primary components.
The results point to gaps that need to be addressed to ensure that information is protected when outsourcing ICT projects. Measures need to be put in place and communication has to be improved among operating divisions. The findings lead to questions such as, ““how does business create an ICT security culture to ensure that information is protected at all times”, and “does vendor access management really get the necessary attention it requires?” Further studies on human behaviour towards ICT security is needed to ensure the protection of organisations against security risks.
|
118 |
Segurança em redes sem fio: estudo sobre o desenvolvimento de conjuntos de dados para comparação de IDS /Vilela, Douglas Willer Ferrari Luz. January 2014 (has links)
Orientador: Aílton Akira Shinoda / Co-orientador: Ed' Wilson Tavares Ferreira / Banca: Christiane Marie Schweitzer / Banca: Valtemir Emerencio do Nascimento / Resumo: O crescimento vertiginoso da tecnologia de redes sem fio tem sido muito significativo nos últimos anos, sua utilização ocorre em diversos setores da sociedade. O padrão IEEE 802.11 destaca-se nesse cenário. No entanto, os mecanismos de proteção empregados por este padrão de rede sem fio não tem apresentado eficiência no combate a ataques de negação de serviço. Os sistemas de detecção de intrusão são vistos como uma forma eficaz de minimizar essas ameaças. Nesta pesquisa foi proposta a construção de três conjuntos de dados que represente de forma significativa o tráfego de rede sem fio. Os conjuntos gerados têm finalidade de auxiliar na avaliação de algoritmos de detecção de intrusos para redes sem fio. Para a construção dos conjuntos de dados foram implementados três cenários de redes sem fio, todos em ambientes reais e operacionais. Em cada cenário foi habilitado um mecanismo de segurança: cenário 1 protocolo WEP, cenário 2 foi utilizado IEEE 802.11i e cenário 3 o IEEE 802.11i associada à emenda IEEE 802.11w. A escolha por cenários diferentes e divisão dos conjuntos de acordo com os ambientes tem a finalidade analisar a evolução dos mecanismos de segurança. Com isto é possível categorizar cada ambiente. Após a construção dos ambientes de rede sem fio foi inoculado tráfego de rede normal e anômalo, com isto iniciou-se a coleta dos dados. Com os dados coletados foi realizado um pré-processamento de cada conjunto capturando apenas os quadros do cabeçalho Media Access Control - MAC do IEEE 802.11. A escolha foi definida em virtude de este quadro possuir características especifica das redes sem fio. Para validar os conjuntos de dados foram empregadosalgoritmos de classificação e reconhecimento de padrões. Os algoritmos empregados na validação foram Multilayer Perceptron - MLP, Radial Basis Function - RBF e Bayes Net. Os resultados obtidos com a avaliação dos conjuntos de dados gerados... / Abstract: The fast growth of wireless network technology has been very significant lately, its occurs in diverse sectors of society. The standard IEEE 802.11 stands out in this scenario. However, the protection mechanisms employed by this standard wireless network has not shown effectiveness in combating denial of service attacks. The intrusion detection systems are seen as an effective way to minimize these threats. We proposed in this research to build three data sets, which represent traffic wireless network. The sets are generated auxiliary purpose in assessing intrusion detection algorithms for wireless networks. For the construction of the data sets three scenarios of wireless networks, all in real operational environments and have been implemented. In each scenario was one enabled security mechanisms: WEP protocol scenario 1, scenario 2 was used IEEE 802.11i scenario 3 the associated IEEE 802.11i amendment to the IEEE 802.11w. The choice of different sets of scenarios and divide according to the environments aims to analyze the evolution of the security mechanisms. This makes it possible to categorize each environment. After the construction of wireless network environments normal and anomalous traffic were inoculated and thus collect the data. With the collected data pre-processing each set only extracting the frames from the MAC header was conducted. The choice was defined as this has specific characteristics of wireless networks. To validate the data sets and sorting algorithms were employed pattern recognition. The algorithms were used in the validation MLP, RBF and Bayes Net. The results obtained from the evaluation of the generated data sets demonstrate that the proposed approach is quite promising / Mestre
|
119 |
Framework de kernel para auto-proteção e administração em um sistema de segurança imunológico / A kernel framework for administration and selfprotection for a immunological security systemPereira, André Augusto da Silva, 1986- 23 August 2018 (has links)
Orientador: Paulo Lício de Geus / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-23T23:09:29Z (GMT). No. of bitstreams: 1
Pereira_AndreAugustodaSilva_M.pdf: 2078139 bytes, checksum: 3b321df6a81e4d3aaa8cf753b119f8a1 (MD5)
Previous issue date: 2013 / Resumo: O resumo poderá ser visualizado no texto completo da tese digital / Abstract: The complete abstract is available with the full electronic document / Mestrado / Ciência da Computação / Mestre em Ciência da Computação
|
120 |
Artificial intelligence and knowledge management principles in secure corporate intranetsBarry, Christopher 23 February 2010 (has links)
M.Sc. (Computer Science) / Corporations throughout the world are facing numerous challenges in today’s competitive marketplace and are continuously looking for new and innovative means and methods of gaining competitive advantage. One of the means used to gain this advantage is that of information technology, and all the associated technologies and principles. These are primarily used to facilitate business processes and procedures that are designed to provide this competitive advantage. Significant attention has been given to each of the individual technologies and principles of Artificial Intelligence, Knowledge Management, Information Security, and Intranets and how they can be leveraged in order to improve efficiency and functionality within a corporation. However, in order to truly reap the benefits of these technologies and principles, it is necessary to look at them as a collaborative system, rather as individual components. This dissertation therefore investigates each of these individual technologies and principles in isolation, as well as in combination with each other to outline potential advantages, associated risks, and disadvantages when combining them within the corporate world. Based on these, the Intelligently Generated Knowledge (IGK) framework is outlined to implement such a collaborative system. Thereafter, an investigation of a theoretical situation is conducted based on this framework to examine the impact of the implementation of this type of collaborative system. The potential increase in cost savings, efficiency and functionality of corporations that would employ the IGK framework is clearly outlined in the theoretical example, and should this approach be adopted, it would be able to provide significant competitive advantage for any corporation.
|
Page generated in 0.0678 seconds