Global ETD Search

1	Visually sealed and digitally signed electronic documents: Building on Asian tradition. Liu, Yin - Miao January 2004 (has links) E-commerce has developed through the use of digital signatures, employing various forms of Public Key Infrastructure (PKI) to ensure the secure usage of digital signatures. Digital signatures are designed to facilitate the functions of traditional seals and handwritten signatures for the purposes of authentication, data integrity, and non-repudiation within the e-commerce environment. Historically, the authenticity of documentation has always been verified by the application of a recognisable visual stimulus to the document; however, the current digital signature regime overlooks the importance of this analogous sense of visualisation. One of the primary problems with existing digital signatures is that a digital signature does not "feel" like, or resemble, a traditional seal to the human observer, as it does not have a personal, recognisable, or aesthetic sense of visualisation. Currently, digital signatures, such as the OpenPGP (Pretty Good Privacy) digital signature, are attached to the end of an electronic document as a stream of printable ASCII characters. (RFC2440) This appears to the average user as a long, incomprehensible string of random characters offering no sense of identity or ownership by simple visual inspection. Additionally, digital signatures change each time they are applied, in contrast to traditional seals that remain consistent personal identifiers associated with individual signatories. The goal of this research is to promote enhancements to existing digital signature schemes in order to bridge the cultural gap between traditional seals and digital signatures. Culturally friendly features integrated into the digital signature have the potential to increase user acceptability of global e-commerce. This research investigates traditional seal cultures within the context of modern digital signatures, identifying the need to develop a new, culturally friendly, visualised digital signature scheme. The principles behind digital signatures are reviewed and the essential roles and responsibilities of a PKI are addressed. A practical analysis of PKI implementation is also essential. Taiwan is selected as the focus of this research since its heritage is deeply rooted in, and strongly adheres to the Chinese seal culture. The Taiwanese government is in the process of adapting the traditional seal certificate system to the electronic digital signature system. Therefore it is pertinent to review the PKI implementation and digital signatures applications in Taiwan in this study. The purpose of this research is to make the intangible digital signature virtually tangible; i.e., to incorporate visualisation into the current digital signature practice. This research defines new private extensions to the X.509 v3 certificate, recommending that conforming visualised digital signature applications should then be developed to generate and/or recognise visual digital certificates in support of the proposed visualised digital signature scheme. The processes of visualised digital signature creation and of verification through the application of the visualised digital certificate are then explained. This is accompanied by a model of system analysis for developers of conforming implementations of this specification. This allows developers the freedom to select appropriate developing tools. An analysis of this research evaluates the quality of integrity, security, interoperability, performance, and flexibility offered by this proposal.Future directions for furthering research development conclude this dissertation. seals signatures signets biblical seals Western seals Chinese seals Japanese seals Digital signatures visualised signing and verification visualised digital signatures visualised digital certificates PKI
2	Towards Efficient Certificate Revocation Status Validation in Vehicular Ad Hoc Networks with Data Mining Zhang, Qingwei 26 November 2012 (has links) Vehicular Ad hoc Networks (VANETs) are emerging as a promising approach to improving traffic safety and providing a wide range of wireless applications for drivers and passengers. To perform reliable and trusted vehicular communications, one prerequisite is to ensure a peer vehicle’s credibility by means of digital certificates validation from messages that are sent out by other vehicles. However, in vehicular communication systems, certificates validation is more time consuming than in traditional networks, due to the fact that each vehicle receives a large number of messages in a short period of time. Another issue that needs to be addressed is the unsuccessful delivery of information between vehicles and other entities on the road as a result of their high mobility rate. For these reasons, we need new solutions to accelerate the process of certificates validation. In this thesis, we propose a certificate revocation status validation scheme using the concept of clustering; based on data mining practices, which can meet the aforementioned requirements. We employ the technique of k -means clustering to boost the efficiency of certificates validation, thereby enhancing the security of a vehicular ad hoc network. Additionally, a comprehensive analysis of the security of the proposed scheme is presented. The analytical results demonstrate that this scheme can effectively improve the validation of certificates and thus secure the vehicular communication in vehicular networks. VANETs digital certificates Certificate Revocation List k-Means authentication certificate validation
3	Towards Efficient Certificate Revocation Status Validation in Vehicular Ad Hoc Networks with Data Mining Zhang, Qingwei January 2012 (has links) Vehicular Ad hoc Networks (VANETs) are emerging as a promising approach to improving traffic safety and providing a wide range of wireless applications for drivers and passengers. To perform reliable and trusted vehicular communications, one prerequisite is to ensure a peer vehicle’s credibility by means of digital certificates validation from messages that are sent out by other vehicles. However, in vehicular communication systems, certificates validation is more time consuming than in traditional networks, due to the fact that each vehicle receives a large number of messages in a short period of time. Another issue that needs to be addressed is the unsuccessful delivery of information between vehicles and other entities on the road as a result of their high mobility rate. For these reasons, we need new solutions to accelerate the process of certificates validation. In this thesis, we propose a certificate revocation status validation scheme using the concept of clustering; based on data mining practices, which can meet the aforementioned requirements. We employ the technique of k -means clustering to boost the efficiency of certificates validation, thereby enhancing the security of a vehicular ad hoc network. Additionally, a comprehensive analysis of the security of the proposed scheme is presented. The analytical results demonstrate that this scheme can effectively improve the validation of certificates and thus secure the vehicular communication in vehicular networks. VANETs digital certificates Certificate Revocation List k-Means authentication certificate validation
4	Methods to improve certificate linkage and revocation procedures in vehiculat networks. / Métodos para melhorar os procedimentos de ligação e revogação de certificados em redes veiculares. Ferraz, Leonardo Tórtora Devienne 19 February 2019 (has links) Vehicular communication technologies, also called Vehicle-to-everything (V2X) systems, are expected to become common in the future, providing better effciency and safety in transportation. This envisioned large-scale deployment, however, critically depends on addressing some requirements. For example, to prevent abuse by drivers, messages exchanged among authorized vehicles must be authenticated, which implies the need of a Vehicular Public Key Infrastructure (VPKI). Unlike traditional Public Key Infrastructures (PKIs), though, VPKIs are also expected to preserve the drivers\' privacy; in particular, neither eavesdroppers or system entities should be able to easily identify or track the movements of vehicles using non-revoked certificates. One promising VPKI solution, which copes with such requirements and is among the main candidates for standardization in the United States and Europe, is Security Credential Management System (SCMS). In this thesis, aiming to address shortcomings identified in the SCMS architecture, three main contributions are provided. First, a mechanism for improving the exibility of revocation is described, allowing certificates and their owner\'s privacy to be temporarily revoked in an eficient manner; this functionality is useful, for example, in case a software malfunction is detected and a patch still needs to be released. Second, two birthday attacks against SCMS\'s certificate revocation process are detailed and then fixed, thus preventing the system\'s security degradation with the number of issued and revoked certificates. Finally, a method is proposed which simplifies SCMS\'s system architecture, removing the need for the so-called Linkage Authorities (LAs); this not only reduces the cost for SCMS\'s deployment, but also improves its security and privacy due to the removal of one potential point of failure/collusion. / Espera-se que as tecnologias de comunicação veicular, também chamadas de sistemas V2X (Vehicle-to-everything, em inglês), se tornem comuns no futuro, proporcionando melhor eficiência e segurança no transporte. Essa implantação planejada em larga escala, no entanto, depende criticamente de abordar alguns requisitos. Por exemplo, para prevenir abusos por motoristas, mensagens trocadas entre veículos autorizados devem ser autenticadas, o que implica na necessidade de uma Infraestrutura de Chaves Públicas Veicular (VPKI, do inglês, Vehicular Public Key Infrastructure). Diferente de Infraestruturas de Chaves Públicas (ICPs) tradicionais, porém, é esperado também que as VPKIs preservem a privacidade dos motoristas; em particular, que nem bisbilhoteiros, nem entidades do sistema possam identificar veículos ou rastrear seus movimentos facilmente utilizando certificados n~ao revogados. Uma solução promissora para VPKI, que lida com tais requisitos e está entre os principais candidatos para padronização nos Estados Unidos e na Europa é o Sistema de gerenciamento de credenciais de segurança (SCMS, do inglês, Security Credential Management System). Nessa dissertação, com o objetivo de abordar deficiências identificadas na arquitetura do SCMS, são fornecidas três contribuições principais. Primeiro, um mecanismo para melhorar a exibilidade do processo de revogação é descrito, permitindo que certificados e a privacidade de seus proprietários sejam revogados temporariamente de maneira eficiente; essa funcionalidade é útil, por exemplo, em caso de uma falha de software ser detectada e ser necessário a liberação de uma correção. Em segundo lugar, dois ataques do aniversário contra o processo de revogação do SCMS são detalhados e posteriormente corrigidos, assim, prevenindo a degradação de segurança do sistema com o número de certificados emitidos e revogados. Por fim, é proposto um método que simplifica a arquitetura do sistema SCMS, removendo a necessidade das chamadas Autoridades de Ligação (LAs, do inglês, Linkage Authorites); o que não só reduz o custo de implantação do SCMS, mas também aumenta sua segurança e privacidade devido à remoção de um potencial ponto de falha/conluio. Autonomous vehicles Birthday attacks Emissão de certificados digitais Issuing digital certificates Network security Privacidade revogável. Revocable privacy Segurança de redes Veículos autônomos
5	Um servi?o de certifica??o digital para plataformas de middleware Batista, Caio Sergio de Vasconcelos 19 May 2006 (has links) Made available in DSpace on 2014-12-17T15:48:08Z (GMT). No. of bitstreams: 1 CaioSVB.pdf: 870470 bytes, checksum: a842971c4d35e47c9f8084ff650e5651 (MD5) Previous issue date: 2006-05-19 / Nowadays due to the security vulnerability of distributed systems, it is needed mechanisms to guarantee the security requirements of distributed objects communications. Middleware Platforms component integration platforms provide security functions that typically offer services for auditing, for guarantee messages protection, authentication, and access control. In order to support these functions, middleware platforms use digital certificates that are provided and managed by external entities. However, most middleware platforms do not define requirements to get, to maintain, to validate and to delegate digital certificates. In addition, most digital certification systems use X.509 certificates that are complex and have a lot of attributes. In order to address these problems, this work proposes a digital certification generic service for middleware platforms. This service provides flexibility via the joint use of public key certificates, to implement the authentication function, and attributes certificates to the authorization function. It also supports delegation. Certificate based access control is transparent for objects. The proposed service defines the digital certificate format, the store and retrieval system, certificate validation and support for delegation. In order to validate the proposed architecture, this work presents the implementation of the digital certification service for the CORBA middleware platform and a case study that illustrates the service functionalities / Atualmente, plataformas de integra??o de componentes, tamb?m chamadas de plataformas de middleware, t?m tido um importante papel no suporte ao desenvolvimento de sistemas distribu?dos. Em rela??o a controle de acesso, plataformas de middleware t?m utilizado certificados digitais, para verificar a autenticidade de um elemento, em conjunto com controle de acesso baseado em pap?is, para identificar quais opera??es poder?o ser acessadas por tal elemento. Apesar dos certificados terem um papel fundamental no suporte a seguran?a em plataformas de middleware, a maioria delas n?o define requisitos para obten??o, manuten??o, valida??o e delega??o de certificados. Esse trabalho tem como objetivo propor um servi?o gen?rico para certifica??o digital em plataformas de middleware. Esse servi?o deve oferecer flexibilidade atrav?s do uso conjunto de certificados de chave p?blica e certificados de atributos de forma a distinguir a fun??o de autentica??o da fun??o de autoriza??o. Os certificados de atributos d?o suporte ao controle de acesso baseado em pap?is. A flexibilidade tamb?m deve ser endere?ada atrav?s do suporte a delega??o. Na implementa??o para diferentes plataformas de middleware o controle de acesso baseado em certificados deve funcionar de forma transparente para os objetos. De forma a validar o servi?o pretende-se implement?-lo e test?-lo no contexto da plataforma de middleware CORBA, amplamente utilizada atualmente Middleware Seguran?a Certificados digitais CORBA Middleware Security Digital certificates CORBA
6	Plataforma basada en Blockchain de emisión y validación de certificados digitales De la Rosa Rojas, Nathaly, Goñi Villena, Dora Yuliana, Kobayashi Gutierrez, Alfred Hayoshi, Merino Ortecho, Javier Estuardo 11 November 2021 (has links) La facilidad con la que se puede falsificar una credencial o certificado académico, gracias a la evolución del software de diseño gráfico y la facilidad para compartir ese documento en redes sociales o agregarlo a un curriculum vitae, obliga a las instituciones académicas a implementar procesos cada vez más burocráticos y costosos que aseguren la fiabilidad de los documentos que emiten. En el presente trabajo de investigación planteamos un caso de negocio para la construcción de una Plataforma basada en Blockchain para la generación de certificados digitales con las características de seguridad, inviolabilidad, transparencia, trazabilidad, disminución de esfuerzo y costos en la generación de los certificados. Realizamos una investigación para conocer cuál es el estado del arte en el uso de Blockchain para la emisión de certificados digitales, creamos un marco teórico que nos aclara los conceptos relacionados a la investigación, haciendo énfasis en el potencial de Blockchain para asegurar una identidad digital autosoberana y luego desarrollamos el caso de negocio a través de un análisis estratégico que nos permite definir la factibilidad técnica y del negocio de la plataforma. Finalmente, desarrollamos un análisis de viabilidad económica que permita que la plataforma sea autosostenible y con potencial de escalar y convertirse en un modelo de negocio de alto valor. / The ease with which a credential or academic certificate can be forged, thanks to the evolution of graphic design software and the ease of sharing that document on social networks or adding it to a curriculum vitae is forcing academic institutions to generate increasingly bureaucratic and expensive processes in order to ensure the reliability of the documents they issue. In this research paper we propose a business case for the construction of a Platform based on Blockchain for issuing digital certificates that will provide capabilities such as security, inviolability, transparency, traceability and reduction of effort and costs in the generation of certificates. We carried out an investigation on the current state of the art in the use of Blockchain for the issuance of digital certificates, we created a theoretical framework that clarifies the concepts related to this research, emphasizing the potential of Blockchain to ensure a self-sovereign identity and then we develop the business case through strategic analysis that allows us to define the technical and business feasibility of the platform. In the final part, we perform an economic viability analysis that allows the platform to be self-sustaining and with the potential to scale and become a high-value business model. / Trabajo de investigación Blockchain Certificados digitales Casos de negocio LACChain Digital certificates Business cases
7	The use of technology to automate the registration process within the Torrens system and its impact on fraud : an analysis Low, Rouhshi January 2008 (has links) Improvements in technology and the Internet have seen a rapid rise in the use of technology in various sectors such as medicine, the courts and banking. The conveyancing sector is also experiencing a similar revolution, with technology touted as able to improve the effectiveness of the land registration process. In some jurisdictions, such as New Zealand and Canada, the paper-based land registration system has been replaced with one in which creation, preparation, and lodgement of land title instruments are managed in a wholly electronic environment. In Australia, proposals for an electronic registration system are under way. The research question addressed by this thesis is what would be the impact on fraud of automating the registration process. This is pertinent because of the adverse impact of fraud on the underlying principles of the Torrens system, particularly security of title. This thesis first charts the importance of security of title, examining how security of title is achieved within the Torrens system and the effects that fraud has on this. Case examples are used to analyse perpetration of fraud under the paper registration system. Analysis of functional electronic registration systems in comparison with the paper-based registration system is then undertaken to reveal what changes might be made to conveyancing practices were an electronic registration system implemented. Whether, and if so, how, these changes might impact upon paper based frauds and whether they might open up new opportunities for fraud in an electronic registration system forms the next step in the analysis. The final step is to use these findings to propose measures that might be used to minimise fraud opportunities in an electronic registration system, so that as far as possible the Torrens system might be kept free from fraud, and the philosophical objectives of the system, as initially envisaged by Sir Robert Torrens, might be met.
8	Digital Certificates for the Internet of Things Forsby, Filip January 2017 (has links) This thesis will investigate the possibility of developing a lightweight digitalcertificate solution for resource constrained embedded systems in 6LoWPANnetworks. Such systems are battery powered or energy harvesting devices whereit is crucial that energy consumption and memory footprints are as minimalas possible. Current solutions for digital certificates are found to be moredemanding than what is desirable and therefore an issue that needs to besolved.The solution that is proposed in this thesis is a profile for the X.509 cer-tificate standard for use with constrained devices and the Internet of Things(IoT). Furthermore, a compression mechanism is designed and implementedfor certificates following this X.509 profile.Results show that compressing certificates is a highly viable solution, de-spite the added complexity it brings.This new lightweight digital certificate solution will allow resource con-strained systems to be able to run for longer without being interrupted orneeding maintenance. / Denna avhandling undersöker möjligheten att utveckla lättviktslösning förinbyggda system med begränsade resurser i 6LoWPAN-nätverk. Eneheter isådanna system drivs på batteri och återvunnen energi från omgivningen därminimal energi- och minnesanvänding är avgörande. Nuvarande lösningar fördigitala certifikat anses vara mer krävande än önskvärt och det är därför ettproblem som behöver lösas.Lösningen som presenteras i denna avhandling är en profil för certifikatstan-darden X.509 för användning med begränsade enheter inom Internet of Things(IoT). Utöver det är en komprimeringsmekanism designad och implementeradför certifikat som följer denna X.509-profil.Resultat visar att det är högst genomförbart att komprimera certifikat,trots den ökade komoplexiteten det medför.Denna nya lösning för digitala certifikat tillåter resursbegränsade enheteratt köras längre utan att behöva avbrytas eller underhållas. Cyber security constrained devices digital certificates Contiki OS inter- net of things embedded systems. Cybersäkerthet begränsade enheter digitala certifikat Contiki OS inter- net of things inbyggda system. Elektroteknik och elektronik

Search results