Spelling suggestions: "subject:"pflegemanagement"" "subject:"telegemanagement""
21 |
A new multiple key management scheme for secure wireless mobile multicastMapoka, Trust T., Shepherd, Simon J., Abd-Alhameed, Raed 08 1900 (has links)
Yes / Addressing key management in mobile multicast communication is currently a booming topic due to the convergence of wireless and mobile technologies. With the proliferation of multiple group based services that are possible to co-exist within a single network, mobile subscribers could subscribe to these services concurrently while ubiquitous. However, the existing group key management (GKM) protocols intend to secure group communication for just a single group service. The GKM approaches involve inefficient use of keys and huge rekeying overheads, hence unsuitable for multiple multicast group environments. In this paper, we propose a novel GKM protocol for multiple multicast groups, called slot based multiple group key management (SMGKM) scheme. SMGKM supports the movement of single and multiple members across a homogeneous or heterogeneous wireless network while participating in multiple group services with minimized rekeying transmission overheads. Unlike conventional GKM protocols, SMGKM protocol can mitigate 1-affect-n phenomenon, single point of failure and investment pressure of signaling load caused by rekeying at the core network. Numerical analysis and simulation results of the proposed protocol show significant resource economy in terms of communication bandwidth overhead, storage overheads at the Domain Key Distributor (DKD), mobile receiver and Area Key Distributors while providing intense security.
|
22 |
Evaluation of Key Management Protocols and Their Implementations / Utvärdering av Key Management Protokoll och dess implementationerAndersson, Erik, Combler, David January 2018 (has links)
When constructing a network system it is important to consider the attributes which define said system and how to best build around those attributes. In this report we’ve studied Key Management Protocols as well as 802.15.4 WPAN networks and how key managment is conducted in such networks. This was done to better understand how Key Management Protocols themselves work and if, or how, they differ when used in 802.15.4 networks. In this report we studied 4 different Key Management Protocols: IKEv2,HIPv2,PANA and 802.1X as well as their various implementations. Based on the information gathered we analyzed how an implementation would work according to IEEE 802.15.9. Firstly we found was that IKEv2 offers a lot of functionality at the cost of system complexity and required a lot of memory. It also required major modifications to work in 802.15.4 networks. Secondly we found that HIPv2 offers the ability to separate the locator and identifier tags of TCP/IP and is lightweight. It doesn’t use IP or TCP/UDP and as such required minor changes to work in 802.15.4 networks. Finally, PANA and 802.1X both offer client-to-network authentication using EAP and use a moderate to high amount of space. 802.1X required a moderate amount of changes to work in 802.15.4 networks. PANA on the other hand required few changes, though it should not be used as a general purpose Key Management Protocol in 802.15.4 networks.
|
23 |
Advanced Secret Handling in Kubernetes Application with HashiCorp Vault / Avancerad hemlig hantering i Kubernetes-applikationen med HashiCorp VaultHamid, Maryum January 2023 (has links)
In the era of microservices and cloud-based systems, safeguarding sensitive credentials has become a critical concern for modern businesses. This thesis delves into the application of HashiCorp Vault, a prominent tool for secure secret management, within the domain of telecommunication networks, renowned for managing tens of thousands of nodes. Through a case study approach, this research explores Vault’s core components, security features, and disaster recovery mechanisms, with a specific focus on integrating them into existing telecommunication systems. A thorough examination of technical documentation, academic literature, and industry reports reveals fundamental concepts and best practices in credential management. Additionally, this study provides a comprehensive analysis of the system architecture of telecom management systems, showcasing how HashiCorp Vault’s capabilities bolster security, ensure compliance, and sustain business continuity in large-scale networks. Nevertheless, the thesis also addresses the implications of integrating HashiCorp Vault into the system architecture, including potential challenges tied to complexity and the need for meticulous key management for such extensive credentials. The findings emphasize the necessity of a balanced approach, prioritizing both automation and security. Vigilant monitoring, alerting, and maintenance practices are paramount. As a conclusion, this thesis proposes promising avenues for future research, envisioning the integration of artificial intelligence, machine learning, and blockchain technologies in credential management systems. These advancements hold the potential to further enhance the security landscape for telecommunication networks and beyond. / I en tid präglad av mikrotjänster och molnbaserade system har skydd av känsliga referenser blivit ett kritiskt problem för moderna företag. Denna avhandling fördjupar sig i tillämpningen av HashiCorp Vault, ett framstående verktyg för säker hemlig hantering, inom domänen av telekommunikationsnätverk, känt för att hantera tiotusentals noder. Genom en fallstudiemetod utforskar denna forskning Vaults kärnkomponenter, säkerhetsfunktioner och katastrofåterställningsmekanismer, med ett specifikt fokus på att integrera dem i befintliga telekommunikationssystem. En grundlig granskning av teknisk dokumentation, akademisk litteratur och branschrapporter avslöjar grundläggande begrepp och bästa praxis inom referenshantering. Dessutom ger denna studie en omfattande analys av systemarkitekturen för telekomhanteringssystem, och visar hur HashiCorp Vaults kapacitet stärker säkerheten, säkerställer efterlevnad och upprätthåller affärskontinuitet i storskaliga nätverk. Ändå tar avhandlingen också upp implikationerna av att integrera HashiCorp Vault i systemarkitekturen, inklusive potentiella utmaningar kopplade till komplexitet och behovet av noggrann nyckelhantering för så omfattande referenser. Resultaten betonar nödvändigheten av ett balanserat tillvägagångssätt, som prioriterar både automatisering och säkerhet. Vaksamma övervaknings-, varningsoch underhållsmetoder är av största vikt. Som en slutsats föreslår den här avhandlingen lovande vägar för framtida forskning, som föreställer sig integrationen av artificiell intelligens, maskininlärning och blockchainteknologier i autentiseringssystem. Dessa framsteg har potential att ytterligare förbättra säkerhetslandskapet för telekommunikationsnätverk och vidare.
|
24 |
Lightweight Cryptographic Group Key Management Protocols for the Internet of ThingsGebremichael, Teklay January 2019 (has links)
The Internet of Things (IoT) is increasingly becoming an integral component of many applications in consumer, industrial and other areas. Notions such as smart industry, smart transport, and smart world are, in large part, enabled by IoT. At its core, the IoT is underpinned by a group of devices, such as sensors and actuators, working collaboratively to provide a required service. One of the important requirements most IoT applications are expected to satisfy is ensuring the security and privacy of users. Security is an umbrella term that encompasses notions such as confidentiality, integrity and privacy, that are typically achieved using cryptographic encryption techniques. A special form of communication common in many IoT applications is group communication, where there are two or more recipients of a given message. In or-der to encrypt a message broadcast to a group, it is required that the participating parties agree on a group key a priori. Establishing and managing a group key in IoT environments, where devices are resources-constrained and groups are dynamic, is a non-trivial problem. The problem presents unique challenges with regard to con-structing protocols from lightweight and secure primitives commensurate with the resource-constrained nature of devices and maintaining security as devices dynamically leave or join a group. This thesis presents lightweight group key management protocols proposed to address the aforementioned problem, in a widely adopted model of a generic IoT network consisting of a gateway with reasonable computational power and a set of resource-constrained nodes. The aim of the group key management protocols is to enable the gateway and the set of resource-constrained devices to establish and manage a group key, which is then used to encrypt group messages. The main problems the protocols attempt to solve are establishing a group key among participating IoT devices in a secure and computationally feasible manner; enabling additionor removal of a device to the group in a security preserving manner; and enabling generation of a group session key in an efficient manner without re-running the protocol from scratch. The main challenge in designing such protocols is ensuring that the computations that a given IoT device performs as part of participating in the protocol are computationally feasible during initial group establishment, group keyupdate, and adding or removing a node from the group. The work presented in this thesis shows that the challenge can be overcome by designing protocols from lightweight cryptographic primitives. Specifically, protocols that exploit the lightweight nature of crypto-systems based on elliptic curves and the perfect secrecy of the One Time Pad (OTP) are presented. The protocols are designed in such a way that a resource-constrained member node performs a constant number of computationally easy computations during all stages of the group key management process. To demonstrate that the protocols are practically feasible, implementation resultof one of the protocols is also presented, showing that the protocol outperforms similar state-of-the-art protocols with regard to energy consumption, execution time, memory usage and number of messages generated. / <p>Vid tidpunkten för framläggningen av avhandlingen var följande delarbete opublicerat: delarbete 3 (manuskript).</p><p>At the time of the defence the following paper was unpublished: paper 3 (manuscript).</p> / SMART (Smarta system och tjänster för ett effektivt och innovativt samhälle)
|
25 |
AN UPDATE ON NETWORK-BASED SECURITY TECHNOLOGIES APPLICABLE TO TELEMETRY POST-PROCESSING AND ANALYSIS ACTIVITIESKalibjian, Jeff 10 1900 (has links)
ITC/USA 2007 Conference Proceedings / The Forty-Third Annual International Telemetering Conference and Technical Exhibition / October 22-25, 2007 / Riviera Hotel & Convention Center, Las Vegas, Nevada / Networked based technologies (i.e. TCP/IP) have come to play an important role in the evolution
of telemetry post processing services. A paramount issue when using networking to access/move
telemetry data is security. In past years papers have focused on individual security technologies
and how they could be used to secure telemetry data. This paper will review currently available
network based security technologies, update readers on enhancements, and discuss their
appropriate uses in the various phases of telemetry post-processing and analysis activities.
|
26 |
Secure IP Multicasting with Encryption Key ManagementMaharjan, Nadim, Moten, Daryl 10 1900 (has links)
ITC/USA 2011 Conference Proceedings / The Forty-Seventh Annual International Telemetering Conference and Technical Exhibition / October 24-27, 2011 / Bally's Las Vegas, Las Vegas, Nevada / This paper presents the design for secure IP multicasting in an iNet environment using public key cryptography. Morgan State University has been conducting research to improve the telemetry network by improving network performance, implementing IP (Internet Protocol) multicasting and providing a stronger security system for the iNet environment. The present study describes how IP multicasting could be implemented to provide more secure communication in the iNet environment by reducing traffic and optimizing network performance. The multicast of data is closely tied to the key management center for secure applications. This paper develops a means of delivering keys between two or more parties showing a relationship between the multicast network and the Key Management Center (KMC). The KMC is an element of the system which distributes and manages session keys among multicast members. A public key encryption method is used to address the distribution of session keys in the multicast network. The paper will present a system level design of multicast and key management with dual encryption of session keys for the iNet system.
|
27 |
A comparison of the security in ZigBee and the IEEE 802.15.9 standard and an experimental analysis of communication over IEEE 802.15.4 / En jämförelse av säkerheten gällande ZigBee och IEEE 802.15.9 standarden och en experimentell analys av kommunikation över IEEE 802.15.4Silversved, Nicklas, Runesson, Hampus January 2019 (has links)
The increasing number of IoT devices used in today’s society has led to a demand for better security in order to prevent attackers from gaining access to private information. The IoT brings a wide application scope and because of that there are a lot of ways to set up a secure network and manage keys in these kinds of networks. This paper presents a comparison between the security model in Zigbee and the new recommended practice for Key Management Protocols defined by the IEEE 802.15.9 standard. We investigate key establishment and transportation together with the vulnerabilities that this might bring regarding potential attacks like DoS and MitM. Since these protocols are built on the IEEE 802.15.4 standard, experimental tests have been made where we analyze the throughput, RTT and packet loss over varied distances and we try to determine the maximum transmission range for devices using IEEE 802.15.4 modules. The IEEE 802.15.9 standard works with different KMPs and depending on the KMP being used we can see both similarities and differences regarding key management and possible attacks when comparing it to ZigBee. Furthermore, we found that attacks on a ZigBee device is more likely to compromise the whole network while similar attacks would only affect the specific peers in an IEEE 802.15.9 communication. Based on the experiments we find that open areas, distance and interference have a negative effect on the throughput, RTT and packet loss of the communication.
|
28 |
A Lab System for Secret Sharing / Utveckling av laborationssystem för secret sharingOlsson, Fredrik January 2004 (has links)
<p>Finnegan Lab System is a graphical computer program for learning how secret sharing works. With its focus on the algorithms and the data streams, the user does not have to consider machine-specific low-level details. It is highly modularised and is not restricted to secret sharing, but can easily be extended with new functions, such as building blocks for Feistel networks or signal processing. </p><p>This thesis describes what secret sharing is, the development of a new lab system designed for secret sharing and how it can be used.</p>
|
29 |
Security and Efficiency Tradeoffs in Multicast Group Key ManagementDuma, Claudiu January 2003 (has links)
<p>An ever-increasing number of Internet applications, such as content and software distribution, distance learning, multimedia streaming, teleconferencing, and collaborative workspaces, need efficient and secure multicast communication. However, efficiency and security are competing requirements and balancing them to meet the application needs is still an open issue.</p><p>In this thesis we study the efficiency versus security requirements tradeoffs in group key management for multicast communication. The efficiency is in terms of minimizing the group rekeying cost and the key storage cost, while security is in terms of achieving backward secrecy, forward secrecy, and resistance to collusion.</p><p>We propose two new group key management schemes that balance the efficiency versus resistance to collusion. The first scheme is a flexible category-based scheme, and addresses applications where a user categorization can be done based on the user accessibility to the multicast channel. As shown by the evaluation, this scheme has a low rekeying cost and a low key storage cost for the controller, but, in certain cases, it requires a high key storage cost for the users. In an extension to the basic scheme we alleviate this latter problem.</p><p>For applications where the user categorization is not feasible, we devise a cluster-based group key management. In this scheme the resistance to collusion is measured by an integer parameter. The communication and the storage requirements for the controller depend on this parameter too, and they decrease as the resistance to collusion is relaxed. The results of the analytical evaluation show that our scheme allows a fine-tuning of security versus efficiency requirements at runtime, which is not possible with the previous group key management schemes.</p> / Report code: LiU-TEK-LIC-2003:53.
|
30 |
Wireless On-Board DiagnosticsSchirninger, Rene, Zeppetzauer, Stefan January 2005 (has links)
<p>Wireless On-board diagnostics functionality, which is a future outlook to vehicle system </p><p>parameter analysis, enables measurements and controlling without the limitation of a physical </p><p>connector. Today every vehicle must by law provide the possibility to analyze engine and </p><p>emission related parameters (OBD II). The wireless connection requires a high security level </p><p>to prevent unauthorized communication establishment with the truck’s bus system. The aim </p><p>of the project is to make a survey of the available security mechanisms and to find the most </p><p>promising solutions. Furthermore, several usage scenarios and access right levels are </p><p>specified and a risk analysis of the whole system is made. The greatest challenge is the </p><p>specification and implementation of a proper key-exchange mechanism between the analyzing </p><p>device and the truck’s bus system, which is therefore carried out with the highest possible </p><p>level of awareness. Consequently several different concepts have been formulated based on </p><p>the different usage scenarios.</p>
|
Page generated in 0.0662 seconds