Spelling suggestions: "subject:"pflegemanagement"" "subject:"telegemanagement""
31 |
Wireless On-Board DiagnosticsSchirninger, Rene, Zeppetzauer, Stefan January 2005 (has links)
Wireless On-board diagnostics functionality, which is a future outlook to vehicle system parameter analysis, enables measurements and controlling without the limitation of a physical connector. Today every vehicle must by law provide the possibility to analyze engine and emission related parameters (OBD II). The wireless connection requires a high security level to prevent unauthorized communication establishment with the truck’s bus system. The aim of the project is to make a survey of the available security mechanisms and to find the most promising solutions. Furthermore, several usage scenarios and access right levels are specified and a risk analysis of the whole system is made. The greatest challenge is the specification and implementation of a proper key-exchange mechanism between the analyzing device and the truck’s bus system, which is therefore carried out with the highest possible level of awareness. Consequently several different concepts have been formulated based on the different usage scenarios.
|
32 |
Analysis of Random Key Predistribution Scheme for Wireless Sensor Network: An Adversarial PerspectiveLin, Jiun-An 06 February 2012 (has links)
Wireless sensor networks (WSNs) have been widely used in many areas, such as early earthquake monitoring, building structure monitoring, and military surveillance. In this thesis, we focus on the wireless sensor network deployed in the battlefield, using random key predistribution scheme. Firstly we presented an analysis of the security impacts by node capture attack. Also, based on the node cloning attack, we proposed a new attack scheme, called compromised key redistribution attack, and discussed related attack scenarios. Besides, we have found out and conjectured that, when the overlapping factor of compromised key set is larger than 0.05, it is very possible (almost 90%) that the number of distinct compromised keys is 10.5% of the original key pool. This conjecture helps the adversary estimate the approximated size of original key pool by calculating the overlapping factor, thus calculate the probability that malicious nodes successfully establish connections with legitimate nodes.
|
33 |
Design and Analysis of a Novel Multicast Key Management Scheme for Secure Group CommunicationsWu, Chang-Po 24 July 2005 (has links)
In this thesis, we propose an adaptive multicast key management scheme for secure group communications. In a secure communication session, group members could dynamically join and leave the group. Therefore, a multicast key management scheme is required to ensure that only legitimate users will continue to receive the latest information. In the literature, star-based key management schemes and tree-based key management schemes were proposed for secure group communications. In this thesis, we propose a novel canonical-tree-based key management scheme. We evaluate the average rekeying costs of the canonical-tree-based scheme as well as two well-known key management schemes. We find that the leaving probability of group members dominates the relative performance between the star-based scheme and the tree-based scheme. Based on the above observations, we propose an adaptive key management scheme that is superior to both the star-based scheme and the tree-based scheme in a dynamic environment.
|
34 |
Key Management in Ad Hoc Networks / Nyckelhantering i Ad Hoc NätFokine, Klas January 2002 (has links)
<p>This thesis covers the issue of securing ad hoc networks. Such networks exhibit a number of characteristics that make such a task challenging. One of the major challenges is that ad hoc networks typically lack a fixed infrastructure both in form of physical infrastructure such as routers, servers and stable communication links and in the form of an organizational or administrative infrastructure. Another difficulty lies in the highly dynamic nature of ad hoc networks since new nodes can join and leave the network at any time. </p><p>The major problem in providing security services in such infrastructure less networks is how to manage the cryptographic keys that are needed. In order to design practical and efficient key management systems it is necessary to understand the characteristics of ad hoc networks and why traditional key management systems cannot be used. These issues are covered and the thesis also provides a summary of those key management solutions that have been proposed in the research literature so far.</p>
|
35 |
Adaptive Cryptographic Access Control for Dynamic Data Sharing EnvironmentsKayem, ANNE 21 October 2008 (has links)
Distributed systems, characterized by their ability to ensure the execution of multiple
transactions across a myriad of applications, constitute a prime platform for
building Web applications. However, Web application interactions raise issues pertaining to security and performance that make manual security management both
time-consuming and challenging. This thesis is a testimony to the security and performance enhancements afforded by using the autonomic computing paradigm to design an adaptive cryptographic access control framework for dynamic data sharing environments. One of the methods of enforcing cryptographic access control in these environments is to classify users into one of several groups interconnected in the form of a partially ordered set. Each group is assigned a single cryptographic key that is used for encryption/decryption. Access to data is granted only if a user holds the "correct" key, or can derive the required key from the one in their possession. This approach to access control is a good example of one that provides good security but has the drawback of reacting to changes in group membership by replacing keys, and re-encrypting the associated data, throughout the entire hierarchy. Data re-encryption is time-consuming, so, rekeying creates delays that impede performance. In order to support our argument in favor of adaptive security, we begin by presenting two cryptographic key management (CKM) schemes in which key updates
affect only the class concerned or those in its sub-poset. These extensions enhance
performance, but handling scenarios that require adaptability remain a challenge.
Our framework addresses this issue by allowing the CKM scheme to monitor the rate
at which key updates occur and to adjust resource (keys and encrypted data versions) allocations to handle future changes by anticipation rather than on demand. Therefore, in comparison to quasi-static approaches, the adaptive CKM scheme minimizes the long-term cost of key updates. Finally, since self-protecting CKM requires a lesser degree of physical intervention by a human security administrator, we consider the case of "collusion attacks" and propose two algorithms to detect as well as prevent
such attacks. A complexity and security analysis show the theoretical improvements
our schemes offer. Each algorithm presented is supported by a proof of concept
implementation, and experimental results to show the performance improvements. / Thesis (Ph.D, Computing) -- Queen's University, 2008-10-16 16:19:46.617
|
36 |
Verifying Physical Endpoints to Secure Digital SystemsStuder, Ahren M. 01 May 2011 (has links)
The proliferation of electronic devices supporting sensing, actuation, and wireless communication enables the monitoring and/or control of a variety of physical systems with digital communication. Such “cyber physical systems” blur the boundaries of the digital and physical worlds, where correct information about the physical world is needed for the correct operation of the digital system. Often in these systems the physical source or destination of information is as important as the information itself. However, the omni-directional and invisible nature of wireless communication makes it difficult to determine communication endpoints. This allows a malicious party to intercept wireless messages or pose as other entities in the system. As such, these systems require new protocols to associate the endpoints of digital communication with physical entities.
Traditional security approaches that associate cryptographic keys with names can help verify endpoints in static systems where a string accurately describes the role of a device. In other systems, the role of a device depends on its physical properties, such as location, which change over time. This dynamic nature implies that identification of an endpoint based on a static name is insufficient. Instead, we can leverage devices’ sensing and actuation capabilities to verify the physical properties and determine the physical endpoints of communication. We investigate three different scenarios where the physical source and/or destination is important and propose endpoint verification techniques: verifying the physical endpoints during an exchange between two smartphones, verifying the receiver of information is in a physical space to enable location-based access control, and verifying the source of information to protect Vehicle-to-Vehicle (V2V) applications. We evaluate our proposals in these systems and show that our solutions fulfill the security requirements while utilizing existing hardware.
Exchanging Information Between Smartphones Shake on it (SHOT) allows users to verify the endpoints during an exchange of information between two smartphones. In our protocol, the phones use their vibrators and accelerometers to establish a human-observable communication channel. The users hold the phones together while the phones use this channel to bootstrap and verify the authenticity of an exchange that occurs over the higher-bandwidth wireless channel. Users can detect the injection of information from other devices as additional vibrations, and prevent such attacks. Our implementation of SHOT for the DROID smartphone is able to support sender and receiver verification during an exchange between two smartphones in 15 seconds on average.
Location-Based Access Control We propose using location-based access control to protect sensitive files on laptops, without requiring any effort from the user to provide security. With a purely wireless electronic system, verifying that a given device is in a physical space is a challenge; either the definition of the physical space is vague (radio waves can travel beyond walls) or the solution requires expensive hardware to measure a message’s time of flight. Instead, we use infrared as a signal that walls can contain. We develop key derivation protocols that ensure only a receiver in the physical room with access to the signal can derive the key. We implement a system that uses the laptop’s webcam to record the infrared signal, derive a key, and decrypt sensitive files in less than 5 seconds.
Source Verification for V2V Networks A number of V2V applications use information about nearby vehicles to prevent accidents or reduce fuel consumption. However, false information about the positioning of vehicles can cause erroneous behavior, including accidents that would not occur in the absence of V2V. As such, we need a way to verify which vehicle sent a message and that the message accurately describes the physical state of that vehicle. We propose using LED lights on vehicles to broadcast the certificate a vehicle is currently using. Receivers can use onboard cameras to film the encoding of the certificate and estimate the relative location of the vehicle. This visual channel allows a receiver to associate a physical vehicle at a known location with the cryptographic credentials used to sign a location claim. Our simulations indicate that even with a pessimistic visual channel, visual verification of V2V senders provides sufficient verification capabilities to support the relevant applications.
|
37 |
Providing Efficient and Secure Cooperative Spectrum Sensing for Multi-Channel Cognitive Radio NetworksKasiri Mashhad, Behzad January 2010 (has links)
The focus of this thesis is on cooperative spectrum sensing and related security issues in multi-channel cognitive radio networks (MCCRNs). We first study the channel assignment for cooperative spectrum sensing in MCCRNs to maximize the number of available channels. In centralized implementation, a heuristic scheme is proposed along with a greedy scheme to reduce the reported information from the cognitive radios (CRs). In distributed scenario, a novel scheme with multi-round operation is designed following the coalitional game theory. Next, we focus on the physical layer security issues for cooperative spectrum sensing in MCCRNs, caused by Byzantine attacks. New counterattacks are proposed to combat attacks comprising coalition head and CRs as Byzantine attackers, which target to reduce the number of available channels for sensing in distributed MCCRNs. First, a new secure coalition head selection is proposed, by using statistical properties of the exchanged SNRs in the coalitions. Then, an iterative algorithm is proposed to block out attackers, if they continue attacking the system. The important problem of key management is considered next, and an energy-efficient identity-based and a certificate-based distributed key management schemes are proposed. First, a new elliptic curve cryptography (ECC)-based distributed private key generation scheme is proposed to combat the single point of failure problem along with novel distributed private key generator (DPKG) selection schemes to preserve security and energy-efficiency. Because of its importance in the proposed identity-based key management scheme, we further propose a low-complexity DPKG assignment, based on multi-objective programming, which can capture DPKG fairness in addition to energy-efficiency. Finally, a more powerful and intelligent distributed cooperative Byzantine attack on the proposed multi-channel cooperative spectrum sensing is proposed, where attackers collude by applying coalitional game theory to maximize the number of invaded channels in a distributed manner. As a remedy, a hierarchical identity-based key management scheme is proposed, in which CRs can only play on a certain number of requested channels and channel access for sensing is limited to the honest CRs selected in the coalitional game. Simulation results show that the proposed schemes can significantly improve cooperative spectrum sensing and secure the system against Byzantine attacks.
|
38 |
Automated Key Rotations In a Continuous Deployment PipelineRylander, Jim, Moberg, Jacob January 2018 (has links)
Background. To the best of our knowledge, there is no related work that brings up key management in Continuous Deployment. Most of the previous research within the area handles challenges and how to apply to continuous methods. Objectives. By performing this research our goal was to determine how to apply automated key rotation as a way of improving the security in a Continuous Deployment pipeline. We also wanted to compare a manual way of rotating the keys compared to an automated way. When comparing these different scenarios to a scenario where no key rotation was active we hoped to reach a conclusion of whether it is worth implementing automated key rotations in a CDE pipeline or not. Methods. By configuring different tools like GitLab, GitLab-Runner and Vagrant we created a working test pipeline. Since manual key rotation can be implemented in the CDE pipeline, the goal was to create a script that could automate the same process. In our tests we focused on the keys between GitLab and GitLab-Runner. Our tests consisted of comparing three different scenarios, a pipeline with: no, manual and automated key rotations. The three different scenarios where compared on 7 factors to help us reach a conclusion of whether automated key rotations was worth applying as a way to improve the security in a CDE pipeline. Results. With the help of tools like cURL and sshpass we managed to automate the key rotation. When we measured the different processes between no, manual and automated key rotations, the result showed us that the automated process has an average time of 1.6 seconds run time and 1.14 seconds average of server downtime. The run time is 70 times faster than the manual key rotation and has 5 times less average server downtime. Conclusions. We came to the conclusion that it is possible to use key rotation and keep the CDE process fully automated. It makes the process safer but also have the side effect of server downtime.
|
39 |
Key Management in Ad Hoc Networks / Nyckelhantering i Ad Hoc NätFokine, Klas January 2002 (has links)
This thesis covers the issue of securing ad hoc networks. Such networks exhibit a number of characteristics that make such a task challenging. One of the major challenges is that ad hoc networks typically lack a fixed infrastructure both in form of physical infrastructure such as routers, servers and stable communication links and in the form of an organizational or administrative infrastructure. Another difficulty lies in the highly dynamic nature of ad hoc networks since new nodes can join and leave the network at any time. The major problem in providing security services in such infrastructure less networks is how to manage the cryptographic keys that are needed. In order to design practical and efficient key management systems it is necessary to understand the characteristics of ad hoc networks and why traditional key management systems cannot be used. These issues are covered and the thesis also provides a summary of those key management solutions that have been proposed in the research literature so far.
|
40 |
Bezpečná autentizace a klíčový management v Internetu věcí / Secure Authentication and Key Management in the Internet of ThingsŠkunda, Patrik January 2018 (has links)
This thesis deals with issues of secure authentication and key management in the Internet of Things. It describes basic protocols used in IoT, cryptographic primitives, communication technologies in IoT and end elements. It also includes a measuring the performance of cryptographic primitives on Raspberry Pi and selecting the appropriate LPWAN simulation technology. The conclusion of the work is devoted to the simulation of a LoRaWAN network
|
Page generated in 0.2662 seconds