• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 26
  • 2
  • 1
  • Tagged with
  • 28
  • 28
  • 27
  • 27
  • 27
  • 27
  • 27
  • 27
  • 27
  • 27
  • 14
  • 13
  • 7
  • 7
  • 6
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Secure Mobile Authentication for Linux Workstation log on

Habib, Usman January 2010 (has links)
Password based logon schemes have many security weaknesses. For secure environments smart card and biometric based authentication solutions are available as replacement for standard password based systems. Nevertheless, the cost of deployment and maintenance of these systems is quite high. On the other hand, mobile network operators have a huge base of deployed smart cards that can be reused to provide authentication in other spheres significantly reducing costs. In this project we present a study of how mobile phones can be used to provide a secure low-cost two-factor workstation logon solution.To find and study the available mobile phone based authentication architectures and come up with workstation logon architecture the study of relevant technologies utilized in these solutions: UMTS networks, Bluetooth communication, Remote Authentication Dial in User Service (RADIUS), authentication and authorization in Windows, Linux, and MAC OS X. The analysis of available mobile phone based authentication schemes like SIM Strong schemes based on EAP-SIM, Session-ID based schemes, and OTP based schemes are also added.A solution for Linux workstation logon process has been proposed in the thesis using the Pluggable Authentication Module (PAM). The Solution uses 2 factors for authentication, one is the static password and the second factor is the mobile based authentication using a 13 character long OTP. With adding the existing technology and giving the administrator the option of selecting the authentication method for user makes the solution more suitable for an enterprise.
2

Service Discovery for Future Mobile Services

Bhatti, Atif, Choudhary, Imran Aslam January 2010 (has links)
The pervasive computing environment for heterogeneous network is on a continuous rise. The ability to interact and control network devices with different functionalities within office and home environment could be very beneficial to a lot of users. The service discovery in computers and mobile devices enabled them to interact with one another through wireless and heterogeneous wired networks. Services advertise their existence in a dynamic way and devices are designed with this capability to discover these services and its properties automatically. These devices are though based on different technologies but are still able to communicate and discover one another based on existing service discovery architectures. It is notable that a significant number of networked devices are now mobile and these mobile devices make service discovery more challenging.In future mobile multi-domain multi-language environments, a service can be anything and introduced by anybody. Consequently, same or equivalent services may have different names and services with same name or type may be completely different. Existing service discovery systems are incapable of handling these situations. We have implemented a service discovery system which supports semantics to service descriptions. It allows any user to act as a service provider and introduce any service at any time. The service provider can define any service as equivalent to any existing service and in any language as wanted. In addition, it is capable to find services that are not exact matches of the requested ones. More semantics are introduced through attributes like EquivalenceClass, ParentType and Keywords. The test conducted on this system in real time proves that the system is efficient and can be applied in real life.
3

Multi Protocol Label Switching – Transport Profile (MPLS-TP) in OpMiGua hybrid network

Katsavos, Christos January 2010 (has links)
This thesis presents the combination of MPLS-TP protocol with an integrated hybridnetwork, the Opmigua network. It is presented that the MPLS-TP protocol is applicableand follows all the requirements to be compatible with an Opmigua network. Differentnetwork scenarios, combining packet and circuit switching properties with MPLS-TPlabels, are presented. At the beginning of this thesis, are provided the characteristics and requirements of MPLS-TP protocol which the standardization of this is on going. Furthermore, it is explained how the MPLS-TP management and the forwarding plane work. Some references are also given not only to OAM mechanisms, but also to control plane that the MPLS-TP uses. We use both, global and local significance MPLS-TP labels for distinguishing theGuaranteed Service Traffic (GST) packets from Statistical Multiplexing (SM) packets.Using this method, we have concluded some results, as it concerns GST and SMtraffic. GST packets take a global significance label value until to reach the destination node. On the other hand, SM packets take local significance labels for each path into an Opmigua network which follow Optical Packet Switch (OPS) networks. We have proposed a new method for differentiation of packets from low to high priority using extension headers of Internet Protocol v6 either Destination Options Header(DOH) or MPLS-TP as an extension header. The result that we have derived is highand low priority packets are differentiated at ingress Opmigua network which GST packets take global significance MPLS-TP label following Optical Cross Connect (OXC) network and SM packets change per each Label Switched Path (LSP) local significance MPLS-TP labels until to reach the destination. Finally, two MPLS-TP path protection schemes, facility bypass and restoration usingdetours were combined with Opmigua network to provide failures for both, GuaranteedService Traffic (GST) packets and Statistical Multiplexing (SM) packets.
4

Autentisering og tilgangskontroll i system for eSporing / Authentication and Access Control in System for eSporing

Martinsen, Fredrik Folgerø January 2010 (has links)
eSporing er et prosjekt for å lage en nasjonal infrastruktur for elektronisk sporing i matkjeden. Denne infrastrukturen, betegnet som eSporingsløsningen, er basert på en tjenesteorientert arkitektur.Med tjenesteorienterte arkitekturer stilles det nye krav til sikkerheten da tradisjonelle mekanismer for sikkerhet ikke er gode nok. Oppgaven har sett på sikkerhetsaspekter i tjenesteorienterte arkitekturer, med fokus på autentisering og tilgangskontroll. En løsning, betegnet som en revidert arkitektur, er presentert som et av resultatene til oppgaven. Arkitekturen er utarbeidet fra en sikkerhetsanalyse på en konseptuell arkitektur. Den konseptuelle arkitekturen, med utgangspunkt i eSporing, innlemmer den funksjonalitet og oppbygning som er spesifikk for tjenesteorienterte arkitekturer. Med dette viser den reviderte arkitekturen til en måte å sikre nettverket og tjenester på som oppgaven har kommet fram til er den mest ideelle for gitt situasjon.Oppgaven har også sett på eSporingsløsningen og sammenlignet denne med den reviderte arkitekturen. Sammenligningen er det andre resultatet til oppgaven og er brukt til å vise til hvordan autentisering og tilgangskontroll kunne vært gjort annerledes i eSporingsløsningen.
5

Secure Mobile Authentication for Linux Workstation log on

Habib, Usman January 2010 (has links)
Password based logon schemes have many security weaknesses. For secure environments smart card and biometric based authentication solutions are available as replacement for standard password based systems. Nevertheless, the cost of deployment and maintenance of these systems is quite high. On the other hand, mobile network operators have a huge base of deployed smart cards that can be reused to provide authentication in other spheres significantly reducing costs. In this project we present a study of how mobile phones can be used to provide a secure low-cost two-factor workstation logon solution.To find and study the available mobile phone based authentication architectures and come up with workstation logon architecture the study of relevant technologies utilized in these solutions: UMTS networks, Bluetooth communication, Remote Authentication Dial in User Service (RADIUS), authentication and authorization in Windows, Linux, and MAC OS X. The analysis of available mobile phone based authentication schemes like SIM Strong schemes based on EAP-SIM, Session-ID based schemes, and OTP based schemes are also added.A solution for Linux workstation logon process has been proposed in the thesis using the Pluggable Authentication Module (PAM). The Solution uses 2 factors for authentication, one is the static password and the second factor is the mobile based authentication using a 13 character long OTP. With adding the existing technology and giving the administrator the option of selecting the authentication method for user makes the solution more suitable for an enterprise.
6

Service Discovery for Future Mobile Services

Bhatti, Atif, Choudhary, Imran Aslam January 2010 (has links)
The pervasive computing environment for heterogeneous network is on a continuous rise. The ability to interact and control network devices with different functionalities within office and home environment could be very beneficial to a lot of users. The service discovery in computers and mobile devices enabled them to interact with one another through wireless and heterogeneous wired networks. Services advertise their existence in a dynamic way and devices are designed with this capability to discover these services and its properties automatically. These devices are though based on different technologies but are still able to communicate and discover one another based on existing service discovery architectures. It is notable that a significant number of networked devices are now mobile and these mobile devices make service discovery more challenging.In future mobile multi-domain multi-language environments, a service can be anything and introduced by anybody. Consequently, same or equivalent services may have different names and services with same name or type may be completely different. Existing service discovery systems are incapable of handling these situations. We have implemented a service discovery system which supports semantics to service descriptions. It allows any user to act as a service provider and introduce any service at any time. The service provider can define any service as equivalent to any existing service and in any language as wanted. In addition, it is capable to find services that are not exact matches of the requested ones. More semantics are introduced through attributes like EquivalenceClass, ParentType and Keywords. The test conducted on this system in real time proves that the system is efficient and can be applied in real life.
7

Multi Protocol Label Switching – Transport Profile (MPLS-TP) in OpMiGua hybrid network

Katsavos, Christos January 2010 (has links)
This thesis presents the combination of MPLS-TP protocol with an integrated hybridnetwork, the Opmigua network. It is presented that the MPLS-TP protocol is applicableand follows all the requirements to be compatible with an Opmigua network. Differentnetwork scenarios, combining packet and circuit switching properties with MPLS-TPlabels, are presented. At the beginning of this thesis, are provided the characteristics and requirements of MPLS-TP protocol which the standardization of this is on going. Furthermore, it is explained how the MPLS-TP management and the forwarding plane work. Some references are also given not only to OAM mechanisms, but also to control plane that the MPLS-TP uses. We use both, global and local significance MPLS-TP labels for distinguishing theGuaranteed Service Traffic (GST) packets from Statistical Multiplexing (SM) packets.Using this method, we have concluded some results, as it concerns GST and SMtraffic. GST packets take a global significance label value until to reach the destination node. On the other hand, SM packets take local significance labels for each path into an Opmigua network which follow Optical Packet Switch (OPS) networks. We have proposed a new method for differentiation of packets from low to high priority using extension headers of Internet Protocol v6 either Destination Options Header(DOH) or MPLS-TP as an extension header. The result that we have derived is highand low priority packets are differentiated at ingress Opmigua network which GST packets take global significance MPLS-TP label following Optical Cross Connect (OXC) network and SM packets change per each Label Switched Path (LSP) local significance MPLS-TP labels until to reach the destination. Finally, two MPLS-TP path protection schemes, facility bypass and restoration usingdetours were combined with Opmigua network to provide failures for both, GuaranteedService Traffic (GST) packets and Statistical Multiplexing (SM) packets.
8

Autentisering og tilgangskontroll i system for eSporing / Authentication and Access Control in System for eSporing

Martinsen, Fredrik Folgerø January 2010 (has links)
eSporing er et prosjekt for å lage en nasjonal infrastruktur for elektronisk sporing i matkjeden. Denne infrastrukturen, betegnet som eSporingsløsningen, er basert på en tjenesteorientert arkitektur.Med tjenesteorienterte arkitekturer stilles det nye krav til sikkerheten da tradisjonelle mekanismer for sikkerhet ikke er gode nok. Oppgaven har sett på sikkerhetsaspekter i tjenesteorienterte arkitekturer, med fokus på autentisering og tilgangskontroll. En løsning, betegnet som en revidert arkitektur, er presentert som et av resultatene til oppgaven. Arkitekturen er utarbeidet fra en sikkerhetsanalyse på en konseptuell arkitektur. Den konseptuelle arkitekturen, med utgangspunkt i eSporing, innlemmer den funksjonalitet og oppbygning som er spesifikk for tjenesteorienterte arkitekturer. Med dette viser den reviderte arkitekturen til en måte å sikre nettverket og tjenester på som oppgaven har kommet fram til er den mest ideelle for gitt situasjon.Oppgaven har også sett på eSporingsløsningen og sammenlignet denne med den reviderte arkitekturen. Sammenligningen er det andre resultatet til oppgaven og er brukt til å vise til hvordan autentisering og tilgangskontroll kunne vært gjort annerledes i eSporingsløsningen.
9

Coordination Patterns for Reactive Services

Fatima, Urooj January 2010 (has links)
In our everyday life we come across countless reactive systems. These are the systems that engage in stimulus-response behaviour. The development of distributed reactive systems is quite complex. Being able to rapidly develop and incrementally deploy new services, while avoiding interactions with existing ones, is a challenging task. In this thesis, service examples of a distributed reactive system are modeled using the service engineering approach proposed by Humberto Nicolás Castejón in his PhD thesis; Collaborations in Service Engineering: Modeling, Analysis and Execution. First, services are modeled as collaborations between roles. Thereafter, the behaviour of each system component is designed as a composition of the roles it plays in the different services. In many cases, a component may be requested to participate simultaneously in several occurrences of the same service, or of different services (e.g. a UserAgent representing a user in a telecommunication system may be requested to participate in several phone calls simultaneously). To address such problems, extra coordination functionality is introduced in this thesis to coordinate the roles or role instances that a system component may play at a given point in time. For this, another role is defined, which is external to the service roles and serves to coordinate role binding. This role is named as ‘Controller’. The Controller is designed to keep track of the resource status, assign the resource if it is free, and if it is not then respond to the service invitation requests according to the preferences of the actors that receive them. Depending upon how the Controller performs the coordination functionality, some coordination patterns have been investigated. Apart from modeling the service from scratch and investigating the coordination patterns for it, it has been explored in this thesis how this coordination functionality can be added into an existing service model in a modular way. Some solutions are discussed but these are the initial thoughts which can be further explored in depth. The general structure of the coordination patterns has also been identified, which further strengthened the generality of the coordination patterns.
10

RFID implementation and performance analysis of a short MQQ digital signature

Soomro, Kamran Saleem January 2010 (has links)
Contactless smart cards (RFID cards) have been widely used for manyapplications such as epassport, ebanking, transit fare payment and accesscontrol systems. These cards have limited resources for performing arithmeticand logical operations and storing data along with program code. Asasymmetric cryptographic algorithms, performs time consuming complexoperations and demands more resources therefore these operations are performedin the special co-processors inside smart cards. The implementationof these extra co-processors increase the cost of smart cards.Recently a new algorithm Multivariate Quadratic Quasigroup (MQQ) hasbeen proposed for asymmetric cryptography and it is claimed that decryptionoprations are faster than already existing algorithms (RSA, ECC) [17].Eventually, a digital signature scheme based on MQQ has been proposedand it is named as MQQ-SIG [28]. In original MQQ public key algorithmthe size of private and public key was quite large in (KBytes). The size ofprivate key has been significantly reduced in MQQ-SIG scheme. Due tothis improvement in the private key size, it becomes possible to implementsigning procedure of MQQ-SIG inside contactless smart card. The fastsigning speed and simple operations performed in signing makes MQQSIGan appealing choice for smart cards which has constrained resourcescomparatively to other devices such as mobile cell phones and personalcomputers (PC).In this thesis we have implemented the digital signature part of MQQ-SIGalgorithm in Java for the 8-bit contactless smart card from the NXP familyJCOP 41 V2.2.1. These cards have Java Card Virtual Machine (JCVM)which enables limited features of Java. This is a completely original workand as far as we know there are no other Java implementations of MQQSIGdigital signature.Key generation part of MQQ is quite time consuming and therefore can notbe implemented inside smart cards. Similarly, verification part of MQQSIGutilize public key for verification of signed message. The public keyof MQQ scheme is quite large in hundreds of KBytes and therefore cannot be stored inside smart cards. These two parts of MQQ-SIG has beenimplemented on desktop computers and are not part of our Master thesis.

Page generated in 0.2574 seconds