Global ETD Search

81	Digitální certifikáty a certifikační autority / Digital certificates and certificate authorities Lepa, Ondřej January 2014 (has links) This diploma thesis deals with certification and certification authorities, certification path PKI and principles of its validation and security. Also deals with structure of certificate itself and possible misuse of included information. Moreover, possibility of misues of third party certificates and proclamation of untrusted certificate to client's system.
82	Relay Racing with X.509 Mayflies : An Analysis of Certificate Replacements and Validity Periods in HTTPS Certificate Logs / Stafettlöpning med X.509-dagsländor : En Analys av Certifikatutbyten och Giltighetsperioder i HTTPS-certifikatloggar Bruhner, Carl Magnus, Linnarsson, Oscar January 2020 (has links) Certificates are the foundation of secure communication over the internet as of today. While certificates can be issued with long validity periods, there is always a risk of having them compromised during their lifetime. A good practice is therefore to use shorter validity periods. However, this limits the certificate lifetime and gives less flexibility in the timing of certificate replacements. In this thesis, we use publicly available network logs from Rapid7's Project Sonar to provide an overview of the current state of certificate usage behavior. Specifically, we look at the Let's Encrypt mass revocation event in March 2020, where millions of certificates were revoked with just five days notice. In general, we show how this kind of datasets can be used, and as a deeper exploration we analyze certificate validity, lifetime and use of certificates with overlapping validity periods, as well as discuss how our findings relate to industry standard and current security trends. Specifically, we isolate automated certificate services such as Let's Encrypt and cPanel to see how their certificates differ in characteristics from other certificates in general. Based on our findings, we propose a set of rules to help improve the trust in certificate usage and strengthen security online, introducing an Always secure policy aligning certificate validity with revocation time limits in order to replace revocation requirements and overcoming the fact that mobile devices today ignore this very important security feature. To round things off, we provide some ideas for further research based on our findings and what we see possible with datasets such as the one researched in this thesis. certificate authorities certificate lifetime certificate overlap certificate replacement certificate validity certificates HTTPS network security PKI Project Sonar SSL TLS X.509 Computer Sciences Datavetenskap (datalogi)
83	Mobilt BankID, En studie om säkerhetsriskerna och den äldre generationens bruk av e-legitimation Rönngård, Sanna, Firulovic, Daniel January 2020 (has links) I Sverige är mobilapplikationen Mobilt BankID, med sina 7,8 miljoner användare år 2020 ett av de mest använda sätten att bekräfta sin identitet på internet eller för att ge autentisering med digital signatur. Applikationen är utvecklad av Finansiell ID-Teknik AB, ett företag som ägs av bankerna och accepteras som giltig identitetshandling av ett brett utbud av e-tjänster som tillhandahålls av myndigheter, sjukvård, banker och olika företag.Som svenska medier rapporterat har det förekommit en stor mängd bedrägerier relaterade till användningen av Mobilt BankID, främst riktad mot äldre. Syftet med denna studie är både att undersöka identifierade säkerhetsrisker gällande applikationen genom en litteraturstudie av tidigare vetenskaplig forskning, populärvetenskapliga artiklar och tidningsartiklar, samt genom att kombinera semistrukturerade intervjuer och en enkätundersökning riktad till användare i åldersintervallet 60-80 år, undersöka om respondenterna är medvetna om befintliga säkerhetsrisker eller har blivit utsatta för bedrägerier. Slutligen fastställer vi om respondenterna känner att de positiva aspekterna av att använda Mobilt BankID överväger de möjliga säkerhetsriskerna.Resultaten visar att det inte finns någon tidigare vetenskaplig forskning som identifierar säkerhetsrisker gällande den svenska versionen av Mobilt BankID. En liten majoritet av respondenterna är medvetna om att vissa risker finns men endast ett fåtal har utsatts för bedrägerier eller upplevt några säkerhetsrelaterade problem. De flesta respondenterna tycks ha en positiv inställning till applikationen och anser den vara trygg och lätt att använda. / In Sweden, the mobile application Mobilt BankID, with its 7,8 million users as of 2020 is among the most frequently used ways to confirm one's identity over the internet or to provide authorisation by digital signatures. The application is developed by Finansiell ID-Teknik AB, a company owned by the banks and is accepted as valid proof of identity by a wide range of e-services provided by the government, healthcare, banks and various companies.As reported by Swedish media there has been a high volume of frauds related to the use of Mobilt BankID primarily targeting the elderly. The purpose of this study is to investigate identified security risks related to the application through a literature study of previous scientific research, popular science articles and newspaper articles, as well as by combining semi-structured interviews and a survey aimed at users in the 60-80 age range, investigating whether respondents are aware existing security risks or have been exposed to fraud. Finally, we are determining whether the respondents feel that the positive aspects of using Mobilt BankID exceed possible security risks.The results we obtain show that there is no previous scientific research investigating security threats posed to the Swedish version of Mobilt BankID. A weak majority of our respondents are aware that certain security threats exist but almost none have been exposed to attacks or experienced any security-related problems. Most of the respondents seem to have a positive attitude towards the application finding it trustworthy and easy to use. Mobilt BankID e-legitimation PKI äldre användare BankID Elektronisk legitimation Electronic Identification Elderly usability Online identification senior users Digital immigrants Engineering and Technology Teknik och teknologier
84	Longitudinal analysis of the certificate chains of big tech company domains / Longitudinell analys av certifikatkedjor till domäner tillhörande stora teknikföretag Klasson, Sebastian, Lindström, Nina January 2021 (has links) The internet is one of the most widely used mediums for communication in modern society and it has become an everyday necessity for many. It is therefore of utmost importance that it remains as secure as possible. SSL and TLS are the backbones of internet security and an integral part of these technologies are the certificates used. Certificate authorities (CAs) can issue certificates that validate that domains are who they claim to be. If a user trusts a CA they can in turn also trust domains that have been validated by them. CAs can in turn trust other CAs and this, in turn, creates a chain of trust called a certificate chain. In this thesis, the structure of these certificate chains is analysed and a longitudinal dataset is created. The analysis looks at how the certificate chains have changed over time and puts extra focus on the domains of big tech companies. The dataset created can also be used for further analysis in the future and will be a useful tool in the examination of historical certificate chains. Our findings show that the certificate chains of the domains studied do change over time; both their structure and the lengths of them vary noticeably. Most of the observed domains show a decrease in average chain length between the years of 2013 and 2020 and the structure of the chains vary significantly over the years. certificate authorities CA certificate chains certificates certificate validation HTTPS network security internet security PKI Project Sonar SSL TLS X.509 Computer Sciences Datavetenskap (datalogi)
85	Studying the Opportunities of Blockchain Implementations in Electronic Transactions compared to the eIDAS Regulations / Undersöka möjligheterna för blockchain implementationer i elektroniska transaktioner jämfört med eIDAS regulationen Hansson, Hanna January 2022 (has links) The electronic identification regulation, eIDAS, and its trusted service providers are currently based on technologies that have been used for decades. The eIDAS and many others in the security industry have shown interest in newer technologies such as distributed ledgers and blockchain. This research looks into the current eIDAS regulation, its plans for future work, and how the current trusted systems could benefit from introducing blockchain into the solutions. Looking at new technologies is of importance to move forward but also making solutions more secure for the user with for example Self-Sovereign Identity solutions. The research was conducted through a literature review followed by interviews. A number of themes were identified to answer the research question. The findings were that blockchain is a viable technology to use but only if used in the right cases. A better understanding and knowledge of the technology is needed for new implementation to succeed and should not be rushed due to the hype of blockchain technology. / Se bif. fil Blockchain blockchain technology eIDAS eIDAS regulation eID electronic identification PKI public key infrastructure trusted service provider distributed ledgers SSI self-sovereign identity Blockchain blockchain teknologi eIDAS eIDAS regulationen eID elektronisk identifikation PKI distribuerad databaseteknik SSI Other Engineering and Technologies Annan teknik Economics and Business Ekonomi och näringsliv
86	網路交易之風險分析與建議-以旅遊業為例 / Risk analysis & suggestion of Internet transaction 呂雅麗, Lu, Ya Li Unknown Date (has links) 在網路環境日益成熟的今日，網路交易的安全性已被列為首要的課題，而「公開金鑰基礎建設(public key infrastructure, PKI)」被公認是在資訊安全應用領域中，少數能同時滿足「保護資料安全」、「身分驗證」、「訊息完整性」以及「交易不可否認性」的加密應用技術。電子商務被運用於各行各業，其中旅遊產業是全球最大與成長最快的產業之ㄧ。許多網路旅行社已經在企業內部建置了企業資源規劃(enterprise resource planning, ERP)系統，使得幾乎全部的交易與旅遊的安排都可以在線上完成。為了確保資料交換的安全性，便可以使用PKI技術，使企業的ERP 成為受完整加密保護的服務網路。網路旅遊業者是以網站營運的方式來進行與消費者的互動，除了基本的防護措施，如：防火牆、入侵偵測、弱點掃瞄等網路安全外，企業的資安政策的制定與執行都可減少企業所面臨的風險。近年來資料外洩事件頻傳，客戶資料及公司智慧財產外洩可能導致罰鍰、訴訟、公司品牌形象的毀損等。政府積極推動個人資料保護法，為了提高約束力，立法、司法與行政部門決定聯手祭出「天文數字的重罰」加以遏止；加上惡意使用者偽卡盜刷、冒名使用，使得電子商務業者不得不審慎地去評估如何加強資訊安全，以維繫企業本身的利益及提高企業的競爭力。 PKI的技術是目前公認最可靠、最可被信任的方式，但建置的複雜性及高成本，使得PKI的推廣層面不夠普及；如何讓PKI由「技術」移轉成為成功的「應用」，故筆者在本論文中建議一個運作模式，讓網路旅行社可以在透過網際網路行銷擴大業務之餘，也能因應時勢所趨，提供給其客戶一個安全的網路交易環境。 / The safety of Internet transaction has been referred to as the most important task in this fully-developed world of Internet. And public key infrastructure, which can provide confidentiality, authentication, integrity and non-repudiation, is one of the most effective ways of encryption in the application of information security. The travel agency has been one of the largest industries in e-commerce. There are many enterprise resource planning systems built in online travel agencies, so that almost every transaction and tours can be arranged through the Internet. To provide a well-protected environment, enterprises can use PKI technology to ensure the safety of online data exchanging. Online travel agencies interact with consumers through the web-site. Not only the basic protection like firewall, intrusion detection, and vulnerability scanning but also the development and the executive of security policies can reduce the risk that enterprises may encounter. Fines, litigations and the company's brand image damages may come after data leakages such as information of clients or intellectual property of companies. Government has actively promoted personal data protection law and huge amount of fines to improve the bindings. Coupled with many fraud credit cards used by the malicious users, companies have to assess how to reinforce information security to maintain its profit and upgrade its competitiveness. PKI technology is recognized as the most reliable and trusted solution, but the complexities and high cost of implementation made it difficult to apply. So, the author here tries to provide a mode of operation for online travel agencies to not only extend its services by the Internet but also provide a safe Internet transaction environment for its clients. 旅遊業風險分析資訊安全公開金鑰基礎建設(PKI) travel agency risk analysis information security public key infrastructure
87	Contributions à la sécurité dans les réseaux mobiles ad Hoc Rachedi, Abderrezak 26 November 2008 (has links) (PDF) La thèse se focalise sur la sécurité dans les réseaux mobiles ad hoc (MANET : Mobile Ad hoc NETwork) [RFC 2501]. L'absence d'une gestion centrale des fonctionnalités du réseau rend ces réseaux beaucoup plus vulnérables aux attaques que les réseaux sans ﬁl (WLAN) et ﬁlaires (LAN). Malheureusement, les protocoles de sécurité qui existent actuellement ne sont pas conçus pour un tel environnement (dynamique). Ils ne prennent pas la contrainte des ressources en considération car non seulement l'environnement est dynamique, mais les ressources sont aussi limitées (mémoire, capacité de calcul et surtout énergie), ce qui complique davantage la problématique, car on sait bien que les solutions de sécurité sont gourmandes en terme de ressources. Cependant, en raison de l'importance des domaines d'application des réseaux mobiles ad hoc comme les opérations militaires (communication entre les avions, les voitures et le personnel et opérations de secours, situations d'urgence en cas de sinistre, etc . . .), il faut relever le déﬁ, car concevoir un mécanisme de sécurité infaillible pour les réseaux mobiles ad hoc est nécessaire. L'objectif principal de la thèse consiste à étudier les solutions susceptibles d'assurer la sécurité dans les réseaux mobiles ad hoc, en proposant une architecture hiérarchique distribuée qui permet d'établir une infrastructure dynamique à clé publique. Cette architecture doit supporter les différentes caractéristiques de ces réseaux (absence d'une unité centrale de gestion de réseau, topologie réseau dynamique, etc . . .). Dans ce but, un modèle de conﬁance adapté à l'environnement dynamique pour assurer l'évolution des niveaux de conﬁance des nœuds est établi. De plus, les vulnérabilités au niveau des autorités de certiﬁcation sont prises en compte dans le nouveau concept de DDMZ (zone dynamique démilitarisée) que nous proposons. Dans le but de sécuriser les nœuds dont le rôle est crucial au sein du réseau, leur identité doit être cachée. C'est pourquoi le concept d'anonymat est introduit. Un protocole d'authentiﬁcation anonyme est proposé. De plus, nous nous inspirons du modèle militaire pour mettre en place un mécanisme de camouﬂage qui cache le rôle des nœuds sensibles. Pour entretenir le modèle de conﬁance, un mécanisme de surveillance est indispensable. Il est adapté aux contraintes de l'environnement sans ﬁl dynamique et réduit le taux de fausses alarmes (faux positifs). Il est fondé sur une approche inter-couches et un modèle probabiliste pour améliorer l'observation du nœud surveillant. Pour faire face aux attaques intelligentes de type inter-couches, une étude des vulnérabilités au niveau des couches inférieures comme la couche MAC est menée. Ensuite, des mécanismes de prévention et de détection sont analysés et évalués. La performance de ces mécanismes est évaluée avec la prise en compte des métriques primordiales pour les réseaux mobiles ad hoc, telles que la consommation d'énergie, la mobilité, la densité des nœuds et du traﬁc, etc . . . Réseaux mobiles Ad hoc Sécurité Algorithmes distribués Mécanisme de surveillance IEEE 802.11 Infrastructure à clé publique (PKI) Zone dynamique démilitarisée (DDMZ) Anonymat Attaques inter-couches
88	Infrastruktura veřejných klíčů / Infrastructure of public keys Bědajánek, Ondřej January 2008 (has links) The subject of my thesis dscribes function and principles of the public key infrastructure as well as certificate authority. Under the operation system Linux was created self signed certificate authority. Web interface was devoloped in PHP for the purpose of the generation, distribution and rejection certificates. Configuration files for OpenVPN are included in the thesis and wireless security is achived by OpenVPN.
89	Laboratorní úloha infrastruktury veřejných klíčů / Lab of public key infrastructure Slavík, Petr January 2009 (has links) The aim of this thesis is to study and describe the theme of Public Key Infrastructure (PKI). Within the scope of minute PKI characterization there is a gradual depiction of particular structural elements, which are above all represented by cryptographic operations (asymetric and symetric cryptography, hash function and digital signature); then, there are also individual PKI subjects that are dealt with, like eg. certification authority, certificates, security protocols, secure heap etc. Last but not least there are a few complete Public Key Infrastructure implementation solutions described (OpenSSL, Microsft CA). The practical part of the thesis, a lab exercise, gives potential students the knowledge of installing OpenSSL system based certification authority. The next task educate students how to secure web server with certificate signed with own CA and also how to secure web server users‘ access control through certificates signed by the previously installed CA.
90	Secure Bitcoin Wallet Guler, Sevil January 2015 (has links) Virtual currencies and mobile banking are technology advancements that are receiving increased attention in the global community because of their accessibility, convenience and speed. However, this popularity comes with growing security concerns, like increasing frequency of identity theft, leading to bigger problems which put user anonymity at risk. One possible solution for these problems is using cryptography to enhance security of Bitcoin or other decentralised digital currency systems and to decrease frequency of attacks on either communication channels or system storage. This report outlines various methods and solutions targeting these issues and aims to understand their effectiveness. It also describes Secure Bitcoin Wallet, standard Bitcoin transactions client, enhanced with various security features and services. Android Security Bitcoin Mobile Payment Java Instant Messaging Wallet BTC Virtual Currency Cryptography Push Notification PKI Shared Preference SQLite Security Architecture Software Development Mobile Development Public Ledger Miner Computer and Information Sciences Data- och informationsvetenskap

Search results