21 |
Regulation of skeletal mineralisation by PHOSPHO1Houston, Dean Alexander January 2017 (has links)
PHOSPHO1 is a skeletal specific phosphatase whose activity towards the lipid metabolites, phosphocholine (PCho) and phosphoethanolamine (PEth), results in the generation of inorganic phosphate (Pi) within matrix vesicles (MV). PHOSPHO1 activity is essential for the initiation of biomineralisation. The genetic ablation of Phospho1 results in severe hypomineralisation of the skeleton and dentition. Neutral sphingomyelinase 2 (nSMase2, encoded by the Smpd3 gene) catalyses the breakdown of the membrane lipid sphingomyelin to generate ceramide and PCho. Similar hypomineralisation of the skeleton is noted in the Smpd3-/- mouse. This observation led to the hypothesis that nSMase2 and PHOSPHO1 work in tandem for the generation of Pi within MV. Despite knowledge of the phenotype associated with the absence of Phospho1 or Smpd3, little is known about the expression profiles of these genes during the initiation of extracellular matrix (ECM) mineralisation, or the regulation of these genes. This thesis characterised the expression of Phospho1, Smpd3 and other key genes associated with ECM mineralisation in in vitro models of mineralisation under exogenous phosphatase substrate-free conditions. Additionally, building on preliminary work in osteocytes, the regulation of Phospho1 and Smpd3 by parathyroid hormone (PTH) was investigated both in vitro and in vivo. Characterisation of MC3T3 osteoblast-like cell cultures, primary calvarial osteoblast and embryonic metatarsal organ cultures similarly revealed simultaneous and striking increases in the expression of PHOSPHO1 and nSMase2 prior to the onset of ECM mineralisation. In Phospho1-/- cell and organ cultures, ECM mineralisation was markedly diminished, and nSMase2 expression was notably reduced. The parathyroid hormone (PTH) regulation of Phospho1 and Smpd3 in osteocytes was confirmed in MC3T3 osteoblast-like cell cultures. Phospho1 and Smpd3 mRNA expression was strongly and rapidly (within 15 minutes) inhibited by PTH. Experiments with cycloheximide revealed that this was a direct effect not requiring protein synthesis. Further experimentation utilising the adenylyl cylase agonist, Forskolin and the PKA inhibitor, PKI (5-24), identified the cAMP-PKA signalling pathway as the mediator of the effects of PTH on Phospho1 and Smpd3 expression. In contrast, however, primary calvarial osteoblasts, human subchondral bone osteoblasts and murine embryonic metatarsal cultures all displayed an upregulation of Phospho1 expression in response to a 24 h exposure to PTH. Although informative, these findings highlighted the need to investigate the PTH regulation of Phospho1 in vivo. The administration of PTH (80 μg/kg) enhanced the expression of Phospho1 and Smpd3 within 6 h and after 14 and 28-day intermittent exposure in the distal femur of male wild-type mice. The expression of the transcription factors, Runx2 and Trps1, which have been implicated in the regulation Phospho1 were similarly upregulated by these PTH exposures. I hypothesised that the upregulation of Phospho1 could provide a novel mechanism explaining the osteoanabolic effects of intermittent PTH (iPTH). Bone microarchitecture in response to iPTH was assessed in the tibiae of WT and Phospho1-/- mice by micro computed tomography. The absence of Phospho1 limited the anabolic effects of PTH in cortical bone but not in the metaphyseal trabecular bone. The work described within this thesis provides further evidence of the cooperative functions of nSMase2 and PHOSPHO1 in the initiation of skeletal mineralisation. The potent regulation of these enzymes in vivo by PTH offers an additional explanation of the anabolic effects of iPTH and forms part of an emerging body of evidence seeking to understand the regulation of these enzymes.
|
22 |
Jämförelse av autentisering i SIP och H.323Thunström, Robert January 2008 (has links)
H.323 och Session Initiation Protocol är två olika protokoll som kan användas t ex för att koppla upp röstsamtal eller videosamtal via Internet. Det är ofta önskvärt i en uppkoppling mellan två personer att personerna kan autentisera sig för varandra. Denna autentisering är avsedd att garantera identiteten på deltagarna i kommunikationen. Den här undersökningen jämför protokollens struktur vid autentiseringen och visar skillnader i säkerhetssynpunkt. Autentisering finns i 3 skikt i de båda protokollen. I applikationsskiktet skiljer sig protokollen åt då SIP använder sig av lösenord för autentisering medan H.323 både kan använda lösenord och en PKI-baserad lösning med utbyte av nyckelcertifikat. I transportskiktet och nätverksskiktet kan båda protokollen använda TLS och IPSec för autentisering och därmed är det ingen större skillnad på protokollen i dessa skikt.
|
23 |
Utveckling av Web Service för hantering av öppna autentiseringsnycklarJohansson, Andreas January 2005 (has links)
Utvecklingen går mot alltmer distribuerade IT-system, där ett flertal datorer kommunicerar med varandra. Detta gäller även försvarsmaktens ledningssystem. I dessa öppna och distribuerade system är olika säkerhetsfunktioner kritiska. En av dessa är att kunna verifiera identiteten hos den part som kommunikationen sker med. Detta görs oftast med hjälp av asymmetriska kryptooperationer, där identiteter kan verifieras med hjälp av öppet publicerade autentiseringsnycklar. Hanteringen av sådana nycklar kan centraliseras med hjälp av XML Key Management Specification. XKMS är en standard utvecklad av W3C som specificerar en Web Service för hantering av distribution, verifiering och registrering av öppna nycklar. I detta examensarbete har en del av en sådan service implementerats. Fokus har legat på distribution och verifikation av X.509-certifikat som är en ledande standard för att knyta ihop identiteter med nycklar. Slutligen har ett API till Java utvecklats för att på klientsidan underlätta nyttjandet av en XKMS-service.
|
24 |
Dynamic identities for flexible access controlAndersson, Fredrik, Hagström, Stefan January 2005 (has links)
This thesis will analyse the pros and cons of a module-based approach versus the currently existing certificate schemes and the proposed requirements for a module-based certificate scheme to serve as a plausible identity verification system. We will present a possible model and evaluate it in respect to the existing solutions and our set of identified requirements.
|
25 |
Nulägesanalys och verifiering av autentiseringsmetoder : En studie på ett konsultbolag i nätverksbranschenVilhelmsson, Philip, Tallberg, Christer January 2010 (has links)
This report is written for a consultant networking company with the purpose to review the development ofthe company's remote connections from a user friendly and security perspective.This includes an investigation of the possibilities to consolidate existing authentication methods foraccessing customers. The problem lies in the amount of methods being used. Through case study wefound that smart cards, SMS-service, software and hardware tokens exist.The only method feasible from a security perspective is smart cards. Since the method is not commonlyused by the company's customers a standardization of it would be counterproductive.Also, the purpose of this report is to investigate how the ongoing internal development of the remoteconnection will affect the company's clients. Within this framework we have also verified a designsuggestion.We interpret, after the completion of the case study, that the internal development of the remoteconnection is marginally affected by legal perspectives. Tests and interviews shows that all of thesolutions are user friendly, but not adequate from a security perspective. With respect to customers'demands we recommend that the company's internal network should be accessed with smart cards. Thisguarantees that only intended authentications are performed. / Rapporten är skriven åt ett nätverksbolag i konsultbranschen. Syftet med rapporten är att se överutvecklingen av företagets distansuppkopplingar ur ett användarvänlighets- och säkerhetsperspektiv.Detta innebär dels att undersöka möjligheterna för att konsolidera förekommande autentiseringsmetodersom används för uppkoppling mot kunder. Problematiken handlar då om att mängdenautentiseringsmetoder för konsulter i dagsläget är svåradministrerad. Genom fallstudie har vi fått reda attsmarta kort, SMS-tjänst, mjuk- och hårdvarutokens figurerar.Den enda metod som är tänkbar ur ett säkerhetsperspektiv är smarta kort. Då metoden inte ärframträdande hos företagets kunder skulle dock en standardisering i dagsläget vara kontraproduktiv.Avsikten med rapporten är också att utreda hur den pågående interna utvecklingen avdistansuppkopplingen påverkar företagets kunder. Vi har inom ramen för detta även verifierat ettdesignförslag.Efter utförd fallstudie tolkar vi att den interna utvecklingen av distansuppkopplingen påverkas marginelltur ett juridiskt perspektiv. Efter tester och intervjuer konstaterar vi att samtliga lösningar äranvändarvänliga men ur säkerhetssynpunkt inte tillräckliga. Med hänseende till kundernas kravbildrekommenderar vi att uppkoppling mot företagets interna nätverk sker med smarta kort. Detta för attkunna garantera att endast avsvedd autentisering utförs.
|
26 |
Aplikace pro elektronický podpis a časové razítko / Application for digital signature and timestampingRemiaš, Miroslav January 2009 (has links)
In general, the Internet represents an unsecured medium of data transfer. Besides the rising popularity of the Internet, the matters of safety are getting to the foreground of importance. Anybody would be able to gain access to the computer network or to other valuable information if no algorithm of verifying the genuineness of identity were used. It is necessary to secure not only the access to the documents but also the content itself, which could be modified during the transfer through an unsecured medium. Last but not least, without the discretion provided by cryptography, the information may become literally public. To provide security and protection for the communicating participants the problems mentioned above are solved with the help of cryptographic techniques. The verification of the identity and the integrity of messages, the credibility of document’s ownership and safe data transfer through an unsecured medium are all the aspects, which the field of communication security on the Internet, thus the public key infrastructure, deals with. The electronic signature, as a part of the security area, is one of many advertised themes nowadays in Czech Republic. The aim of this master’s thesis is to acquaint the reader with the necessary technological procedures of digital signature, such as cryptographic techniques, public key infrastructure and timestamp. The practical part of this thesis consists of a suggested implementation of a web application in the programming language ASP.NET, which forms a certification authority with an opportunity of claiming a timestamp to authorize timestamps. After the problematic of cryptography was explained in the first chapter, the term of electronic signature has been introduced in the second chapter. Very important information, as far as the electronic signature of documents is concerned, is the time of the document’s creation and the subsequent signature verification by an appropriate authority. So the following part of the thesis is dedicated to the timestamp and to the authority of its verification. The fourth section deals with the large scale of public key infrastructure. The fifth part focuses on the description of the support for the whole problem mentioned so far using Microsoft’s programming language ASP.NET. The final sixth chapter represents the practical part of the thesis, namely the web application itself, where the individual modules of the application with its functions are described.
|
27 |
Kryptografický protokol pro správu a schvalování verzí dokumentů / The Cryptographic Protocol for Management and Approval of Document VersionsLacko, Peter January 2016 (has links)
This work deals with design and implementation of the system for document management and versioning. The first part contains description of related work. In the second part, information security concepts and security model, upon which application is build, is discussed. Third part contains description of designed system and its typical use in a form of sequence diagram. Fourth part introduces cryptographic protocol used in this work. Next follows the description of implementation and security analysis of developed system. The output of this work is cryptographic protocol for document management and versioning, and client-server application implementing this protocol.
|
28 |
DPP: Dual Path PKI for Secure Aircraft Data CommunicationBuchholz, Alexander Karl 02 May 2013 (has links)
Through application of modern technology, aviation systems are becoming more automated and are relying less on antiquated air traffic control (ATC) voice systems. Aircraft are now able to wirelessly broadcast and receive identity and location information using transponder technology. This helps reduce controller workload and allows the aircraft to take more responsibility for maintaining safe separation. However, these systems lack source authentication methods or the ability to check the integrity of message content. This opens the door for hackers to potentially create fraudulent messages or manipulate message content.
This thesis presents a solution to handling many of the potential security issues in aircraft data communication. This is accomplished through the implementation of a Dual Path PKI (DPP) design which includes a novel approach to handling certificate revocation through session certificates. DPP defines two authentication protocols, one between aircraft and another between aircraft and ATC, to achieve source authentication. Digital signature technology is utilized to achieve message content and source integrity as well as enable bootstrapping DPP into current ATC systems. DPP employs cutting-edge elliptic curve cryptography (ECC) algorithms to increase performance and reduce overhead.
T is found that the DPP design successfully mitigates several of the cyber security concerns in aircraft and ATC data communications. An implementation of the design shows that anticipated ATC systems can accommodate the additional processing power and bandwidth required by DPP to successfully achieve system integrity and security. / Master of Science
|
29 |
A Session Initiation Protocol User Agent with Key EscrowHossen, MD. Sakhawat January 2009 (has links)
Voice over Internet Protocol (VoIP), also called IP telephony is rapidly becoming a familiar term and as a technology it is invading the enterprise, private usage, and educational and government organizations. Exploiting advanced voice coding & compression techniques and bandwidth sharing over packet switched networks, VoIP can dramatically improve bandwidth efficiency. Moreover enhanced security features, mobility support, and cost reduction features of VoIP are making it a popular choice for personal communication. Due to its rapid growth in popularity VoIP is rapidly becoming the next generation phone system. Lawful interception is a mean of monitoring private communication of users that are suspected of criminal activities or to be a threat to national security. However, government regulatory bodies and law enforcement agencies are becoming conscious of the difficulty of lawful interception of public communication due to the mobilitysupport and advanced security features implemented in some implementations of VoIP technology. There has been continuous pressure from the government upon the operators and vendors to find a solution that would make lawful interception feasible and successful. Key escrow was proposed as a solution by the U. S. National Security Agency. In key escrow the key(s) for a session are entrusted to a trusted third party and upon proper authorization law enforcement agencies can receive the session key(s) from this trusted third party However, key escrow adds some security vulnerabilities and potential risks as an unethical employee of the key escrow agent (or a law enforcement agency that has received the session key(s)) can misuse the key(s) to forge content of a communication session -- as he or she possesses the same key(s) as the user used for this session. This thesis addresses the issue of forged session content, by proposing, implementing, and evaluating a cryptographic model which allows key escrow session content. The implementation utilizes an existing implementation of a Session Initiation Protocol (SIP) user agent ‘minisip’ developed at KTH. The performance evaluation results suggest that the proposed model can support key escrow while protecting the user communication from being forged with the cost of minimal computational resource and negligible overhead. without the possibility of undetectable fabrication of session content. The implementation utilizes an existing implementation of a Session Initiation Protocol (SIP) user agent ‘minisip’ developed at KTH. The performance evaluation results suggest that the proposed model can support key escrow while protecting the user communication from being forged with the cost of minimal computational resource and negligible overhead.
|
30 |
Hardware Security Module Performance Optimization by Using a "Key Pool" : Generating keys when the load is low and saving in the external storage to use when the load is highSeyed Saboonchi, Nima January 2014 (has links)
This thesis project examines the performance limitations of Hardware Security Module (HSM) devices with respect to fulfilling the needs of security services in a rapidly growing security market in a cost-effective way. In particular, the needs due to the introduction of a new electronic ID system in Sweden (the Federation of Swedish eID) and how signatures are created and managed. SafeNet Luna SA 1700 is a high performance HSM's available in the current market. In this thesis the Luna SA 1700 capabilities are stated and a comprehensive analysis of its performance shows a performance gap between what HSMs are currently able to do and what they need to do to address the expected demands. A case study focused on new security services needed to address Sweden's e Identification organization is presented. Based upon the expected performance demands, this thesis project proposes an optimized HSM solution to address the identified performance gap between what is required and what current HSMs can provide. A series of tests were conducted to measure an existing HSM's performance. An analysis of these measurements was used to optimize a proposed solution for selected HSM or similar HSMs. One of the main requirements of the new signing service is the capability to perform fifty digital signatures within the acceptable response time which is 300 ms during normal hours and 3000 ms during peak hours. The proposed solution enables the HSM to meet the expected demands of 50 signing request per second in the assumed two hours of peak rate at a cost that is 1/9 of the cost of simply scaling up the number of HSMs. The target audience of this thesis project is Security Service Providers who use HSMs and need a high volume of key generation and storing. Also HSM vendors consider this solution and add similar functionality to their devices in order to meet the desired demands and to ensure a better future in this very rapidly growing market. / Detta examensarbete undersöker prestandabegränsningar för Hardware Security Module (HSM) enheter med avseende på att uppfylla behov av säkerhetstjänster i en snabbt växande marknad och på ett kostnadseffektivt sätt. I synnerhet på grund av de säkerhetskrav som nu existerar/tillkommit efter införandet av ett nytt elektroniskt ID-system i Sverige (Federationen för Svensk eID) och hur underskrifter skapas och hanteras. SafeNet Luna SA 1700 är en högpresterande HSM enhet tillgänglig på marknaden. I den här avhandlingen presenteras nuvarande HSM kapacitet och en omfattande analys av resultatet visar ett prestanda gap mellan vad HSMS för närvarande kan göra och vad som behöver förbättras för att ta itu med de förväntade kraven. En fallstudie fokuserad på nya säkerhetstjänster som krävs i och med Sveriges nya e-Identifiering presenteras. Baserat på resultatet i den här avhandlingen föreslås en optimerad HSM lösning för att tillgodose prestanda gapet mellan vad HSM presterar och de nya krav som ställs. Ett flertal tester genomfördes för att mäta en befintlig HSM prestanda. En analys av dessa mätningar användes för att föreslå en optimerad lösning för HSMS (eller liknande) enheter. Ett av de huvudsakliga kraven för den nya signeringstjänsten är att ha en kapacitet av 50 digitala signaturer inom en accepterad svarstidsintervall, vilket är 300ms vid ordinarie trafik och 3000ms vid högtrafik. Förslagen i avhandlingen möjliggör HSM enheten att tillgodose kraven på 50 signeringen per sekund under två timmars högtrafik, och till en 1/9 kostnad genom att skala upp antalet HSMs. Målgruppen i den här avhandlingen är användare av HSMs och där behovet av lagring och generering av nycklar i höga volymer är stort. Även HSM leverantörer som kan implementera den här optimeringen/lösningen i befintlig funktionalitet för att tillgodose det här behovet i en alltmer växande marknad.
|
Page generated in 0.0913 seconds