Personalising privacy contraints in Generalization-based Anonymization Models / Personnalisation de protection de la vie privée sur des modèles d'anonymisation basés sur des généralisations

Michel, Axel

08 April 2019

Les bénéfices engendrés par les études statistiques sur les données personnelles des individus sont nombreux, que ce soit dans le médical, l'énergie ou la gestion du trafic urbain pour n'en citer que quelques-uns. Les initiatives publiques de smart-disclosure et d'ouverture des données rendent ces études statistiques indispensables pour les institutions et industries tout autour du globe. Cependant, ces calculs peuvent exposer les données personnelles des individus, portant ainsi atteinte à leur vie privée. Les individus sont alors de plus en plus réticent à participer à des études statistiques malgré les protections garanties par les instituts. Pour retrouver la confiance des individus, il devient nécessaire de proposer dessolutions de user empowerment, c'est-à-dire permettre à chaque utilisateur de contrôler les paramètres de protection des données personnelles les concernant qui sont utilisées pour des calculs.Cette thèse développe donc un nouveau concept d'anonymisation personnalisé, basé sur la généralisation de données et sur le user empowerment.En premier lieu, ce manuscrit propose une nouvelle approche mettant en avant la personnalisation des protections de la vie privée par les individus, lors de calculs d'agrégation dans une base de données. De cette façon les individus peuvent fournir des données de précision variable, en fonction de leur perception du risque. De plus, nous utilisons une architecture décentralisée basée sur du matériel sécurisé assurant ainsi les garanties de respect de la vie privée tout au long des opérations d'agrégation.En deuxième lieu, ce manuscrit étudie la personnalisations des garanties d'anonymat lors de la publication de jeux de données anonymisés. Nous proposons l'adaptation d'heuristiques existantes ainsi qu'une nouvelle approche basée sur la programmation par contraintes. Des expérimentations ont été menées pour étudier l'impact d’une telle personnalisation sur la qualité des données. Les contraintes d’anonymat ont été construites et simulées de façon réaliste en se basant sur des résultats d'études sociologiques. / The benefit of performing Big data computations over individual’s microdata is manifold, in the medical, energy or transportation fields to cite only a few, and this interest is growing with the emergence of smart-disclosure initiatives around the world. However, these computations often expose microdata to privacy leakages, explaining the reluctance of individuals to participate in studies despite the privacy guarantees promised by statistical institutes. To regain indivuals’trust, it becomes essential to propose user empowerment solutions, that is to say allowing individuals to control the privacy parameter used to make computations over their microdata.This work proposes a novel concept of personalized anonymisation based on data generalization and user empowerment.Firstly, this manuscript proposes a novel approach to push personalized privacy guarantees in the processing of database queries so that individuals can disclose different amounts of information (i.e. data at different levels of accuracy) depending on their own perception of the risk. Moreover, we propose a decentralized computing infrastructure based on secure hardware enforcing these personalized privacy guarantees all along the query execution process.Secondly, this manuscript studies the personalization of anonymity guarantees when publishing data. We propose the adaptation of existing heuristics and a new approach based on constraint programming. Experiments have been done to show the impact of such personalization on the data quality. Individuals’privacy constraints have been built and realistically using social statistic studies

Big Data

Matériel sécurisé

Data privacy and security

Big Data

Secure Hardware

Physical Layer Security With Active Jamming Using NOMA.

Polisetti, Mounika

January 2021

This paper is persuaded to understand the physical layer security in wireless commu-nications utilizing NOMA (Non Orthogonal Multiple Access) concepts in the presence of an eavesdropper. Physical layer security maintains the confidentiality and secrecyof the system against eavesdroppers. We use the power domain in this paper, where NOMA allows many users to share resources side by side. Power allocation concern-ing channel condition is taken into consideration where user whose channel condition is weak is allocated with eminent power to directly decode the signal, whereas theuser with better channel condition applies successive interference cancellation (SIC)to decode the signal. Here, the base station communicates with the users and sends data signals while the eavesdropper secretly eavesdrops on the confidential informa-tion simultaneously. In this thesis, to improve the physical layer security, jamming method was usedwhere users are assumed to be in full duplex, send jamming signals to degrade the performance of the eavesdropper. Analytic expressions of CDF, PDF, outage proba-bility and secrecy capacity are obtained from analyzing the NOMA jamming scheme. The numerical results are evaluated with the simulations results and analysed theeffect of jamming on improving the performance of the NOMA system in presenceof an eavesdropper.

Physical Layer security

secrecy capacity

eavesdropper

spectral efficiency

secure NOMA transmission

Telecommunications

Telekommunikation

Integrating secure programming concepts in introductory programming courses

Jama, Fartun

January 2020

The number of vulnerable systems with exploitable security defects has increased. This led to an increase in the demand for secure software systems. Software developers lack security experiences to design and build secure software, some even believe security is not their responsibility. Despite the increased need for teaching security and secure programming, security is not well integrated into the undergraduate computing curriculum and is only offered as part of a program or as an elective course. The aim of this project is to outline the importance of incorporating security and secure programming concepts in programming courses starting from the introductory courses. By evaluating the students' security consideration and knowledge regarding software security. As a result, based on the knowledge students lack regarding software security, security and secure programming concepts are identified which need to be integrated into the programming courses.

Secure programming

software security

software vulnerabilities

Software Development Life Cycle (SDLC)

Computer Sciences

Datavetenskap (datalogi)

Secure Mobile POS System : A point of sale application for secure financial transitions in a mobile business enviroment

Sadique, Kazi Masum

January 2013

The use of smart phones has changed the lifestyle of the society. Almost all kind of useful tools you can find on your smart phone. People used to buy goods every day. And for the purchase of goods they must pay. Security is very important while payment is concern. In this thesis we have designed and demonstrated a mobile phone application that can be used for a small shop or a big market. For any kind of commerce application, three different kind of entities are mostly involved: the customer, the sales person, and the management of the shop. Our designed mobile application has three different interfaces for three different kind of users: Manager Interface, Employee Interface, and Customer Interface. An interface for the system administrator is also designed, which should be used as an desktop application on the point of sale server. This application is flexible with capabilities of different payment options. Our proposed design can be implemented in any smart phone environment for example Android, iOS or Windows phone. This design provides availability, confidentiality, and integrity of payment data.

mobile point of sale

POS

secure financial transactions

m-commerce

Engineering and Technology

Teknik och teknologier

Security Services for Mobile Applications

Mumtaz, Majid

January 2012

In today's era of technology, information can revolve the whole world within seconds via Internet. Devices such as smartphones, tablets and smart applications running on them enable users to access information anytime and anywhere over the air network. Ubiquitous nature of smartphones stimulates the growth of applications development, especially for small scale devices. Protection and security of sensitive mobile applications and their resources against threats are new emerging challenges for mobile application developers. Even competitive enterprise application development organizations lack comprehensive security services for small scale devices. Ultimately unpredictable threats become active anytime and can easily hamper the whole infrastructure within short time frame. In future enterprise applications, to protect entities and overall access of back-end secure infrastructure and services secure and easy to deploy strong authentication and authorization services will play a key role. Complexity of security risks in wireless networks is changing the ways of protection mechanisms for mobile applications. Achieving security balance with convenience becomes a challenging task for application developers. Due to complex blurred picture of an attack in an enterprise applications development, usually the developers don't pay attention against the mitigation of such threats at the initial phase of application development. Due to this, weaknesses appear in latter stages that make an application system vulnerable. Conventionally it is a common practice by application developers to rely on username/password authentication mechanism, and even more secure way that is considered to be a One Time Password (OTP) or complex passphrase schemes. These schemes have a number of limitations and drawbacks regarding today’s diverse wireless environments. In this research we used Public Key Infrastructure (PKI) certificate-based strong authentication scheme for small scale devices which is a significant step-up from simple username/password, OTP and location-based authentication schemes. Leading standards which we followed FIPS 201 Personal Identity Verification standard and FIPS 196 Strong Authentication Protocol scheme. Our solution is based on secure smart microSD card that can be used for providing high level of security for mobile enterprise applications. Also other considerable security services included confidentiality of exchanged transaction messages between applications and back-end application provider server, integrity of transaction messages, and non-repudiation services.

Mobile Applications Security

Authentication

microSD

Secure Element

Engineering and Technology

Teknik och teknologier

Dynamic Trust Management for Mobile Networks and Its Applications

Bao, Fenye

05 June 2013

Trust management in mobile networks is challenging due to dynamically changing network environments and the lack of a centralized trusted authority. In this dissertation research, we design and validate a class of dynamic trust management protocols for mobile networks, and demonstrate the utility of dynamic trust management with trust-based applications. Unlike existing work, we consider social trust derived from social networks in addition to traditional quality-of-service (QoS) trust derived from communication networks to obtain a composite trust metric as a basis for evaluating trust of nodes in mobile network applications. Untreated in the literature, we design and validate trust composition, aggregation, propagation, and formation protocols for dynamic trust management that can learn from past experiences and adapt to changing environment conditions to maximize application performance and enhance operation agility. Furthermore, we propose, explore and validate the design concept of application-level trust optimization in response to changing conditions to maximize application performance or best satisfy application requirements. We provide formal proof for the convergence, accuracy, and resiliency properties of our trust management protocols. To achieve the goals of identifying the best trust protocol setting and optimizing the use of trust for trust-based applications, we develop a novel model-based analysis methodology with simulation validation for analyzing and validating our dynamic trust management protocol design. The dissertation research provides new understanding of dynamic trust management for mobile wireless networks. We gain insight on the best trust composition and trust formation out of social and QoS trust components, as well as the best trust aggregation and propagation protocols for optimizing application performance. We gain insight on how a modeling and analysis tool can be built, allowing trust composition, aggregation, propagation, and formation designs to be incorporated, tested and validated. We demonstrate the utility of dynamic trust management protocol for mobile networks including mobile ad-hoc networks, delay tolerant networks, wireless sensor networks, and Internet of things systems with practical applications including misbehaving node detection, trust-based survivability management, trust-based secure routing, and trust-based service composition. Through model-based analysis with simulation validation, we show that our dynamic trust management based protocols outperform non-trust-based and Bayesian trust-based protocols in the presence of malicious, erroneous, partly trusted, uncertain and incomplete information, and are resilient to trust related attacks. / Ph. D.

mobile networks

trust management

adaptive control

Optimization

secure routing

intrusion detection

performance analysis

Image steganography applications for secure communication

Morkel, Tayana

28 November 2012

To securely communicate information between parties or locations is not an easy task considering the possible attacks or unintentional changes that can occur during communication. Encryption is often used to protect secret information from unauthorised access. Encryption, however, is not inconspicuous and the observable exchange of encrypted information between two parties can provide a potential attacker with information on the sender and receiver(s). The presence of encrypted information can also entice a potential attacker to launch an attack on the secure communication. This dissertation investigates and discusses the use of image steganography, a technology for hiding information in other information, to facilitate secure communication. Secure communication is divided into three categories: self-communication, one-to-one communication and one-to-many communication, depending on the number of receivers. In this dissertation, applications that make use of image steganography are implemented for each of the secure communication categories. For self-communication, image steganography is used to hide one-time passwords (OTPs) in images that are stored on a mobile device. For one-to-one communication, a decryptor program that forms part of an encryption protocol is embedded in an image using image steganography and for one-to-many communication, a secret message is divided into pieces and different pieces are embedded in different images. The image steganography applications for each of the secure communication categories are discussed along with the advantages and disadvantages that the applications have over more conventional secure communication technologies. An additional image steganography application is proposed that determines whether information is modified during communication. Copyright / Dissertation (MSc)--University of Pretoria, 2012. / Computer Science / unrestricted

Image processing

Steganography

Information hiding

Computer security

Image authentication

Secure communication

UCTD

Secure Application Development / Static Application Security Testing (SAST)

Alwan, Alaa

January 2022

Security testing is a widely applied measure to evaluate and improve software security by identifying vulnerabilities and ensuring security requirements related to properties like confidentiality, integrity, and availability. A confidentiality policy guarantees that attackers will not be able to expose secret information. In the context of software programs, the output that attackers observe will not carry any information about the confidential input information. Integrity is the dual of confidentiality, i.e., unauthorized and untrusted data provided to the system will not affect or modify the system’s data. Availability means that systems must be available at a reasonable time. Information flow control is a mechanism to enforce confidentiality and integrity. An accurate security assessment is critical in an age when the open nature of modern software-based systems makes them vulnerable to exploitation. Security testing that verifies and validates software systems is prone to false positives, false negatives, and other such errors, requiring more resilient tools to provide an efficient way to evaluate the threats and vulnerabilities of a given system. Therefore, the newly developed tool Reax controls information flow in Java programs by synthesizing conditions under which a method or an application is secure. Reax is a command-line application, and it is hard to be used by developers. This project has its primary goal to integrate Reax by introducing a plugin for Java IDEs to perform an advanced analysis of security flaws. Specifically, by design, a graphical plugin performs advanced security analysis that detects and reacts directly to security flaws within the graphical widget toolkit environment (SWT). The project proposed a new algorithm to find the root cause of security violations through a graphical interface as a second important goal. As a result, developers will be able to detect security violations and fix their code during the implementation phase, reducing costs.

secure development

application security

static application security testing

SAST

Computer Systems

Datorsystem

Secure Mobile Voice over IP

Abad Caballero, Israel Manuel

January 2003

Voice over IP (VoIP) can be defined as the ability to make phone calls and to send faxes (i.e., to do everything we can do today with the Public Switched Telephone Network, PSTN) over IP−based data networks with a suitable quality of service and potentially a superior cost/benefit ratio. There is a desire to provide (VoIP) with the suitable security without effecting the performance of this technology. This becomes even more important when VoIP utilizes wireless technologies as the data networks (such as Wireless Local Area Networks, WLAN), given the bandwidth and other constraints of wireless environments, and the data processing costs of the security mechanisms. As for many other (secure) applications, we should consider the security in Mobile VoIP as a chain, where every link, from the secure establishment to the secure termination of a call, must be secure in order to maintain the security of the entire process. This document presents a solution to these issues, providing a secure model for Mobile VoIP that minimizes the processing costs and the bandwidth consumption. This is mainly achieved by making use of high− throughput, low packet expansion security protocols (such as the Secure Real−Time Protocol, SRTP); and high−speed encryption algorithms (such as the Advanced Encryption Standard, AES). In the thesis I describe in detail the problem and its alternative solutions. I also describe in detail the selected solution and the protocols and mechanisms this solution utilizes, such as the Transport Layer Security (TLS) for securing the Session Initiation Protocol (SIP), the Real−Time Protocol (RTP) profile Secure Real−Time Protocol (SRTP) for securing the media data transport , and the Multimedia Internet KEYing (MIKEY) as the key−management protocol. Moreover, an implementation of SRTP, called MINIsrtp, is also provided. The oral presentation will provide an overview of these topics, with an in depth examination of those parts which were the most significant or unexpectedly difficult. Regarding my implementation, evaluation, and testing of the model, this project in mainly focused on the security for the media stream (SRTP). However, thorough theoretical work has also been performed and will be presented, which includes other aspects, such as the establishment and termination of the call (using SIP) and the key−management protocol (MIKEY). / Voice over IP (VoIP) kan defineras som förmågan att göra ett telefonsamtal och att skicka fax (eller att göraallting som man idag kan göra över det publika telefonnätet) över ett IP−baserat nätverk med en passande kvalitet och till lägre kostnad, alternativt större nytta. VoIP måste tillhandahållas med nödvändiga säkerhetstjänster utan att teknikens prestanta påverkas. Detta blir allt viktigare när VoIP används över trådlösa länktekniker (såsom trådlösa lokala nätverk, WLAN), givet dessa länkars begränsade bandbredd och den bearbetningkraft som krävs för att exekvera säkerhetsmekanismerna. Vi måste tänka på VoIPs säkerhet likt en kedja där inte någon länk, från säker uppkoppling till säker nedkoppling, får fallera för att erhålla en säker process. I detta dokument presenteras en lösning på detta problem och innefattar en säker modell för Mobile VoIP som minimerar bearbetningskostnaderna och bandbreddsutnyttjandet. Detta erhålls huvudsakligen genom utnyttjande av säkerhetsprotokoll med hög genomströmning och låg paketexpansion, såsom "Secure Real− time Protocol" (SRTP), och av krypteringsprotokoll med hög hastighet, såsom "Advanced Encryption Standard" (AES). I detta dokument beskriver jag problemet och dess alternativa lösningar. Jag beskriver också den valda lösningen och dess protokoll och mekanismer mer detaljerat, till exempel "Transport Layer Security" (TLS) för att säkra "Session Initiation Protocol" (SIP), SRTP för att skydda transporten av data och "Multimedia Internet KEYing" (MIKEY) för nyckelhantering. En implementation av SRTP, kallad MINIsrtp, finns också beskriven. Beträffande praktiskt arbete och tester av lösningsmodellen har detta projekt fokuserats på skyddandet av datatransporten (SRTP), dess implementation och prestanda. Emellertid har en grundlig teoretisk undersökning genomförts, vilken innefattar andra aspekter såsom telefonsamtalets uppkoppling och nedkoppling (med hjälp av SIP) och valet av passande nyckelhanteringsprotokoll (MIKEY) för att stödja SRTP.

security

voice over IP

Secure Real-Time Protocol (SRTP

Communication Systems

Kommunikationssystem

Säker grannupptäck i IPv6 / Secure Neighbor Discovery in IPv6

Huss, Philip

January 2011

The IPv6 protocol offers with some new functions, one of them is auto configuration. With auto configuration it is possible for nodes, i.e. hosts and routers, for automatically associated with IPv6 addresses without manual configuration. Auto configuration it is another protocol as it uses Neighbor Discovery protocol (ND) messages (ND is mandatory in the IPv6 stack). The main purpose of ND is that nodes can discover other nodes on the local link, perform address resolution, check that addresses are unique, and check the reachability with active nodes. There are exactly the same vulnerabilities of IPv6 as IPv4 and is now exception, ND if not properly secured. IPsec is a standard security mechanism for IPv6 but it does not solve the problem of secure auto configuration due the bootstrapping problem. Therefore the Internet Engineering Task Force (IETF) introduced Secure Neighbor Discovery (SEND). SEND is a mechanism for authentication, message protection, and router authentication. One important element of SEND is the use of Cryptographically Generated Address (CGA) an important mechanism to prove that the sender of the ND message is the actual owner of the address it claims NDprotector is an open-source implementation of SEND served as the basis for the analysis presented in this report. This implementation was evaluated in a small lab environment against some attacks in order to establish if it can defend itself from these attacks. / IPv6 protokollet kom det ett par nya funktioner där en av dem är autokonfiguration. Autokonfiguration gör det möjligt för noder, d.v.s. hostar och routrar för att automatiskt bli tilldelade IPv6 adresser manuell konfigurering. För att autokonfiguration ska fungera så används Neighbor Discovery (ND) meddelanden som är ett obligatoriskt protokoll i IPv6- stacken. ND har till huvudsaklig uppgift att noder kan upptäcka andra noder på den lokala länken, utföra adressöversättningar, kolltrollera så att adresser är unika samt kontrollera tillgängligheten hos aktiva noder. Precis som IPv4 så har IPv6 en hel del sårbarheter och med ND så är det inget undantag då det inte är säkrat. IPsec som är en den standard säkerhets mekanism till IPv6 löser inte problemet på grund av bootstrapping problemet. Det var därför Internet Engineering Task Force (IETF) introducerade Secure Neighbor Discovery (SEND). SEND är en mekanism för autentisering, meddelande skydd och router autentisering. En viktig del av SEND är Cryptographilcally Generated Address (CGA), en teknik som används för att försäkra sig så att det är den sändaren av ND meddelandet som är den riktiga ägaren av den hävdade adressen. NDprotector är en öppen källkods implementation av SEND som jag har valt att ha som grund för denna rapport. Jag kommer att sätta upp NDprotector i en liten labbmiljö där jag kommer att utföra olika attacker samt se efter om det klarar att försvara sig emot attackerna.

IPV6 security

Neighbor Discovery

Secure Neighbor Discovery

Cryptographically Generated Addresses

Engineering and Technology

Teknik och teknologier