Interoperable Retransmission Protocols with Low Latency and Constrained Delay : A Performance Evaluation of RIST and SRT / Interoperabla omsändningsprotokoll med låg latens och begränsad fördröjning : en prestandaanalys av RIST och SRT

Sonono, Tofik

January 2019

The media industry has during the last decade migrated services from dedicated medianetworks to more shared resources and lately also the public internet and public data centers. Inorder to cater for such transition, several protocols have been designed to meet the demand forhigh-quality media transport over lossy infrastructure, protocols such as SRT and RIST. Thepurpose of Reliable Internet Stream Transport (RIST) and Secure Reliable Transport (SRT) is tohave all vendors of broadcasting equipment support an interoperable way of communication. Thelack of interoperability locks consumers into one particular vendor’s family of products - most oftenthis equipment only supports a proprietary technology. Interoperability creates a more competitivemarket space which benefits consumers and gives vendors an incentive to be more innovative intheir solutions. The purpose of this thesis is to assess the performance of these protocols by comparing theirperformance to a proprietary solution (named ÖÖÖ in this thesis and seen as an establishedsolution in the industry). The challenge is to test these protocols in a lab environment, but have theresults represent real-world use. For this, a large subset of samples is needed along with samplesmeasured over a long period. This sampling was made possible by writing a script which automatesthe sampling process. The results indicate that the versions of RIST and SRT tested in this thesis to some extentcompare well to the selected established protocol (ÖÖÖ). In many scenarios, SRT even did muchbetter, mainly when a line with a single feed was tested. For instance, when the network suffered a2% drop rate and utilized retransmission SRT performed the best and was the only protocol whichhad some samples where no packets were dropped during one hour of measurements. Whenrunning all three protocols at the same time, SRT also did the best in a network with up to 12% droprate. The results in this thesis should give a broadcaster an idea of which of these protocols willfulfill their requirements in a broadcast application. / I mediabranschen finns det en efterfrågan på utrustning som har inslag av interoperabilitet.Anledningen till detta är att någon som köper produkter från en viss återförsäljare inte vill låsas in idenna återförsäljares ”ekosystem” i flera år framöver. Då en studio sällan uppgraderar hela sinproduktionskedja på samma gång ger interoperabilitet möjligheten att köpa utrustning från andraåterförsäljare när man ska uppgradera något i produktionslinan. Detta leder till en merkonkurrenskraftig marknad samt ger incentiv till nya innovativa lösningar. Detta examensarbete går ut på att utvärdera lösningar som tagits fram för att främjainteroperabilitet och jämföra dem med en existerande proprietärlösning. Reliable Internet StreamTransport (RIST) och Secure Reliable Transport (SRT) är två protokoll som tagits fram för just dettasyfte. Utmaningen med att utvärdera dessa protokoll är att i en labbmiljö få resultat som reflekteraranvändandet av protokollen i verkligheten. Detta har gjorts med hjälp av ett program som tagitsfram i detta examensarbete. Med detta program har testandet kunnat automatiseras. Resultaten i detta examensarbete visar potential hos båda RIST och SRT. SRT är i vissascenarion till och med bättre än den proprietära lösningen. Protokollen visar något buggigtbeteende i vissa instanser, såsom att i vissa fal sluta fungera och inte kunna återgå till normalfunktion utan manuell interaktion. Allt som allt är dock protokollen i de flesta fallen testade i dettaexamensarbete ett godtyckligt alternativ till den jämförda proprietära lösningen.

Reliable Internet Stream Transport

Secure Reliable Transport

Interoperability

Retransmission

Live streaming

RIST

SRT

Interoperabilitet

Omsändning

Direktsändning

Communication Systems

Kommunikationssystem

Examining the Relationship Between Non-Suicidal Self-Injury and Attachment Styles

Grundmanis, Larissa

20 January 2023

No description available.

Clinical Psychology

non-suicidal self-injury

NSSI

attachment style

self-harm

preoccupied attachment

secure attachment

insecure attachment

adult attachment

Secure emergency communications of emergency responders : a case study of Kemi municipality in Finland

Hartikainen, Heidi

January 2013

Emergency response is highly time-critical and information dependent: every moment counts and organizations need to access various information that supports their decision making and informs them about the scale and location of the emergency, the damages, and the availability of human and physical resources. This kind information can originate from many different places and the situation can be stressful as there is a need to communicate quickly, reliably and accurately within their own organization, but also inter-organizationally. ICTs make it possible to access and spread information with speed and efficiency, but other factors, such as different professional cultures, can still hinder information sharing. There is a growing need in emergency organizations to develop understanding for how communications between emergency responders can be secured. It seems important to consider how emergency responders respond to security objectives, since the assumptions for secure communications may not only be developed on the premise of ICT, but also how the emergency actors appreciate the emergency environments in terms of secure communications.The aim of this research is to develop understanding of information security and secure communications in a context where it has not been well researched. The research looks at secure emergency communications from a socio-technical viewpoint and concentrates on the communication inside and between the emergency organizations of police, the paramedics, and the rescue department in the municipality of Kemi, and more specifically on the communications of operative emergency actors while they are working in the preparedness and response phases of emergency management. Two persons from each organization were interviewed using semi-structured interviews, and the empirical data was used for writing the appended papers that are the basis of this thesis work.The research started by doing an extensive literature review and analysis on the field of secure emergency communications. The results show that while technical developments on the field aim at effective and secure technologies, organizational aspects of emergency communications seem to involve not only emergency actors, but also how these actors more and more utilize information technology. The landscape for emergency management is becoming very diverse, which challenges the way that secure emergency communications can be understood. The developers of future emergency communications structures not only need to ensure the technical aspects of confidentiality, availability and integrity of information, but they also need to take into account the social rules, norms and structures that guide the emergency communication. Next, this research sought out to re-conceptualize the role of information security in emergency response. A conceptual basis encompassing technical, cognitive and organizational information security layers as a relationship between association and connectivity was developed by synthesizing Actor Network Theory and Theory of Organizational Routines. The approach of combining two theoretical accounts details the enactment of information security in emergency response so as to understand how cognition ties technical security features with organizational security issues. Without the cognitive layer, the technical and organizational aspects of information security remain static or disconnected to the actions performed during emergency response. Theoretically the approach contributes constructively to describe an alternative approach to information security research to address the gap between formal and informal criteria of information security.Lastly, the research sought out to explore the current situation of the case organizations in detail concerning their level of information security, communication challenges faced, and training offered. It was learned that different aspects of information security are valued depending on whether emergency responders work in preparation periods or if they are responding to an emergency: 1) When working in their own respective organizations the most important aspect was information confidentiality 2) When responding to emergency the most important aspects were information availability and integrity. Most communication challenges present in emergency communications can be seen to arise when responding to emergencies. This is not something currently being taken into account in the case organizations. The basic training of emergency actors and the training and guidelines of each organization largely concentrate on confidentiality issues, and tools and communications training that would be needed to ensure information availability and integrity when responding to an emergency is not prioritized. To overcome the communication challenges present in emergency communications and to ensure confidentiality, availability and integrity of emergency information, those responsible for information security in emergency organizations must therefore provide up to date information security training and awareness building, but also tools and communications training that supports inter-organizational communication.

emergency management

information security

emergency response

emergency communications

secure communications

Information Systems, Social aspects

Towards secure computation for people

Issa, Rawane

23 June 2023

My research investigates three questions: How do we customize protocols and implementations to account for the unique requirement of each setting and its target community, what are necessary steps that we can take to transition secure computation tools into practice, and how can we promote their adoption for users at large? In this dissertation I present several of my works that address these three questions with a particular focus on one of them. First my work on "Hecate: Abuse Reporting in Secure Messengers with Sealed Sender" designs a customized protocol to protect people from abuse and surveillance in online end to end encrypted messaging. Our key insight is to add pre-processing to asymmetric message franking, where the moderating entity can generate batches of tokens per user during off-peak hours that can later be deposited when reporting abuse. This thesis then demonstrates that by carefully tailoring our cryptographic protocols for real world use cases, we can achieve orders of magnitude improvements over prior works with minimal assumptions over the resources available to people. Second, my work on "Batched Differentially Private Information Retrieval" contributes a novel Private Information Retrieval (PIR) protocol called DP-PIR that is designed to provide high throughput at high query rates. It does so by pushing all public key operations into an offline stage, batching queries from multiple clients via techniques similar to mixnets, and maintain differential privacy guarantees over the access patterns of the database. Finally, I provide three case studies showing that we cannot hope to further the adoption of cryptographic tools in practice without collaborating with the very people we are trying to protect. I discuss a pilot deployment of secure multi-party computation (MPC) that I have done with the Department of Education, deployments of MPC I have done for the Boston Women’s Workforce Council and the Greater Boston Chamber of Commerce, and ongoing work in developing tool chain support for MPC via an automated resource estimation tool called Carousels.

Computer science

Abuse reporting

Differential privacy

End to end encrypted messaging

Message franking

Private information retrieval

Secure multi-party computation

Architectural Synthesis Techniques for Design of Correct and Secure ICs

Sundaresan, Vijay

January 2008

No description available.

Computer Science

Integrated Circuit Design

EDA

CAD for VLSI

Cryptographic Hardware Design

Secure Embedded Systems

Architectural Synthesis

A Secure Web Based Data Collection and Distribution System for Global Positioning System Research

Bleyle, Derek

24 November 2004

No description available.

Network

GPS

Global Positioning System

Secure FTP

SFTP

Firewall

Internet

Data Collection

LAAS

Local Area Augmentation System

Sliding Mode Approaches for Robust Control, State Estimation, Secure Communication, and Fault Diagnosis in Nuclear Systems

Ablay, Gunyaz

19 December 2012

No description available.

Nuclear Engineering

nuclear reactors

sliding modes

fault diagnosis

robust control

steam generator

reactor kinetics

observers

chaos

secure communication

DTLS Adaptation for Efficient Secure Group Communication

Nikitin, Kirill

January 2015

The Internet has been growing rapidly during the past threedecades, evolving into a new paradigm called the Internet ofThings where all electronic devices are to be connected tothe global network. One of the most crucial needs forcommunication in this future global network is assuring its security.Datagram Transport Layer Security is a de facto standard protocolto secure end-to-end communication in the IoT. However, there isalso an increasing need for secure and efficient groupcommunication due to the frequently resource-constrained IoTenvironment. A DTLS adaptation for multicast communication hasbeen already proposed but protection of responses to multicastrequests has not been fully addressed yet. Furthermore, there is nopublicly available implementation of this adaptation. This thesis work is conducted in collaboration with SICS SwedishICT which is a research organization with a focus on appliedComputer Science. We have implemented the existing DTLS-basedapproach for multicast communication for the Contiki OS. We havealso implemented an approach for efficient response protectionthat was initially proposed at SICS and that we analyse andenhance in this thesis. Finally, we have experimentally evaluatedour and other approaches on a constrained hardware platform interms of memory requirements, communication performance andenergy consumption. We demonstrate advantages of our approachbased upon obtained results. / Internet har vuxit snabbt under de tre senaste decennierna, ochutvecklas till ett nytt paradigm kallat Internet of Things där allaelektroniska enheter kopplas till det globala nätverket. Ett av deviktigaste behoven för kommunikation i detta framtida globalanätverk är att garantera säkerhet. Datagram Transport LayerSecurity protokollet är en de facto-standard för säker end-to-endkommunikation i IoT. Det finns emellertid också ett ökande behovav säker och effektiv gruppkommunikation på grund av att IoTmiljöni regel är resursbegränsad. En anpassning av DTLS förmulticast-kommunikation har föreslagits men skydd av svar påmulticast-förfrågningar har ännu inte till fullo behandlats.Dessutom finns ingen offentligt tillgänglig implementation av dennaanpassning. Detta examensarbete utförs i samarbete med SICS Swedish ICTsom är en forskningsorganisation med fokus på tillämpaddatavetenskap. Vi har implementerat den existerande DTLSbaseradelösningen för multicast-kommunikation föroperativsystemet Contiki. Vi har också implementerat en lösningför effektivt skydd av svar på förfrågningar som ursprungligenföreslogs hos SICS och som vi analyserar och förbättrar i dettaexamensarbete. Slutligen har vi experimentellt utvärderat vår ochandra metoder på en begränsad hårdvaruplattform när det gällerminnesbehov, kommunikationsprestanda och energiförbrukning. Vivisar fördelar med vår metod baserat på de erhållna resultaten.

DTLS

secure group communication

multicast

Internet of Things

efficient security

DTLS

säker gruppkommunikation

multicast

Internet of Things

effektiv säkerhet

Usability-Driven Security Enhancements in Person-to-Person Communication

Yadav, Tarun Kumar

01 February 2024

In the contemporary digital landscape, ensuring secure communication amid widespread data exchange is imperative. This dissertation focuses on enhancing the security and privacy of end-to-end encryption (E2EE) applications while maintaining or improving usability. The dissertation first investigates and proposes improvements in two areas of existing E2EE applications: countering man-in-the-middle and impersonation attacks through automated key verification and studying user perceptions of cryptographic deniability. Insights from privacy-conscious users reveal concerns about the lack of E2EE support, app siloing, and data accessibility by client apps. To address these issues, we propose an innovative user-controlled encryption system, enabling encryption before data reaches the client app. Finally, the dissertation evaluates local threats in the FIDO2 protocol and devises defenses against these risks. Additionally, it explores streamlining FIDO2 authentication management across multiple websites for user convenience and security.

FIDO2

End-to-end encryption

E2EE

Application-independent encryption

2FA

Signal

Secure messaging

MITM attacks

Authentication

Physical Sciences and Mathematics

Enhancing Trust in Reconfigurable Hardware Systems

Venugopalan, Vivek

01 March 2017

A Cyber-Physical System (CPS) is a large-scale, distributed, embedded system, consisting of various components that are glued together to realize control, computation and communication functions. Although these systems are complex, they are ubiquitous in the Internet of Things (IoT) era of autonomous vehicles/drones, smart homes, smart grids, etc. where everything is connected. These systems are vulnerable to unauthorized penetration due to the absence of proper security features and safeguards to protect important information. Examples such as the typewriter hack involving subversive chips resulting in leakage of keystroke data and hardware backdoors crippling anti-aircraft guns during an attack demonstrate the need to protect all system functions. With more focus on securing a system, trust in untrusted components at the integration stage is of a higher priority. This work builds on a red-black security system, where an architecture testbed is developed with critical and non-critical IP cores and subjected to a variety of Hardware Trojan Threats (HTTs). These attacks defeat the classic trusted hardware model assumptions and demonstrate the ability of Trojans to evade detection methods based on physical characteristics. A novel metric is defined for hardware Trojan detection, termed as HTT Detectability Metric (HDM) that leverages a weighted combination of normalized physical parameters. Security analysis results show that using HDM, 86% of the implemented Trojans were detected as compared to using power consumption, timing variation and resource utilization alone. This led to the formulation of the security requirements for the development of a novel, distributed and secure methodology for enhancing trust in systems developed under untrusted environments called FIDelity Enhancing Security (FIDES). FIDES employs a decentralized information flow control (DIFC) model that enables safe and distributed information flows between various elements of the system such as IP cores, physical memory and registers. The DIFC approach annotates/tags each data item with its sensitivity level and the identity of the participating entities during the communication. Trust enhanced FIDES (TE-FIDES) is proposed to address the vulnerabilities arising from the declassification process during communication between third-party soft IP cores. TE-FIDES employs a secure enclave approach for preserving the confidentiality of the sensitive information in the system. TE-FIDES is evaluated by targeting an IoT-based smart grid CPS application, where malicious third-party soft IP cores are prevented from causing a system blackout. The resulting hardware implementation using TE-FIDES is found to be resilient to multiple hardware Trojan attacks. / Ph. D.

Secure Computing

Trusted Computing

Resilient Computing

Root of Trust

Hardware Trojans

Cyber Physical System Security

Embedded Systems

Reconfigurable Hardware