Global ETD Search

61	Architectures de réseaux pour la délivrance de services à domicile / Network architectures for home service delivery Werapun, Warodom 27 September 2012 (has links) Avec l’omniprésence au quotidien du numérique et de l’informatique, de plus en plus d’utilisateurs souhaitent avoir accès à Internet et à leurs applications via n’importe quel périphérique, de n’importe où et n’importe quand. Les appareils domestiques intelligents se développant, les besoins d’échanger des données au domicile même se font de plus en plus sentir. C’est dans ce contexte, celui des services à domicile avec besoin d’interconnexion que se situe notre étude. Ce type de service est qualifié de Home Service (HS) alors que le réseau à domicile est nommé Home Network (HN). La problématique pour les opérateurs est alors de concevoir des architectures appropriées à l’interconnexion des HN de manière sécurisée tout en permettant un déploiement facile et à grande échelle. Dans la première étape, nous considérons la livraison de services sécurisés à travers un réseau de nouvelle génération (NGN) : IMS (IP Multimedia Subsystem). IMS étant l’architecture de référence pour son caractère réseau NGN des opérateurs, diverses architectures peuvent être développées comme support aux HS. Nous avons choisi d'analyser et de mettre en place une architecture P2P centralisée et de le comparer à l’architecture de référence. Plusieurs mécanismes d'authentification sont mis en place autour du P2P centralisé afin de sécuriser la prestation de services. La modélisation et l’évaluation de notre proposition ont permis d’identifier sa relation à l’IMS mais aussi des problèmes inhérents aux solutions centralisées : la protection des données personnelles, l’impact de la taille sur réseau sur les performances, l’existence d’un point de faiblesse unique face aux attaques et la congestion au niveau du serveur centralisé. Par conséquent, nous nous sommes tournés vers les solutions distribuées pour résoudre ces problèmes. Dans la deuxième étape, nous considérons l’architecture P2P non-structurée, qualifiée de pur P2P. La cryptographie basée sur l'identité (IBC) est ajoutée au P2P pur afin d’authentifier les utilisateurs et de protéger leurs communications. Pour chacune des solutions une analyse du coût de signalisation est effectuée révélant une faiblesse en ce qui concerne l’étape de recherche. Dans un déploiement à grande échelle, le coût de cette phase est trop élevé. Aussi, nous examinons le P2P structuré basé sur les Dynamic Hash Tables, une autre solution distribuée. Cette architecture est étudiée par l'IETF en tant qu’une des dernières générations de P2P: REsource LOcation And Discovery (RELOAD) Base Protocol. Nous proposons son utilisation dans le cadre des HSs. Comme preuve du concept, cette solution a été implantée et déployée sur un petit réseau en utilisant TLS/SSL comme mécanisme de sécurité. Cette plateforme nous a permis d’étudier les délais et les coûts de cette solution. Pour terminer, un bilan est établi sur toutes les solutions proposées En outre, nous introduisons d’autres types de HS et leurs possibilités de déploiement futur. / With digital life enhancement, more users would like to get seamless Internet and information with any devices, at any time and from anywhere. More and more home devices need to exchange data or to control other devices. The type of services is labelled Home Service (HS) and it is deployed though a Home Network (HN). Some users need to use their HS outside their HN, some others need to interconnect other HN. Operators have to provide suitable network architectures to ensure this interconnection and to provide at the same time, scalability, remote access, easy deployment and security. Here is the topic of our work. In the fist step, we consider a practical illustration around the Next-Generation Network (NGN) and the secured services. It is the IMS (IP Multimedia Subsystem) approach for the management of services that is generally supported by the NGN network operators. However, various network operator architectures can be developed to support these services. An alternative way is the P2P architectures. We choose to analyze and implement a centralized P2P and we compare it with the IMS solution. Several authentication mechanisms are introduced to secure the centralized P2P. An evaluation of these architectures is conducted. Since the previous solutions present some issues due to their centralized feature, we consider distributed solutions in a second step. The non-structured P2P, called pure P2P, can also support HS. Identity Based Crytography (IBC) is added to these architectures in order to offer authentication and protection to user communications. The different solutions are compared through their signaling and transmission cost. The study shows that searching step in this architecture is really costly, facing a scalability problem. Thus, we propose to use a structured P2P (called Dynamic Hash Table) for delivering HS between HN. This type of architecture is studied by IETF with the REsource Location And Discovery (RELOAD) Base Protocol. This solution is implanted and deployed here to be a proof of the concept. This test-bed enables the study of delay and security overhead in a real system. Eventually, the presented solutions are recaptured in order to see their advantages/ disadvantages. In addition, we introduce other perspectives in terms of HSs and network interconnection. Services à domicile Réseaux domestiques Architecture réseaux Pair à pair Ims Sip Dht Authentification Sécurité Tls/ssl Reload Home services Home network Network architecture Peer to peer Ims Sip Dht Authentication Security Tls/ssl Reload
62	Vilken mjukvarubaserad fjärranslutningslösning är passande för ett mindre företag? Hurtig, Andreas, Gisslar, Thomas, Karlsson, Alexander January 2009 (has links) <p> </p><p>Syftet med denna undersökning är att ta reda på vilken mjukvarubaserad fjärranslutningslösning som passar för ett mindre företag, då de har mindre ekonomiska tillgångar än ett större företag behöver de vara mer noggranna med sina produktval. Arbetet är utfört med litteraturstudier och en enkätundersökning till ett tiotal mindre företag, samt en laborationsmiljö där tester av de olika fjärranslutningslösningarnas egenskaper har utförts.</p><p>Område valdes då ämnet fjärranslutning knappt behandlads under utbildningstiden, och fördjupar sig därför inom området.</p><p>Resultatet visar vad mindre företag anser vara de viktigaste egenskaperna med en fjärranslutningslösning. Även de värden som uppkom vid tester i laborationsmiljön kommer att presenteras i resultatet. De samlade resultaten kommer sedan visa på vilken mjukvarubaserad lösning som passar bäst för ett mindre företag.</p><p> </p> / <p><p>The purpose of this survey is to figure out which software based remote access solution that fits a smaller company, hence they have less economy assets than a larger company they need to be more thorough with their products of choice. The work is performed with literature studies and a survey of a dozen smaller companies, and also a laboratory environment where properties of the different remote access solutions are performed.</p><p>This area was chosen because the subject of remote access scarcely was treated during our education, and become engrossed in this area.</p><p>The result shows what the companies consider to be the most important properties with a remote access and also the products results from the tests. Also the values that occurred during testing in a laboratory environment will be presented in the results. The combined results will then show which software-based solution that is best suited for a small company.</p></p> VPN Remote access L2TP IPSec PPTP Open Swan OpenVPN SSLExplorer Tunneling Tunnel VPN connection SSL-VPN VPN Fjärranslutning L2TP IPSec PPTP OpenSwan OpenVPN SSLExplorer Fjärråtkomst Remote access Tunnling Tunnel VPN-anslutning SSL-VPN Computer engineering Datorteknik
63	Vilken mjukvarubaserad fjärranslutningslösning är passande för ett mindre företag? Hurtig, Andreas, Gisslar, Thomas, Karlsson, Alexander January 2009 (has links) Syftet med denna undersökning är att ta reda på vilken mjukvarubaserad fjärranslutningslösning som passar för ett mindre företag, då de har mindre ekonomiska tillgångar än ett större företag behöver de vara mer noggranna med sina produktval. Arbetet är utfört med litteraturstudier och en enkätundersökning till ett tiotal mindre företag, samt en laborationsmiljö där tester av de olika fjärranslutningslösningarnas egenskaper har utförts. Område valdes då ämnet fjärranslutning knappt behandlads under utbildningstiden, och fördjupar sig därför inom området. Resultatet visar vad mindre företag anser vara de viktigaste egenskaperna med en fjärranslutningslösning. Även de värden som uppkom vid tester i laborationsmiljön kommer att presenteras i resultatet. De samlade resultaten kommer sedan visa på vilken mjukvarubaserad lösning som passar bäst för ett mindre företag. / The purpose of this survey is to figure out which software based remote access solution that fits a smaller company, hence they have less economy assets than a larger company they need to be more thorough with their products of choice. The work is performed with literature studies and a survey of a dozen smaller companies, and also a laboratory environment where properties of the different remote access solutions are performed. This area was chosen because the subject of remote access scarcely was treated during our education, and become engrossed in this area. The result shows what the companies consider to be the most important properties with a remote access and also the products results from the tests. Also the values that occurred during testing in a laboratory environment will be presented in the results. The combined results will then show which software-based solution that is best suited for a small company. VPN Remote access L2TP IPSec PPTP Open Swan OpenVPN SSLExplorer Tunneling Tunnel VPN connection SSL-VPN VPN Fjärranslutning L2TP IPSec PPTP OpenSwan OpenVPN SSLExplorer Fjärråtkomst Remote access Tunnling Tunnel VPN-anslutning SSL-VPN Computer Engineering Datorteknik
64	Sound Source Localization and Beamforming for Teleconferencing Solutions Kjellson, Angelica January 2014 (has links) In teleconferencing the audio quality is key to conducting successful meetings. The conference room setting imposes various challenges on the speech signal processing, such as noise and interfering signals, reverberation, or participants positioned far from the telephone unit. This work aims at improving the received speech signal of a conference telephone by implementing sound source localization and beamforming. The implemented microphone array signal processing techniques are compared to the performance of an existing multi-microphone solution and evaluated under various conditions using a planar uniform circular array. Recordings of test-sequences for the evaluation were performed using a custom-built array mockup. The implemented algorithms did not show good enough performance to motivate the increased computational complexity compared to the existing solution. Moreover, an increase in number of microphones used was concluded to have little or no effect on the performance of the methods. The type of microphone used was, however, concluded to have impact on the performance and a subjective listening evaluation indicated a preference for omnidirectional microphones which is recommended to investigate further. / God ljudkvalitet är en grundsten för lyckade telefonmöten. Miljön i ett konferens-rum medför ett flertal olika utmaningar för behandlingen av mikrofonsignalerna: det kan t.ex. vara brus och störningar, eller att den som talar befinner sig långt från telefonen. Målet med detta arbete är att förbättra den talsignal som tas upp av en konferenstelefon genom att implementera lösningar för lokalisering av talaren och riktad ljudupptagning med hjälp av ett flertal mikrofoner. De implementerade metoderna jämförs med en befintlig lösning och utvärderas under olika brusscenarion för en likformig cirkulär mikrofonkonstellation. För utvärderingen användes testsignaler som spelades in med en specialbyggd enhet. De implementerade algoritmerna kunde inte uppvisa en tillräcklig förbättring i jämförelse med den befintliga lösningen för att motivera den ökade beräkningskomplexitet de skulle medföra. Dessutom konstaterades att en fördubbling av antalet mikrofoner gav liten eller ingen förbättring på metoderna. Vilken typ av mikrofon som användes konstaterades däremot påverka resultatet och en subjektiv utvärdering indikerade en preferens för de rundupptagande mikrofonerna, en skillnad som föreslås undersökas vidare. statistical digital signal processing microphone array signal processing sound source localization (SSL) beamforming uniform circular array (UCA) teleconferencing
65	Sécurité des échanges. Conception et validation d'un nouveau protocole pour la sécurisation des échanges. Hajjeh, Ibrahim 12 1900 (has links) (PDF) De nombreux mécanismes de sécurité ont été proposés pour les réseaux fixes et mobiles. Bien que ces mécanismes aient pu répondre à un ensemble d'exigences de sécurité, ils demeurent uniquement efficaces dans un contexte spécifique lié aux hypothèses et aux exigences restrictives qui ont été émises lors de la conception. Dans un premier temps, nous définissons une liste d'exigences en sécurité qui permet d'analyser les solutions de sécurité les plus déployées. Dans un second temps, nous proposons d'étendre le protocole SSL/TLS avec de nouveaux services. SSL/TLS est une solution de sécurité générique et transparente aux applications. Ainsi, il ne couvre pas les besoins spécifiques à certaines classes d'application telles que les applications de paiement sur Internet. Notre propositions d'intégrer le protocole d'échange des clés ISAKMP avec SSL/TLS permet de fournir, entre autres, la protection d'identité des utilisateurs et l'unification des associations de sécurité. Afin d'étendre l'utilisation de SSL/TLS vers les systèmes de paiement sur Internet, nous intégrons un module générique pour la génération d'une preuve de non répudiation dans le protocole SSL/TLS. Par ailleurs, toutes ces propositions restent, cernées par le problème d'interopérabilité avec les anciennes versions de chaque protocole. Ce qui rend la satisfaction de tous les besoins à travers un des protocoles existants irréalisables. Pour cela, nous proposons finalement de concevoir et de valider un nouveau protocole de sécurité qui intègre nativement l'évolution des protocoles de sécurité des échanges et des réseaux d'une manière performante. Nous avons appelé ce protocole SEP (Secure and Extensible Protocol) Protocole de sécurité Services de sécurité Sécurisation des échanges Sécurisation des réseaux Protocole de gestion des clés Protocole d'authentification Ssl Ipsec Isakmp Ike Sep
66	Analysis of Methods for Chained Connections with Mutual Authentication Using TLS / Analys av metoder för kedjade anslutningar med ömsesidig autentisering användandes TLS Petersson, Jakob January 2015 (has links) TLS is a vital protocol used to secure communication over networks and it provides an end- to-end encrypted channel between two directly communicating parties. In certain situations it is not possible, or desirable, to establish direct connections from a client to a server, as for example when connecting to a server located on a secure network behind a gateway. In these cases chained connections are required. Mutual authentication and end-to-end encryption are important capabilities in a high assur- ance environment. These are provided by TLS, but there are no known solutions for chained connections. This thesis explores multiple methods that provides the functionality for chained connec- tions using TLS in a high assurance environment with trusted servers and a public key in- frastructure. A number of methods are formally described and analysed according to multi- ple criteria reflecting both functionality and security requirements. Furthermore, the most promising method is implemented and tested in order to verify that the method is viable in a real-life environment. The proposed solution modifies the TLS protocol through the use of an extension which allows for the distinction between direct and chained connections. The extension which also allows for specifying the structure of chained connections is used in the implementation of a method that creates chained connections by layering TLS connections inside each other. Testing demonstrates that the overhead of the method is negligible and that the method is a viable solution for creating chained connections with mutual authentication using TLS. TLS SSL mutual authentication chained connection chain proxy chain TLS extension extension certificates PKI Computer Engineering Datorteknik
67	Multiplatformní aplikace pro správu síťových prvků Mikrotik / Multiplatform application for Mikrotik network devices management Bárdossy, Adrián January 2018 (has links) Diploma thesis contains the description of the application developement for management of network entities based on mikrotik devices. In the intro, there is the description of used libraries, also description of API. In the next part of thesis there is programmed part of application backend. This part contains description of individual directories of project, which was written in pycharm. Every directory is described by one file together with UML diagram and table of methods in specific class. In the next part of thesis, there is the description of graphical part of the application and its example on one section of programmed buttons. It contains also output in form of pictures from the application. In the last section, there is tutorial for modules instalation, which are needed to run the application and contains manual testing of application.
68	Aplikace pro Android na bezpečnostní monitorování komunikace / Android App for Security Monitoring of Communication Klepáčková, Karolína January 2019 (has links) This diploma thesis is focused on implementation of application for security monitoring of network communication of other applications in mobile device with Android platform. Provides users information about security risks that may harm his/her privacy or device. It uses a local VPN to tunnel all data sent to the wireless network. These can be linked to an application that has sent them because the Android kernel is derived from the Linux kernel and can be used to retrieve information about established network connections and the application identifier associated with the connection. This mapping allows to get more information about an app that is potentially dangerous for your mobile device.
69	Spojovací systémy založené na IP telefonii / Communication systems based on IP telephony Zimek, Josef January 2008 (has links) My master’s thesis is focused on designing and creating communication network, which provides communication between two independent networks through encrypted tunnel. My solution is based on routers formed by older personal computers with FreeBSD like a operating system. Between routers is created static encrypted tunnel by using IPSec protocol. Voice services provides packet oriented exchange Asterisk with support of signaling protocol SIP. This solution can be used eg. for connecting remote branch to headquarters of company and then can branch utilize shrared resources. To headquarters can connect also remote workers from their home. In this case are used SSL certificates to authentication of user. This scenario is very required today.
70	Realizace certifikační autority a digitálního podpisu / Implementation of certification authority and digital signature Troják, Martin January 2008 (has links) This master´s thesis deals with problems of certification authorities and digital signature. There are analyzed principles of digital certificates and certification authorities. It describes the the most widely used cryptosystems and hash functions, which are used in communications with certificates and digital signature. Analysis is focused on Public key infrastructure standard, which describes rules of creating of certification authority and digital signature. There is also described detailed principle of digital signature. Next chapters deals with studying of protocol SSL, principles of functions and usage of SSL. Practical part of this thesis realizes certification authority and information system. There is shown used software and configuration of it. Last part describes procedures during using aplication and her realization.

Search results