Global ETD Search

91	Exploring the Evolution of the TLS Certificate Ecosystem Farhan, Syed Muhammad 01 June 2022 (has links) A vast majority of popular communication protocols for the internet employ the use of TLS (Transport Layer Security) to secure communication. As a result, there have been numerous efforts including the introduction of Certificate Transparency logs and Free Automated CAs to improve the SSL certificate ecosystem. Our work highlights the effectiveness of these efforts using the Certificate Transparency dataset as well as certificates collected via full IPv4 scans. We show that a large proportion of invalid certificates still exists and outline reasons why these certificates are invalid and where they are hosted. Moreover, we show that the incorrect use of template certificates has led to incorrect SCTs being embedded in the certificates. Taken together, our results emphasize continued involvement for the research community to improve the web's PKI ecosystem. / Master of Science / Security and Privacy for communication over the internet is increasingly important. TLS (Transport Layer Security) is the most popular protocol used to secure communications over the internet today. This work explores how this protocol has evolved over the past 9 years and how effective the measures undertaken by the community have been to improve the adherence to best practices in the wild. TLS employs the use of certificates to initialize secure communication and make sure the other party is indeed who they say they are. We show that while security has improved over the years, a majority of certificates are invalid and outline reasons why. We also observe the growth of Certificate Transparency logs and show how the use of template certificates cause unexpected issues. Taken together, our results emphasize a continued involvement for the research community to improve the TLS certificate ecosystem. Security TLS Certificates Network Security Cryptography Public Key Cryptography Web Security Protocol Measurement
92	An automated tool for website security assessment : Demonstration on Swedish authorities’ websites Valdaserides Olofsson, Max, Stengård, Malte January 2024 (has links) The evolution of internet has affected society in many ways. Organizations and authorities offer their services on their many corresponding websites. Consequently, secure connections to these websites are a necessity, in addition to continuously evaluate their security. Many studies exist on website security analysis of some set of websites and it is found that researchers often develop and utilize several toolsand scripts for their studies - one for collecting data, one for parsing the output, and one for visualizing the data. Undoubtedly, this whole process is labor intensive, and for this reason we in this thesis propose a tool that automates this whole process. Moreover, the Swedish authorities and their corresponding websites provide information and services regarding their specific areas of expertise that are essential for the functioning of the Swedish society. As such, this puts a high expectation of the usage of state-of-the-art security technology and best practice implementations on these websites in order to keep the Swedish society functioning and keep their websites’ visitors safe. For this reason, we in this thesis focus on mainly two things: 1. Design and develop a tool that will be easy to use to collect a set of websites’ security parameter implementations and best practices, and thereafter automatically and adequately visualize this data to assess the websites’ security readiness; and 2. Demonstrate the developed tool on the Swedish authorities’ websites to assess their website security readiness. The result shows a good overall security in the Swedish authorities’ websites, though there is room for improvement. security.txt TLS https http security headers cipher suite Swedish authorities automation Computer Sciences Datavetenskap (datalogi)
93	Architectures de réseaux pour la délivrance de services à domicile / Network architectures for home service delivery Werapun, Warodom 27 September 2012 (has links) Avec l’omniprésence au quotidien du numérique et de l’informatique, de plus en plus d’utilisateurs souhaitent avoir accès à Internet et à leurs applications via n’importe quel périphérique, de n’importe où et n’importe quand. Les appareils domestiques intelligents se développant, les besoins d’échanger des données au domicile même se font de plus en plus sentir. C’est dans ce contexte, celui des services à domicile avec besoin d’interconnexion que se situe notre étude. Ce type de service est qualifié de Home Service (HS) alors que le réseau à domicile est nommé Home Network (HN). La problématique pour les opérateurs est alors de concevoir des architectures appropriées à l’interconnexion des HN de manière sécurisée tout en permettant un déploiement facile et à grande échelle. Dans la première étape, nous considérons la livraison de services sécurisés à travers un réseau de nouvelle génération (NGN) : IMS (IP Multimedia Subsystem). IMS étant l’architecture de référence pour son caractère réseau NGN des opérateurs, diverses architectures peuvent être développées comme support aux HS. Nous avons choisi d'analyser et de mettre en place une architecture P2P centralisée et de le comparer à l’architecture de référence. Plusieurs mécanismes d'authentification sont mis en place autour du P2P centralisé afin de sécuriser la prestation de services. La modélisation et l’évaluation de notre proposition ont permis d’identifier sa relation à l’IMS mais aussi des problèmes inhérents aux solutions centralisées : la protection des données personnelles, l’impact de la taille sur réseau sur les performances, l’existence d’un point de faiblesse unique face aux attaques et la congestion au niveau du serveur centralisé. Par conséquent, nous nous sommes tournés vers les solutions distribuées pour résoudre ces problèmes. Dans la deuxième étape, nous considérons l’architecture P2P non-structurée, qualifiée de pur P2P. La cryptographie basée sur l'identité (IBC) est ajoutée au P2P pur afin d’authentifier les utilisateurs et de protéger leurs communications. Pour chacune des solutions une analyse du coût de signalisation est effectuée révélant une faiblesse en ce qui concerne l’étape de recherche. Dans un déploiement à grande échelle, le coût de cette phase est trop élevé. Aussi, nous examinons le P2P structuré basé sur les Dynamic Hash Tables, une autre solution distribuée. Cette architecture est étudiée par l'IETF en tant qu’une des dernières générations de P2P: REsource LOcation And Discovery (RELOAD) Base Protocol. Nous proposons son utilisation dans le cadre des HSs. Comme preuve du concept, cette solution a été implantée et déployée sur un petit réseau en utilisant TLS/SSL comme mécanisme de sécurité. Cette plateforme nous a permis d’étudier les délais et les coûts de cette solution. Pour terminer, un bilan est établi sur toutes les solutions proposées En outre, nous introduisons d’autres types de HS et leurs possibilités de déploiement futur. / With digital life enhancement, more users would like to get seamless Internet and information with any devices, at any time and from anywhere. More and more home devices need to exchange data or to control other devices. The type of services is labelled Home Service (HS) and it is deployed though a Home Network (HN). Some users need to use their HS outside their HN, some others need to interconnect other HN. Operators have to provide suitable network architectures to ensure this interconnection and to provide at the same time, scalability, remote access, easy deployment and security. Here is the topic of our work. In the fist step, we consider a practical illustration around the Next-Generation Network (NGN) and the secured services. It is the IMS (IP Multimedia Subsystem) approach for the management of services that is generally supported by the NGN network operators. However, various network operator architectures can be developed to support these services. An alternative way is the P2P architectures. We choose to analyze and implement a centralized P2P and we compare it with the IMS solution. Several authentication mechanisms are introduced to secure the centralized P2P. An evaluation of these architectures is conducted. Since the previous solutions present some issues due to their centralized feature, we consider distributed solutions in a second step. The non-structured P2P, called pure P2P, can also support HS. Identity Based Crytography (IBC) is added to these architectures in order to offer authentication and protection to user communications. The different solutions are compared through their signaling and transmission cost. The study shows that searching step in this architecture is really costly, facing a scalability problem. Thus, we propose to use a structured P2P (called Dynamic Hash Table) for delivering HS between HN. This type of architecture is studied by IETF with the REsource Location And Discovery (RELOAD) Base Protocol. This solution is implanted and deployed here to be a proof of the concept. This test-bed enables the study of delay and security overhead in a real system. Eventually, the presented solutions are recaptured in order to see their advantages/ disadvantages. In addition, we introduce other perspectives in terms of HSs and network interconnection. Services à domicile Réseaux domestiques Architecture réseaux Pair à pair Ims Sip Dht Authentification Sécurité Tls/ssl Reload Home services Home network Network architecture Peer to peer Ims Sip Dht Authentication Security Tls/ssl Reload
94	Weak and strong authentication in computer networks Choi, Taehwan 22 February 2013 (has links) In this dissertation, we design and analyze five authentication protocols that answer to the a firmative the following fi ve questions associated with the authentication functions in computer networks. 1. The transport protocol HTTP is intended to be lightweight. In particular, the execution of applications on top of HTTP is intended to be relatively inexpensive and to take full advantage of the middle boxes in the Internet. To achieve this goal, HTTP does not provide any security guarantees, including any authentication of a server by its clients. This situation raises the following question. Is it possible to design a version of HTTP that is still lightweight and yet provides some security guarantees including the authentication of servers by their clients? 2. The authentication protocol in HTTPS, called TLS, allows a client to authenti- cate the server with which it is communicating. Unfortunately, this protocol is known to be vulnerable to human mistakes and Phishing attacks and Pharm- ing attacks. Is it possible to design a version of TLS that can successfully defend against human mistakes and Phishing attacks and Pharming attacks? 3. In both HTTP and HTTPS, a server can authenticate a client, with which it is communicating, using a standard password protocol. However, standard password protocols are vulnerable to the mistake of a client that uses the same password with multiple servers and to Phishing and Pharming attacks. Is it possible to design a password protocol that is resilient to client mistakes (of using the same password with multiple servers) and to Phishing and Pharming attacks? 4. Each sensor in a sensor network needs to store n - 1 symmetric keys for secure communication if the sensor network has n sensor nodes. The storage is constrained in the sensor network and the earlier approaches succeeded to reduce the number of keys, but failed to achieve secure communications in the face of eavesdropping, impersonation, and collusion. Is it possible to design a secure keying protocol for sensor networks, which is e fficient in terms of computation and storage? 5. Most authentication protocols, where one user authenticates a second user, are based on the assumption that the second user has an "identity", i.e. has a name that is (1) fi xed for a relatively long time, (2) unique, and (3) ap- proved by a central authority. Unfortunately, the adoption of user identities in a network does create some security holes in that network, most notably anonymity loss, identity theft, and misplaced trust. This situation raises the following question. Is it possible to design an authentication protocol where the protocol users have no identities? / text Authentication Authentication protocols Server authentication Client authentication Integrity HTTP HTTPS Password protocol TLS Anonymous authentication Sensor networks Keying protocol
95	Critical evaluation of the theory of constraints lean six sigma continuous improvement management approach / Rojanette van Tonder. Van Tonder, Rojanette January 2011 (has links) Three methodologies are associated with production optimisation, namely, Theory of Constraints (TOC), Lean and Six Sigma – and each boasts with a number of success stories. This dissertation addresses the possibility of implementing all three these methodologies in a specific sequence at an organisation and also sets out to determine the impact of this implementation. A literature survey was conducted on all three stand-alone methodologies as well as on the combined methodology, which is called the Theory of Constrains Lean Six Sigma (TLS). TLS literature suggests that TOC should be implemented first with a view to identify the constraint in an organisation. Lean implementation should follow in order to eliminate any waste in the organisation. Lastly, Six Sigma should be implemented to optimise the process variability. TOC literature explains that The Goal of any organisation is to make money. All other objectives are only the means of achieving The Goal. The literature further indicates that the constraint in any organisation determines the drumbeat, and that this constraint should be managed by means of the Drum-Buffer-Rope methodology. Lean literature points towards 14 Management Principles by means of which an organisation should be managed in order to become a Lean organisation, while Six Sigma literature is concerned with the DMAIC (Define-Measure-Analyse-Improve-Control) methodology used for improvement projects and the belt system that is used to manage these improvement projects. Jonker Sailplanes, a sailplanes manufacturer in Potchefstroom, South Africa, was used as a case study for the implementation of TLS. A description is given of the processes and procedures that were followed before and after the implementation of TLS. The TLS methodology had to be adapted in order to meet the specific needs of Jonker Sailplanes into an adapted 14-step TLS implementation plan. After implementing TOC and Lean at Jonker Sailplanes, it was found that the organisation was not ready for the transition from Lean projects to Six Sigma projects. The implementation of Six Sigma was therefore referred for future research. One of the most significant findings of the current study was the very positive impact that the implementation of TLS had on the organisation: the production tempo (throughput) of the organisation has increased while the operating expenses per aircraft have decreased. This confirms that the profit per aircraft has increased. A critical evaluation of the implementation of the TLS methodology can therefore maintain that the implementation of TLS at Jonker Sailplanes was a success since the production tempo (throughput) and the organisational profit were increased and the implementation of the methodology was done with relative ease. In terms of interpreting results it was also necessary to set out how Jonker Sailplanes proceeded from a prototyping environment to a production setup, and how specifically identifying the constraint helped to achieve this transition. Furthermore, is it argued that when Lean is implemented before TOC, this could move the organisation away from The Goal, which is to make money. The interpretation of findings suggests that the procedure followed at Jonker Sailplanes was the most appropriate one. Finally, recommendations are made for future studies in terms of how to further improve the impact of the TLS implementation at Jonker Sailplanes. / Thesis (M.Ing. (Development and Management))--North-West University, Potchefstroom Campus, 2011. Lean -- Theory of constraints (TOC) Six sigma Production optimisation Aircraft manufacturing Continuous improvement Kaizen
96	Critical evaluation of the theory of constraints lean six sigma continuous improvement management approach / Rojanette van Tonder. Van Tonder, Rojanette January 2011 (has links) Three methodologies are associated with production optimisation, namely, Theory of Constraints (TOC), Lean and Six Sigma – and each boasts with a number of success stories. This dissertation addresses the possibility of implementing all three these methodologies in a specific sequence at an organisation and also sets out to determine the impact of this implementation. A literature survey was conducted on all three stand-alone methodologies as well as on the combined methodology, which is called the Theory of Constrains Lean Six Sigma (TLS). TLS literature suggests that TOC should be implemented first with a view to identify the constraint in an organisation. Lean implementation should follow in order to eliminate any waste in the organisation. Lastly, Six Sigma should be implemented to optimise the process variability. TOC literature explains that The Goal of any organisation is to make money. All other objectives are only the means of achieving The Goal. The literature further indicates that the constraint in any organisation determines the drumbeat, and that this constraint should be managed by means of the Drum-Buffer-Rope methodology. Lean literature points towards 14 Management Principles by means of which an organisation should be managed in order to become a Lean organisation, while Six Sigma literature is concerned with the DMAIC (Define-Measure-Analyse-Improve-Control) methodology used for improvement projects and the belt system that is used to manage these improvement projects. Jonker Sailplanes, a sailplanes manufacturer in Potchefstroom, South Africa, was used as a case study for the implementation of TLS. A description is given of the processes and procedures that were followed before and after the implementation of TLS. The TLS methodology had to be adapted in order to meet the specific needs of Jonker Sailplanes into an adapted 14-step TLS implementation plan. After implementing TOC and Lean at Jonker Sailplanes, it was found that the organisation was not ready for the transition from Lean projects to Six Sigma projects. The implementation of Six Sigma was therefore referred for future research. One of the most significant findings of the current study was the very positive impact that the implementation of TLS had on the organisation: the production tempo (throughput) of the organisation has increased while the operating expenses per aircraft have decreased. This confirms that the profit per aircraft has increased. A critical evaluation of the implementation of the TLS methodology can therefore maintain that the implementation of TLS at Jonker Sailplanes was a success since the production tempo (throughput) and the organisational profit were increased and the implementation of the methodology was done with relative ease. In terms of interpreting results it was also necessary to set out how Jonker Sailplanes proceeded from a prototyping environment to a production setup, and how specifically identifying the constraint helped to achieve this transition. Furthermore, is it argued that when Lean is implemented before TOC, this could move the organisation away from The Goal, which is to make money. The interpretation of findings suggests that the procedure followed at Jonker Sailplanes was the most appropriate one. Finally, recommendations are made for future studies in terms of how to further improve the impact of the TLS implementation at Jonker Sailplanes. / Thesis (M.Ing. (Development and Management))--North-West University, Potchefstroom Campus, 2011. Lean -- Theory of constraints (TOC) Six sigma Production optimisation Aircraft manufacturing Continuous improvement Kaizen
97	Abordagem experimental no ensino de física com materiais de baixo custo e reciclados / Experimental approach in the teaching of physics with low-cost and recyclable materials Cupaioli, Marcos Eder [UNESP] 22 September 2016 (has links) Submitted by MARCOS EDER CUPAIOLI (marcoscupaioli@hotmail.com) on 2016-12-02T01:24:31Z No. of bitstreams: 1 Dissertação ME Cupaioli pdf2.pdf: 1786404 bytes, checksum: db704a54f33dc6b28331ff0bbb07a982 (MD5) / Approved for entry into archive by Felipe Augusto Arakaki (arakaki@reitoria.unesp.br) on 2016-12-05T13:25:38Z (GMT) No. of bitstreams: 1 cupaioli_me_me_prud.pdf: 1786404 bytes, checksum: db704a54f33dc6b28331ff0bbb07a982 (MD5) / Made available in DSpace on 2016-12-05T13:25:38Z (GMT). No. of bitstreams: 1 cupaioli_me_me_prud.pdf: 1786404 bytes, checksum: db704a54f33dc6b28331ff0bbb07a982 (MD5) Previous issue date: 2016-09-22 / O presente trabalho aborda um conjunto de atividades experimentais com materiais de fácil manuseio, recicláveis e de baixo custo, baseados em uma abordagem de Teaching-Learning Sequence (TLS) ou Sequência de Ensino-Aprendizagem com enfoque intervencionista inspirada na investigação educacional. Utilizando para isso metodologias problematizadoras, visando o entrelaçamento científico e a perspectivas dos alunos sendo estes os protagonistas do seu conhecimento, fazendo a montagem e realizando as atividades experimentais, tendo o professor como mediador, orientando e explicando aos alunos em todo o processo. Além de abordar algumas atividades experimentais, mostrando como são realizadas as montagens dos experimentos e os objetivos a serem atingidos, trazemos um roteiro e uma sequência de como acreditamos que devemos abordá-las em sala de aula. Após a finalização dos experimentos, a análise dos resultados e a validação da aprendizagem, verificou-se, claramente, os progressos obtidos na aprendizagem da Física, com resultados bastante satisfatórios. As atividades aqui propostas podem ser utilizadas e redesenhadas pelo professor, de acordo com o nível de ensino e do conhecimento de seus alunos. / This study approaches a set of experimental activities with easy-handling, recyclable, low-cost materials, based on a Teaching-Learning Sequence (TLS) approach, with interventionist focus inspired by educational investigation. Using problematizing methodologies, aiming scientific intertwining and also the students’ perspective, with the students being the protagonists regarding their own knowledge creating and performing experimental activities, the teacher being a mediator, guiding and detailing with the whole process. Besides approaching some experimental activities, showing the way the experiments are prepared and the goals to be met, we bring guidelines and a sequence indicating how these activities should be approached in the classroom. After completion of the experiments, the analysis of the results and verification of learning, it was clearly verified progress acquired in learning physics with very satisfactory results. The activities proposed here can be used and adapted by teachers, according to the education level and knowledge of their students. TLS Ensino de Física Laboratório Didático Experimentação em Física Teaching-learning sequence Physics teaching Educational Lab Physics experimentation
98	Utvärdering av Leicas multistations och laserskanners mätosäkerheter Abdi, Shorash, Stedt, Fredrik January 2014 (has links) I nuläget finns det ingen standard för utvärdering av mätosäkerheter för terrester laserskanner (TLS), detta trots att instrumentet funnits på marknaden och använts länge. Eftersom tillverkarens specifikationer inte alltid överensstämmer, är det viktigt att ha kunskap om hur bra instrumentet presterar. Ett flertal studier har under det senaste decenniet tillämpat olika metoder för att undersöka mätosäkerheten på olika TLS. Syftet med denna studie var att utvärdera och jämföra mätosäkerheterna mellan Leica ScanStation C10, som är en renodlad TLS, och Leica Nova MS50, som är en totalstation med skanningsfunktion, under två olika väderförhållanden. Osäkerheterna togs fram genom att använda ISO 17123-5:2012, som egentligen är en internationell standard för framtagande av totalstationers mätosäkerheter, för att undersöka om denna standard även kan appliceras på TLS. Undersökningen, som skedde utomhus vid Högskolan i Gävle, genomfördes genom att skanna signaler som ställts upp i en triangelformation från tre stationer. Vid skanning med TLS användes både sfär- och HDS-signaler medan MS50 endast skannade sfärer. Signalerna skannades in fyra gånger från varje instrumentuppställning. Mittpunktskoordinaterna på signalerna togs fram med programvaran Cyclone och därefter beräknades mätosäkerheterna med härledning från ISO-standarden. Resultatet på 3D-osäkerheten för C10 med HDS-signal och sfär blev 2,9 mm respektive 3,5 mm vid soliga förhållanden samt 1,1 mm respektive 1,4 mm i molniga förhållanden. I MS50:s fall blev osäkerheten i sol 3,0 mm och 3,7 i moln. Den höga 3D-osäkerhet som MS50 påvisade under båda väderförhållandena berodde på hög osäkerhet i höjdled. Dessutom genomfördes en hypotesprövning i form av ett chi-två-test på C10 som visade att den beräknade osäkerheten i plan och höjd inte avvek signifikant från tillverkarens specificerade osäkerhet vid användning av HDS-signaler i molnigt väder. Vidare konstaterades det genom ett F-test att det fanns en signifikant skillnad mellan C10 osäkerhet i plan och höjd vid användning av samma signaltyp under olika väderförhållanden medan. I MS50:s fall påvisades ingen signifikant skillnad alls. Av resultatet att döma, blev det en markant förbättring vid skanning under molniga förhållanden. Vår slutsats var att det går att tillämpa standarden som användes i denna studie för att beräkna mätosäkerheter på TLS och ISO bör överväga att använda samma standard för TLS som för totalstation. / Presently there is no standard for the evaluation of measurement uncertainties for terrestrial laser scanner (TLS) despite the fact that the instrument has been on the market and used for a long time. Since the manufacturer's specifications do not always correspond with reality, it is important to have knowledge about how well the instrument performs. Numerous studies over the past decade have applied different approaches to estimate the measurement uncertainties on various TLS. The purpose of this study was to evaluate and compare the measurement uncertainties of the TLS Leica ScanStation C10 with the multi station Leica Nova MS50 under two different weather conditions. The uncertainty was calculated using ISO 17123-5:2012, which is an international standard developed for acquiring measurement uncertainties of total stations, to investigate whether this standard could also be applicable for TLS. The survey, which took place outdoor at the University of Gävle, was carried out by scanning targets that were set up in a triangle formation from three stations. Both spheres and HDS-targets were scanned with the TLS while the MS50 only scanned spheres. The targets were scanned four times from each instrument setup. Cyclone was used to find the coordinates on the center of the targets which were used to calculate the uncertainties according to the ISO-standard. The results showed that the 3D-uncertainty of C10 with HDS-target and spheres were 2.9 mm and 3.5 mm during sunny conditions and 1.1 mm and 1.4 mm during cloudy conditions, respectively. In the case of the MS50, the uncertainty was 3.0 mm during sunny and 3.7 mm during cloudy conditions. MS50 demonstrated a higher 3D-uncertainty in both weather conditions due to high uncertainty in the vertical direction. In addition, a chi-two-test carried out on the TLS showed that the calculated uncertainty in plane and height did not significantly deviate from the manufacturer's specified uncertainty when using HDS-targets during cloudy conditions. Furthermore, it was found in the F-test that there was a significant difference in plane and height between two scans with the same instrument and target type in different weather conditions. MS50 did not show any significant difference at all. The results of this study showed that there will be a significantly lower uncertainty when scanning in cloudy conditions. Our conclusion is that it is possible to apply the standard to calculate the measurement uncertainties on TLS and ISO should consider using the same standard for TLS as the total station. mätosäkerhet TLS terrester laserskanner laserskanner multistation MS50 C10 ISO-standard ISO 17123-5:2012 Other Civil Engineering Annan samhällsbyggnadsteknik
99	Aplikace pro Android na bezpečnostní monitorování komunikace / Android App for Security Monitoring of Communication Klepáčková, Karolína January 2019 (has links) This diploma thesis is focused on implementation of application for security monitoring of network communication of other applications in mobile device with Android platform. Provides users information about security risks that may harm his/her privacy or device. It uses a local VPN to tunnel all data sent to the wireless network. These can be linked to an application that has sent them because the Android kernel is derived from the Linux kernel and can be used to retrieve information about established network connections and the application identifier associated with the connection. This mapping allows to get more information about an app that is potentially dangerous for your mobile device.
100	Softwarová podpora výuky kryptografických protokolů / Software support of teaching of cryptography protocols Marek, Tomáš January 2009 (has links) Document contains informations about authentication, encryption, data integrity and data authenticity. Next part includes description of well know cryptography protocols, their functions and also their weaknesses. All of these acquired informations were used in concept and final software support for teaching of cryptography protocols, which is able to run on clasic web-browser. Thats why the application was designed as web PHP pages using JavaScript and AJAX, which ensures plaform and OS architecture independency. Besides the descripted and ilustrated part of application there are also interactive parts and animations. The last period contains description of education software and its functions. Source code can be found on the appended CD.

Search results