Global ETD Search

71	Säkerställning av Kunddata i ett Distribuerat System / Securing Customer Data in a Distributed System Gjertz, Johan January 2005 (has links) This work presents a security analysis of a distributed software system. Relevant threats have been identified and a set of possible countermeasures are presented. The different countermeasures have been compared against each other by looking at performance, scalability, flexibility, usability and cost considerations. A prototype system has been implemented as a proof-of-concept with database encryption, logging and access control. / Detta magisterarbete presenterar en säkerhetsanalys av ett distribuerat mjukvarusystem. Relevanta hot har blivit identifierade och ett antal möjliga säkerhetslösningar har blivit presenterade. Lösningarna har blivit jämförda med varandra genom att titta på prestanda, skalbarhet, flexibilitet, användbarhet och kostnader. Ett prototypsystem har blivit implementerat som ”proof- of-concept” med databas kryptering, loggning och rättighetskontroll. Database encryption performance VPN Security threats Computer Sciences Datavetenskap (datalogi) Software Engineering Programvaruteknik
72	Utredning av VPLS i stadsnät / Investigation of VPLS in a Metropolitan Area Network Pettersson, Kristoffer, Sales, Robert January 2007 (has links) Jönköping Energi AB (JEAB) is a local energy supplier for the county of Jönköping. JEAB also maintain the local Metropolitan Area Network (MAN). They have recently installed GPON in a portion of their network and have connected it to the MAN via an Extreme switch. However JEAB would prefer to use Cisco equipment instead of Extreme since the MAN comprises of Cisco hardware. They require a solution to connect GPON to the MAN with a recently purchased line card (Cisco 7600 ES20) which can be installed in a Cisco 6500 Catalyst switch. There is also a possible solution with an Alcatel-Lucent 7450 ESS-1 switch. The proposed solution is to use Virtual Private LAN Service (VPLS), though the exact implementation required is unknown. Additionally JEAB have asked for research into GPON and VPLS in order to improve their understanding of both techniques. This would be of benefit to them both now and in the future. In order to achieve the stated objectives the following questions are raised: • How does GPON work? • How does VPLS work? • How can GPON be connected to the MAN via Cisco Systems 6500 Catalyst switch/7600 Router? • How can GPON be connected to the MAN via Alcatel-Lucents 7450 ESS-1? The research into GPON and VPLS provides the required background knowledge in order to investigate how GPON can be connected to the MAN. The main body of the work is to analyse the requirements of the company and build a configuration which satisfies them. The desired implementation via Cisco Systems solution was deemed unsuitable due to a feature of DHCP option 82 which did not function as required. The focus then turned to Alcatel-Lucents solution. The resulting solution uses a part of VPLS via Alcatel-Lucents 7450 ESS-1. All the key elements are included, including hiding customer VLANs from the ISP and per-service QoS bandwidth management. The conclusion is that whilst using Alcatel-Lucents solution means a deviation from the all-Cisco implementation that had been planned; the benefit of including all the desired functionality outweighs the mixing of manufacturers. The techniques of GPON and VPLS are extremely versatile and can be used in a variety of networks. Therefore there is scope for further research into how these two techniques can be used together in other types of MAN. Datanätverk GPON MAN Quality-of-Service (QoS) VPLS VPN Computer Sciences Datavetenskap (datalogi)
73	LAN-refresh och WAN-migrering / LAN-refresh and WAN-migrering Thor, Kim, Allared, Sofie January 2010 (has links) This work has been carried out at a company in the region which has about 30000 employeeswith about 400 sites all over the world. The company outsources their network including theLAN refresh and the WAN migration. They needed help with an upgrade of their LAN at theirScandinavian headquarters and to find a new solution for their WAN. The reason why the upgradeof the LAN was needed was that the equipment was too old and did not pass the securityrequirements. They also required a solution to segment their LAN, which consisted of a singlelarge VLAN with 1,300 employees. their WAN solution was made up of tunnels between all officesand the headquarter were used as the central point. They wanted to get away from beingdependent on a central point while redundancy was not always working as it should.The solution to the WAN problem was to use the ISPs backbone based on MPLS. There are two mainsolutions, layer 2 (Ethernet) VPN or layer 3 (IP) VPN. In the case of IP VPN, there are a couple of differentconnectivity options such as a static route, or use a routing protocol (eg OSPF or BGP). The final solutionwas IP VPN with OSPF as routing protocol to the ISP. With regard to the configuration of the OSPF solutionwas that every office became an own OSPF domain, configured with area 0. The report also includesthe implementation of the WAN migration with its problems.The upgrade of the LAN was a lot of planning, documentation and security. The solution for the segmentationwas to create a VLAN per floor. Because of the new software they can have the required securityfeatures. WAN MPLS VPN VPLS BGP OSPF Superbackbone LAN refresh Computer Sciences Datavetenskap (datalogi)
74	Tunelovací a kryptografické protokoly jako ochrana soukromí na regulovaném internetu / Tunneling and Cryptographic protocols as a privacy protection on regulated internet Čížek, Michal January 2011 (has links) This thesis is about internet regulations and usage of tunneling protocols as a privacy protection on regulated internet. The thesis includes detailed description of most widely used tunneling protocols focused on their usage in regulated networks. The produce the teoretical part of the thesis is synoptical comparative table including benefits and disadvantages of each protocol and examples of suitable usage. The practical part presents the tunneling protocols in three different scenarios which are very frequent in practice. Each scenario has been realized, the communication has been captured using Wireshark network protocol analyzer and also the analysis of potential risks has been done for the event that the communication would be captured by a third party - the regulator.
75	Optimalizace výkonu VPN v Linuxu / Linux VPN Performance and Optimization Pokorný, Fridolín January 2016 (has links) Tato práce se zabývá analýzou stávajících a aktivních VPN řešení, jejich výkonu a slabých stránek. Výsledkem práce je jaderný modul pro Linux, který implementuje datový přenos pomocí protokolů TLS a DTLS na základě konfigurace ustanoveného spojení v chráněném režimu. Primárním cílem bylo odstranit datové kopie a změny kontextu z chráněného režimu do režimu jádra během datových přenosů ve VPN řešeních založených na protokolech TLS a DTLS. Práce analyzuje cenu těchto operací a na základě analýz lokalizuje další kroky nutné k využití implementovaného jaderného modulu ve VPN řešeních. Práce se dále zabývá analýzou dalších možných využití implementovaného jaderného modulu mimo VPN řešení.
76	EDV-Paranoia unter Linux Schreiber, Alexander 18 June 2000 (has links) Der Vortrag gibt einen Ueberblick ueber die Moeglichkeiten die Linux bietet um ein System oder Netzwerk vor unerwuenschten Zugriffen zu sichern. info:eu-repo/classification/ddc/004 ddc:004 Sicherheit Firewall Netzwerk Linux VPN
77	VPN/IPSec Schreiber, Alexander, Sieber, Holm 22 August 2002 (has links) Gesicherte Kommunikation ueber offene und ungesicherte Netze, sichere Einbindung mobiler Clients in eigene Netze, end-to-end Verschluesselung im IP-Datenverkehr. info:eu-repo/classification/ddc/004 ddc:004 Windows 2000 IPSec Sicherheit Linux Windows FreeS/WAN VPN
78	Selecting/realization of Virtual Private Networks with Multiprotocol Label Switching or Virtual Local Area Networks Ögren, Niklas January 2002 (has links) Many reports have been written about the techniques behind Virtual Private Networks (VPN) and Multi Protocol Label Switching (MPLS). They usually deal with the low level design of the software implementing a specific technique. The initial products are usually not mature enough to run in a large network or have to be adjusted in some way to fit. This report investigates the different ways of implementing strict layer 2 Virtual Private Networks in an existing nation-wide Gigabit Ethernet. The infrastructure in use, as well as the hardware, has to be used without major changes. Since 1998/1999, when MPLS first started in the laboratories, development has continued. Today it is possible to introduce MPLS or tunneled national virtual local area network into an existing network. This requires high speed, fault tolerant, and stable hardware and software. Going beyond the separation of traffic at layer 3 using Virtual Private Networks, i.e., IPSec, we can tunnel layer 2 traffic through a network. Although the first layer 3 VPN products are already in use, layer 2 VPNs still need to be evaluated and brought into regular use. There are currently two ways of tunneling VLANs in a core network: tunneled VLANs (or as Extreme Networks calls them, VMANs) and MPLS. This project showed that it is possible to start with a VLAN-only solution, and then upgrade to MPLS to solve scalability issues. The VMAN solution can not be used at Arrowhead, since there are too many disadvantages in the way Extreme Networks has implemented it. However, a mix of tunneling VMAN in a VLAN core is possible, and enables customer tagging of VLANs in a Layer 2 VPN. Furthermore, the testing of EAPS and per-VLAN Spanning Tree Protocol turned out well, and showed that EAPS should not be used when there is more than one loop. VPN (Virtual Private Network) VLAN (Virtual Local Area Network) MPLS (Multiprotocol Label Switching) Communication Systems Kommunikationssystem
79	Implementación de una red privada virtual (VPN) bajo software libre para optimizar el manejo de información entre los locales de la Corporación Educativa Adeu, de la ciudad de Chiclayo Amenero Vásquez, Virgilio January 2012 (has links) Ésta investigación estuvo centrada en la optimización del acceso a la información entre los locales de la Corporación Educativa Adeu a través de la implementación de una VPN, la cual fue realizada en software libre. La investigación fue realizada en 3 etapas. Como parte de la primera etapa se realizó una entrevista al Jefe del Área de Sistemas, el cual manifestó que actualmente la información a la que accede el personal administrativo de los locales de dicha corporación no cuenta con un medio de comunicación directo para compartir sus datos, por el contrario, están divididos, por lo cual el manejo y el acceso a la información es tedioso, ya que se requiere de otros medios como dispositivos magnéticos y cuentas de correo públicas, que en la mayoría de los casos son canales de transferencia de información no seguros. En la segunda etapa, teniendo en cuenta las necesidades planteadas se propuso un bosquejo de la VPN, la cual posteriormente fue modificada y validada. Luego fue implementado en la herramienta de software denominada OpenVPN, realizándose las configuraciones apropiadas a los servidores y equipos necesarios para la realización de la implementación respectiva. Además se realizaron un conjunto de pruebas, a fin de que se asegure la conexión de la red y se descarten posibles vulnerabilidades de la red. Para el desarrollo de la VPN se hizo empleo de la “Metodología para la implementación de redes seguras”, desarrollada por la empresa argentina CYBSEC. Finalmente, la tercera etapa estuvo enfocada en la comparación de los resultados obtenidos en las etapas 1 y 2; y la demostración de las mejoras a la problemática de la corporación. Mediante la implementación de la VPN se logró proporcionar un canal que permite transferir los datos de manera óptima y eficaz; permitiendo así, la confidencialidad y seguridad en su transmisión, sin tener que incurrir en gastos excesivos en la contratación de canales privados. VPN Software libre
80	Evaluation of WireGuard and OpenVPN VPN solutions Sabbagh, Mohammed, Anbarje, Ahmad January 2020 (has links) This project evaluates two types of VPN solutions–WireGuard and OpenVPN.The evaluation is done by four different experiments to measure the maximum throughputof each of the VPN solutions, and a theoretical study on the encryption techniquesthat each VPN solution use. Experiments were conducted using a network performancemeasurement tool called IPerf. By applying static parameters that control themeasurements, such as transferring regular and zip file types, measuring throughputwhen the compression is enabled on the VPN channel and when it is disabled, also,applying measurements with the conditions of the same parameters but with differentoperating systems when using both VPN solutions.one of the measurement results shows that the throughput is about 93 Mbps forWireGuard comparing it with 56 Mbps and 59Mbps for OpenVPN when sendingregular and compressed files respectively.In conclusion, throughput can vary slightly depending on the measurement tooland the version of the software used. Also, the buffer of the measurement tool hasan important role when measuring the throughput, it gives different throughput andpacket loss results which depends on the size of that buffer. Moreover, According to atheoretical study, throughput can also vary depending on the speed of the encryptionalgorithm used. Both VPN solutions use many encryption algorithms, such as AESin OpenVPN, while WireGuard uses ChaCha20 with Poly1305. VPN WireGurd OpenVPN Elektroteknik och elektronik

Search results