Global ETD Search

1	IT-världens Paradise Hotel – lita inte på någon! : En kvalitativ studie om Zero Trust inom svenska företag och myndigheter Michel, Johan, Nordgren, Amanda, Boqvist, David January 2023 (has links) In today's world, network security is of utmost importance for companies and authorities as data and information are increasingly being stored and transmitted through cloud solutions. This has led to a higher risk of cyberattacks. To enhance security during this transition, Zero Trust has emerged as a promising concept, with its direction from an internal IT-environment to a more secure cloud solution. Its main motto "never trust, always verify" emphasizes the importance of a high level of security. This study aims to highlight the significance of Zero Trust and compare the attitudes of Swedish companies and authorities towards its implementation. The study was conducted using semi-structured interviews with IT experts who possess knowledge in this domain. Additionally, a literature review was conducted to connect the outcomes of the interviews with the existing research in the field of Zero Trust. The results indicate that several barriers must be considered during the implementation phase. These include cost-related issues, lack of expertise, and outdated systems that cannot handle Zero Trust at the required security level. Despite these challenges, the respondents' attitudes towards Zero Trust were positive. They believed that it could be applied to sporadic and isolated parts of the network infrastructure, and that striving towards it at a theoretical level was essential. Zero Trust network security cybersecurity Zero Trust nätverkssäkerhet cybersäkerhet Computer and Information Sciences Data- och informationsvetenskap
2	Autonomic Zero Trust Framework for Network Protection Durflinger, James 05 1900 (has links) With the technological improvements, the number of Internet connected devices is increasing tremendously. We also observe an increase in cyberattacks since the attackers want to use all these interconnected devices for malicious intention. Even though there exist many proactive security solutions, it is not practical to run all the security solutions on them as they have limited computational resources and even battery operated. As an alternative, Zero Trust Architecture (ZTA) has become popular is because it defines boundaries and requires to monitor all events, configurations, and connections and evaluate them to enforce rejecting by default and accepting only if they are known and accepted as well as applies a continuous trust evaluation. In addition, we need to be able to respond as quickly as possible, which cannot be managed by human interaction but through autonomous computing paradigm. Therefore, in this work, we propose a framework that would implement ZTA using autonomous computing paradigm. The proposed solution, Autonomic ZTA Management Engine (AZME) framework, focusing on enforcing ZTA on network, uses a set of sensors to monitor a network, a set of user-defined policies to define which actions to be taken (through controller). We have implemented a Python prototype as a proof-of-concept that checks network packets and enforce ZTA by checking the individual source and destination based on the given policies and continuously evaluate the trust of connections. If an unaccepted connection is made, it can block the connection by creating firewall rule at runtime. Zero Trust Autonomous Computing IoT Network Security Cyber Security
3	Decentralized Reservation of Spatial Volumes by Autonomous Vehicles : Investigating the Applicability of Blockchain and Smart Contracts Westerlund, Robin January 2020 (has links) Background: Due to the rising popularity of autonomous unmanned vehicles, and the lack of well-defined rules to follow, a solution is needed when the physical space is crowded to a point where it becomes a hazard. Partitioning space discretely is currently done in some cases, allowing vehicles to reserve partitions to operate within. This idea is expanded upon to ultimately propose a blockchain-based solution to the inefficiency of safety margins. Objectives: The main objective was to explore whether a blockchain-based system can be used by vehicles to automatically reserve the volumes of space they need for a limited time. The solution to congestion becomes a method for vehicles to communicate between each other to exchange the remainder of their reservations once they are no longer needed, even while disconnected from the main blockchain network, in exchange for the same currency used to reserve the volumes. Methods: An Ethereum private blockchain network is set up, and a smart contract is developed and deployed onto this blockchain. An emulation program used the smart contract functions to reserve and exchange volumes to evaluate the functionality, several isolated tests evaluated the network performance, and aspects that could not be tested were theoretically analyzed. Results: The system functions as intended, although a level of trust is required during exchanges. There is no risk of two vehicles reserving the same volume at the same time. The results indicate that some performance aspects will be affected by an increasing number of users, although the entire effect can be placed on synchronization time if the network parameters are adjusted. This likely affects the overall efficiency but not as much as it would with the original parameters. Conclusions: The proposed solution is viable to use, although further development is necessary before it is ready for release. The necessity currently is not evident, although projections suggest that this solution, or a similar one, will be necessary in the future. reservations smart contracts blockchain zero-trust Software Engineering Programvaruteknik
4	Implementing a Zero Trust Environmentfor an Existing On-premises Cloud Solution / Implementering av en Zero Trust miljö för en existerande påplats molnlösning Pero, Victor, Ekman, Linus January 2023 (has links) This thesis project aimed to design and implement a secure system for handling and safeguarding personal data. The purpose of the work is to prevent unauthorized actors from gaining access to systems and data. The proposed solution is a Zero Trust architecture which emphasizes strong security measures by design and strict access controls. The system must provide minimal access for users and should be integrated with the existing cloud-based infrastructure. The result is a system that leverages Keycloak for identity management and authentication services, GitLab to provide a code hosting solution, GPG for commit signing, and OpenVPN for network access. Through the utilization of Gitlab, Keycloak and OpenVPN the system achieved a comprehensive design for data protection, user authentication and network security. This report also highlights alternative methods, future enhancements and potential improvements to the completed system. / Målet med denna rapport är att designa och implementera ett säkert system för hantering och skydd av personlig data. Syftet med arbetet är att förhindra obehöriga att få tillgång till system och data. Den föreslagna lösningen är en Zero Trustarkitektur som betonar skärpta säkerhetsåtgärder genom design och strikta åtkomstkontroller. Systemet måste ge minimal åtkomst för användare som brukar det och integreras med den befintliga molnbaserade infrastrukturen. Resultatet är ett system som använder Keycloak för hantering av identiteter och autentisering, GitLab för att tillhandahålla ett kodarkiv där användare kan ladda upp sin kod, GPG för att signera commits, och OpenVPN för nätverksåtkomst. Genom användning av GitLab, Keycloak och OpenVPN uppnådde systemet en omfattande design för dataskydd, användarautentisering och nätverkssäkerhet. Denna rapport nämner också alternativa metoder, framtida och potentiella förbättringar av det färdiga systemet. Zero Trust GitLab Keycloak OpenVPN data protection network security access control Zero Trust GitLab Keycloak OpenVPN dataskydd nätverkssäkerhet åtkomstkontroll Computer Engineering Datorteknik
5	Inställningen till Zero Trust på svenska företag : Ett examensarbete i samarbete med Orange Cyberdefense / The attitude to Zero Trust in Swedish companies : A thesis in collaboration with Orange Cyberdefense Björkman, Jonathan, Råsberg, Fredrik January 2022 (has links) Dagens IT-miljöer genomgår en förändring. De tydliga gränserna mellan ett företags inre miljö och den externa miljön har förändrats och håller på att suddas ut. Zero Trust har lyfts fram som en lösning för att bättre skydda dagens IT-miljöer men trots det är det få som använder det. Syftet med denna studie var att undersöka vad några svenska företag har för inställning till Zero Trust och om de ser några hinder med att implementera det i sina miljöer. För att besvara syftet valdes en kvalitativ ansats där sex semistrukturerade intervjuer genomfördes. Målet var att söka beskrivande och förklarande kunskap för att bidra till en ökad förståelse kring ämnet Zero Trust. Studien uppnådde även viss form av normativ kunskap vilket resulterade i ett antal rekommendationer riktade mot företag. Studiens resultat visar att inställningen till Zero Trust är välvillig vilket beror på att de upplever krav från ledning, regelverk och kunder. De hinder som studien identifierar är föråldrade resurser (legacy), komplexitet, tid och kostnad som avgörande hinder för att implementera Zero Trust. Studien visar även visa att företagen är delade i uppfattningen om användaren av en resurs kommer påverkas negativt eller gagnas av Zero Trust. Studien landar i ett antal rekommendationer varav en menar att företag, för att behålla den välvilliga inställningen till Zero Trust måste vara lyhörda mot krav från omvärlden. Vidare rekommenderas även att företagen håller sig uppdaterade om ämnet, att de har en planering för arbetet som krävs och att de tar aktiva val för att undvika onödiga kostnader. / Today's IT environments are undergoing a change. The clear boundaries between a company's internal environment and the external environment have changed and are being blurred. Zero Trust has been highlighted as a solution to better protect today's IT environments, but despite this, few use it. The purpose of this study was to investigate what some Swedish companies have to say about Zero Trust and whether they see any obstacles in implementing it in their environments. To answer the purpose, a qualitative approach was chosen in which six semi-structured interviews were conducted. The goal was to seek descriptive and explanatory knowledge to contribute to an increased understanding of the subject Zero Trust. The study also achieved some form of normative knowledge, which resulted in a few recommendations aimed at companies. The results of the study show that the attitude towards Zero Trust is benevolent, which is since they experience demands from management, regulations, and customers. The barriers that the study identifies are outdated resources (legacy), complexity, time, and cost as crucial barriers to implementing the Zero Trust. The study also shows that companies are divided on whether the user of a resource will be negatively affected or benefited by Zero Trust. The study lands in a few recommendations, one of which is that companies, in order to maintain the benevolent attitude to Zero Trust, must be responsive to demands from the outside world. Furthermore, it is also recommended that companies stay up to date on the subject, that they have a plan for the work required and that they make active choices to avoid unnecessary costs. Attitude IT-environments IT-security IT-environments Obstacles Zero Trust Hinder Inställning IT-miljöer IT-säkerhet Zero Trust Information Systems
6	A ZERO-TRUST-BASED IDENTITY MANAGEMENT MODEL FOR VOLUNTEER CLOUD COMPUTING albuali, abdullah 01 December 2021 (has links) (PDF) Non-conventional cloud computing models such as volunteer and mobile clouds have been increasingly popular in cloud computing research. Volunteer cloud computing is a more economical, greener alternative to the current model based on data centers in which tens of thousands of dedicated servers facilitate cloud services. Volunteer clouds offer numerous benefits: no upfront investment to procure the many servers needed for traditional data center hosting; no maintenance costs, such as electricity for cooling and running servers; and physical closeness to edge computing resources, such as individually owned PCs. Despite these benefits, such systems introduce their own technical challenges due to the dynamics and heterogeneity of volunteer computers that are shared not only among cloud users but also between cloud and local users. The key issues in cloud computing such as security, privacy, reliability, and availability thus need to be addressed more critically in volunteer cloud computing.Emerging paradigms are plagued by security issues, such as in volunteer cloud computing, where trust among entities is nonexistent. Thus, this study presents a zero-trust model that does not assign trust to any volunteer node (VN) and always verifies using a server-client topology for all communications, whether internal or external (between VNs and the system). To ensure the model chooses only the most trusted VNs in the system, two sets of monitoring mechanisms are used. The first uses a series of reputation-based trust management mechanisms to filter VNs at various critical points in their life-cycle. This set of mechanisms helps the volunteer cloud management system detect malicious activities, violations, and failures among VNs through innovative monitoring policies that affect the trust scores of less trusted VNs and reward the most trusted VNs during their life-cycle in the system. The second set of mechanisms uses adaptive behavior evaluation contexts in VN identity management. This is done by calculating the challenge score and risk rate of each node to calculate and predict a trust score. Furthermore, the study resulted in a volunteer computing as a service (VCaaS) cloud system using undedicated hosts as resources. Both cuCloud and the open-source CloudSim platform are used to evaluate the proposed model.The results shows that zero-trust identity management for volunteer clouds can execute a range of applications securely, reliably, and efficiently. With the help of the proposed model, volunteer clouds can be a potential enabler for various edge computing applications. Edge computing could use volunteer cloud computing along with the proposed trust system and penalty module (ZTIMM and ZTIMM-P) to manage the identity of all VNs that are part of the volunteer edge computing architecture. edge computing identity management IoT security volunteer cloud computing zero trust
7	Dopad COVID-19 na bezpečnostní politiku států v oblasti kybernetické bezpečnosti / Impact of COVID-19 on Security Policies of States in the Area of Cyber Security Rieger, Anastasiya January 2022 (has links) CHARLES UNIVERSITY FACULTY OF SOCIAL SCIENCES Master of International Security Systems Anastasiya Neskoromna/Rieger Impact of COVID 19 on Security Policies of States in the Area of Cyber Security Abstract Prague 2022 Author: Ms. Anastasiya Neskoromna/Rieger Supervisor: prof. David Erkomashvile, Ph.D. Academic Year: 2021/2022 Abstract The SARS-Cov-19 or in different wording the global Covid pandemic outburst have created an unprecedented scenario for various organizations, agencies and structures. The COVID-19 pandemic in 2020 has become an extraordinary and shocking event for the world community and the global economy. On the part of the authorities, the COVID-19 pandemic is accompanied by sometimes harsh and ambiguous decisions, the consequences of which are felt by people in many countries of the world: movement between countries was stopped, businesses and enterprises were closed, the restriction was created, those who were sick or at risk of infection were isolated. There was also no possible assumption regarding how long such a mode of life will last. Many factors as a consequential chain of reactions from the pandemic in the aggregate have created a pleasant environment for altering and modifying the cybercrime landscape. This work aims to analyze the factorial presence of modification in the sphere...
8	Study of Information Behavior of Opportunistic Insiders with Malicious Intent Sinha, Vikas 05 1900 (has links) Enterprises have focused on mechanisms to track insiders who may intentionally exceed and misuse their authorized access. However, there is an opportunity to understand why a trusted individual would want to exploit the trust and seek information with the intent of a malicious outcome. The detection of insider rogue or nefarious activities with information to which a user is already authorized is extremely difficult. Such insider threats require more deliberation than just considering it to be a problem that can be mitigated only by software or hardware enhancements. This research expects to help gain an early understanding of antecedents to such information behavior and provide an opportunity to develop approaches to address relevant character traits which could lead to a higher propensity of information misuse. This research proposes a theoretical framework and a conceptual research model to understand the antecedent factors to opportunistic information-seeking behavior of individuals. The study follows the three-essay format. Essay 1 explores the scholarly literature published about insider behavior to understand information behavior and proposes the theoretical framework for the study. PRISMA methodology was used for the thematic literature review. Essay 2 is a quantitative study of 424 university students surveyed using an online instrument for their responses to various scenarios in the context of academic dishonesty. Academic dishonesty is proposed as a proxy for information misuse. Essay 3 is a qualitative study engaging senior executives from various industries to understand their perspectives on the behavioral characteristics of individuals as they try to protect their corporate information from being misused and protect their reputation and liability from malicious use of their information. Malicious Information Behavior Opportunistic Information Behavior Insider Threat Information Security Moral Resiliency Social Resiliency Zero-Trust
9	Enhancing Zero Trust models in the financial industry through blockchain integration: A proposed framework Daah, Clement, Qureshi, Amna, Awan, Irfan, Konur, Savas 16 August 2024 (has links) Yes / As financial institutions navigate an increasingly complex cyber threat landscape and regulatory ecosystem, there is a pressing need for a robust and adaptive security architecture. This paper introduces a comprehensive, Zero Trust model-based framework specifically tailored for the finance industry. It encompasses identity and access management (IAM), data protection, and device and network security and introduces trust through blockchain technology. This study provides a literature review of existing Zero Trust paradigms and contrasts them with cybersecurity solutions currently relevant to financial settings. The research adopts a mixed methods approach, combining extensive qualitative analysis through a literature review and assessment of security assumptions, threat modelling, and implementation strategies with quantitative evaluation using a prototype banking application for vulnerability scanning, security testing, and performance testing. The IAM component ensures robust authentication and authorisation processes, while device and network security measures protect against both internal and external threats. Data protection mechanisms maintain the confidentiality and integrity of sensitive information. Additionally, the blockchain-based trust component serves as an innovative layer to enhance security measures, offering both tamper-proof verification and increased integrity. Through analysis of potential threats and experimental evaluation of the Zero Trust model’s performance, the proposed framework offers financial institutions a comprehensive security architecture capable of effectively mitigating cyber threats and fostering enhanced consumer trust. Zero Trust Identity and access management Device and network security Data protection Blockchain
10	Implementering av Zero Trust i ett händelsestyrt meddelandesystem / Implementation of Zero Trust in an Event-Driven Messaging System Wilson, Paul-Stefan Luay, Bahadi, Georges January 2024 (has links) Denna rapport adresserar den centrala problemställningen kring säkerheten i händelsestyrda meddelandesystem genom att undersöka och implementera Zero Trust-arkitektur. Problemet är av stor relevans på grund av den ökande användningen av sådana system och det växande behovet av robusta säkerhetslösningar för att hantera utmaningar relaterade till asynkron kommunikation och datahantering. Zero Trust-modellen erbjuder en innovativ strategi för att förstärka säkerheten genom att eliminera implicit tillit och istället kontinuerligt verifiera användare och enheter, vilket gör det särskilt lämpligt för dynamiska och distribuerade system. Genom att utforska och analysera egenskaperna hos händelsestyrda meddelandesystem och identifiera de utmaningar som de presenterar för säkerhetsarkitekturen, undersöker rapporten en mängd olika metoder för att genomföra Zero Trust-principen. Genom en noggrann integrering av dessa metoder framhäver rapporten en effektiv och skalbar lösning för att säkra och skydda känsliga resurser och data i händelsestyrda meddelandesystem. Den presenterade lösningen belyser värdet av Zero Trust som en tillförlitlig modell för att hantera säkerhetsrisker och säkerställa en hållbar och robust arkitektur för asynkron kommunikation i moderna IT-system. / This report addresses the central issue of security in event-driven messaging systems by examining and implementing Zero Trust architecture. The problem is highly relevant due to the increasing use of such systems and the growing need for robust security solutions to manage challenges related to asynchronous communication and data handling. The Zero Trust model offers an innovative approach to enhancing security by eliminating implicit trust and instead continuously verifying users and devices, making it particularly suitable for dynamic and distributed systems. By exploring and analyzing the characteristics of event-driven messaging systems and identifying the challenges they present for security architecture, the report investigates various methods for implementing the Zero Trust principle. Through careful integration of these methods, the report highlights an effective and scalable solution for securing and protecting sensitive resources and data in event-driven messaging systems. The presented solution underscores the value of Zero Trust as a reliable model for addressing security risks and ensuring a sustainable and robust architecture for asynchronous communication in modern IT systems. Zero Trust Event-Driven Messaging Systems Security Asynchronous Communication Access Control Identity Management Implementation Data Protection Authorization Control Zero Trust händelsestyrt meddelandesystem säkerhet asynkron kommunikation identitetshantering implementering skydd av data behörighetskontroll Computer Engineering Datorteknik

Search results