Global ETD Search

551	Performance of Multi-Channel Medium Access Control Protocol incorporating Opportunistic Cooperative Diversity over Rayleigh Fading Channel Ahmed, Sabbir January 2006 (has links) This thesis paper proposes a Medium Access Control (MAC) protocol for wireless networks, termed as CD-MMAC that utilizes multiple channels and incorporates opportunistic cooperative diversity dynamically to improve its performance. The IEEE 802.11b standard protocol allows the use of multiple channels available at the physical layer but its MAC protocol is designed only for a single channel. The proposed protocol utilizes multiple channels by using single interface and incorporates opportunistic cooperative diversity by using cross-layer MAC. The new protocol leverages the multi-rate capability of IEEE 802.11b and allows wireless nodes far away from destination node to transmit at a higher rate by using intermediate nodes as a relays. The protocol improves network throughput and packet delivery ratio significantly and reduces packet delay. The performance improvement is further evaluated by simulation and analysis. / sabbir@linuxmail.org Cooperative Communication Medium Access Control Cross Layer MAC Multiple Channel Wireless Networks Rayleigh Fading Channel NS-2 Signal Processing Signalbehandling Computer Sciences Datavetenskap (datalogi) Telecommunications Telekommunikation
552	Comparative Study of Network Access Control Technologies Qazi, Hasham Ud Din January 2007 (has links) This thesis presents a comparative study of four Network Access Control (NAC) technologies; Trusted Network Connect by the Trusted Computing group, Juniper Networks, Inc.’s Unified Access Control, Microsoft Corp.’s Network Access Protection, and Cisco Systems Inc.’s Network Admission Control. NAC is a vision, which utilizes existing solutions and new technologies to provide assurance that any device connecting to a network policy domain is authenticated and is subject to the network’s policy enforcement. Non-compliant devices are isolated until they have been brought back to a complaint status. We compare the NAC technologies in terms of architectural and functional features they provide. There is a race of NAC solutions in the marketplace, each claiming their own definition and terminology, making it difficult for customers to adopt such a solution, resulting in much uncertainty. The NAC paradigm can be classified into two categories: the first category embraces open standards; the second follows proprietary standards. By selecting these architectures, we cover a representative set of proprietary and open standards-based NAC technologies. This study concludes that there is a great need for standardization and interoperability of NAC components and that the four major solution proposals that we studied fall short of the desired interoperability. With standards, customers have the choice to adopt solution components from different vendors, selecting, what is commonly referred to as the best of breed. One example for a standard technology that all four NAC technologies that we studied did adopt is the IEEE’s 802.1X port-based access control technology. It is used to control endpoint device access to the network. One shortcoming that most NAC architectures (with the exception of Trusted Network Connect) have in common, is the lack of a strong root-of-trust. Without it, clients’ compliance measurements cannot be trusted by the policy server whose task is to assess each client’s policy compliance. NAC Network Access Control Trusted Platform Module Trusted Computing Group Trusted Network Connect Network Access Protection Network Admission Control 802.1X root of trust Computer Sciences Datavetenskap (datalogi)
553	UTILIZAÇÃO DE INFORMAÇÕES CONTEXTUAISEMUMMODELO DE CONTROLE DE ACESSO A INFORMAÇÕES MÉDICAS / USE OF CONTEXTUAL INFORMATION IN A MODEL OF ACCESS CONTROL TO MEDICAL INFORMATION Soares, Gerson Antunes 17 January 2007 (has links) This work presents a boarding on the use of contextual information in a model of access control to electronic patient record (EPR). The EPR registers information on the health of the patient and the assistance given it, and has legal, secret and scientific character, being able to also include administrative and financial contents related the carried through procedures or treatments. In summary, can be said that the EPR keeps to the documents on the state of health and the cares received for an individual throughout its life. However, the availability of clinical information in computer networks raises questionings on the privacy of the patients and the integrity and confidentiality of the data. The access control is a point key to keep such requirements. The main objective in the development of this modelof access control is to provide different forms of access to information in a hospital environment, propitiating the adequacy with the pertinent legislation. To boarding proposal in this work allows to the application of politics and more specific rules of access, adding more functionality to the systems of access control. The focus of quarrel of this work deals with the use of medical information in the scope of the University Hospital of Santa Maria, and aims at to the integration of the model with modules in development in the data processing center of the institution. / Este trabalho apresenta uma abordagem sobre a utilização de informações contextuais em um modelo de controle de acesso a informações de prontuários eletrônicos de paciente (PEP). O PEP registra informações sobre a saúde do paciente e a assistência a ele prestada, e tem caráter legal, sigiloso e científico, podendo incluir também conteúdos administrativos e financeiros relacionados a procedimentos ou tratamentos realizados. Resumidamente, pode-se dizer que o PEP guarda os documentos sobre o estado de saúde e os cuidados recebidos por um indivíduo ao longo da sua vida. Entretanto, a disponibilização de informações clínicas em redes de computadores levanta questionamentos sobre a privacidade dos pacientes e a integridade e confidencialidade dos dados. O controle de acesso é um ponto chave para manter tais requisitos. O principal objetivo no desenvolvimento deste modelo de controle de acesso é prover diferentes formas de acesso a informações em um ambiente hospitalar, propiciando a adequação com a legislação pertinente. A abordagem proposta neste trabalho permite a aplicação de políticas e regras de acesso mais específicas, agregando mais funcionalidade aos sistemas de controle de acesso. O foco de discussão desta dissertação trata da utilização de informações médicas no âmbito do Hospital Universitário de Santa Maria, e visa à integração do modelo com módulos em desenvolvimento no centro de processamento de dados da instituição. Modelo de controle de acesso Prontuário eletrônico do paciente Informações contextuais Segurança Autorização Model of access control Electronic patient record Contextual information Security Authorization
554	Improving medium access for dynamic wireless sensor networks / Améliorations de l'accès au medium dans les réseaux dynamiques de capteurs sans fils Papadopoulos, Georgios 28 September 2015 (has links) L’Internet des objets amène des contraintes uniques et une immense variété d’applications. Ceci oblige à être capable d’établir des communications efficaces en énergie (et néanmoins à faible délai) au sein de réseaux fortement dynamiques. Nous nous sommes concentrés sur l'amélioration du contrôle d'accès au medium (MAC), afin d’optimiser la gestion des communications sans fils,principale source de consommation d'énergie dans ces réseaux. Cette thèse discute de l’auto adaptation de solutions MAC asynchrones et montre qu’une coopération localisée entre objets communicants permet de maintenir un partage efficace de la ressource de communication face à une forte dynamique (trafic, mobilité, pannes). Outre une réflexion menée sur les outils de simulation et d'expérimentation, nous avons conduit des campagnes d'évaluations complètes de nos contributions qui traitent tant des changements de trafic que de la mobilité dans les réseaux très denses. / The Internet of Things brings unique constraints and a huge variety of applications. This forces to be able to establish energy efficient communications (and never the less low-delay) within highly dynamic networks. We focused on improving the medium access control (MAC) to optimize the management of wireless communications, the main source of energy consumption in these networks. This thesis discusses the self-adaptation of asynchronous MAC solutions and shows that a localized cooperation between communicating objects can maintain an efficient sharing of the communication resource in highly dynamic networks (traffic, mobility, failures). In addition to a reasoning on the tools of simulation and experimentation, we conducted comprehensive evaluation campaigns of our contributions that address traffic changes and mobility in dense networks. Internet des objets Réseaux de capteur sans fils Protocoles de communication Contrôle d'accès au medium Internet of things Networks of wireless sensor Communication protocol Medium access control 004.2 004.6 621.38
555	SGPCA SISTEMA GERENCIADOR DE POLÍTICAS DE CONTROLE DE ACESSO Lima, Paulo Ricardo Barbieri Dutra 17 August 2008 (has links) Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / Information is the most precious assets to organizations; hence it is necessary to have mechanisms to protect it and to make it available only to whom have factual permission to use it. Considering the need for protection of the information in organizations it is proposed in this work a system to manage access control policies which can be easily used, that is, it does not require any knowledge of policies codification language. Further, as the creation of new policies could generate conflicts with existent ones, this work also proposes algorithms which manage automatically, in a period of policies creation, the control of some kinds of conflicts, such as interest conflicts. As result, we have offer a Access Control Police Management System that enable that the process of generation and editing policies occurs easily and without conflicts. The reference model used in this work refers to health organizations; however this study can be applied in other fields. / A informação é o bem mais valioso para as organizações, logo deve-se ter mecanismos para que ela possa ser bem protegida e que seja disponível somente para quem tem real permissão de utilizá-la. Dado esta necessidade de proteção da informação nas organizações, propõe-se neste trabalho um sistema de gerenciamento de políticas de controle de acesso, que possa ser utilizado de forma facilitada, ou seja, não requerendo conhecimento de linguagem de codificação de políticas. Adicionalmente, como a criação de novas políticas pode gerar conflitos com as já existentes, este trabalho propõe também algoritmos que gerenciam automaticamente, em tempo de criação das políticas, o controle de alguns tipos de conflitos, tais como conflitos de interesse. Como resultado tem-se um Sistema Gerenciador de Políticas de Controle de Acesso que possibilita que o processo de geração e edição de políticas ocorra de maneira facilitada e sem conflitos. O modelo de referência utilizado neste trabalho refere-se no âmbito de organizações da saúde, mas o estudo realizado pode ser utilizado em outras áreas. Gerenciamento baseado em políticas Políticas de controle de acesso XACML Conflitos Segurança e autorização Police based management Access control policies XACML Conflicts Security Authorization
556	Sécurité d'accès dans les Systèmes d'Information Coopératifs : modélisation et Implémentation à l'aide d'agents / Access security in Cooperative Information Systems : an agent-based design and implementation Huin, Leslie 05 April 2012 (has links) Le partage entre sources indépendantes hétérogènes et distribuées peut être résolu par la construction d’un système d’information coopératif (SIC). Un SIC est un ensemble de composants plus ou moins autonomes, souvent préexistants qui travaillent de manière synergique en échangeant information, expertise et en coordonnant leurs activités. Cela implique notamment la prise en compte de l’interopérabilité liée aux différences de description des données et de représentation de la sémantique. La gestion des données est alors assurée sans recours à un schéma global complet pour respecter l’autonomie des bases locales.Dans ce contexte, nous avons choisi de traiter le thème de la sécurité d’accès dans le but de garantir la confidentialité et l’intégrité des données de la coopération. La sécurité ajoute de nouveaux problèmes d’hétérogénéité et de résolution de conflits à ceux déjà existants en terme de coopération de données. Nous utilisons deux modèles canoniques proposés par l’équipe MODEME, permettant de représenter de manière unifiée les schémas locaux de données et de sécurité. Nous construisons un système pour la gestion de l’interopération des données et des politiques de sécurité, ainsi que la résolution sécurisée de requêtes globales. Nous avons choisi d’implémenter notre système en suivant le paradigme multi-agents avec une approche par médiation et intégration de schémas. Deux protocoles sont définis au regard des deux fonctionnalités du système : - Un protocole de gestion des connaissances permettant de traiter le problème d’interopérabilité entre les différents modes de représentation des données et des modèles de sécurité, et de générer les appariements entre ces différents modèles. - Un protocole de résolution de requêtes à partir des connaissances globales construites a priori, dont l’objectif est de présenter des résultats sémantiquement cohérents et sécurisés. Les agents sont décrits dans leur buts, leurs interactions, leurs connaissances en définissant leur rôle pour chaque protocole, avec notamment le rôle clé de médiateur de sécurité. Un scénario d’expérimentation permet d’illustrer sur un cas concret la génération des connaissances à partir des schémas locaux ainsi que le développement complexe du protocole pour le contrôle d’accès. / Sharing heterogeneous and distributed independent data sources can be solved by building a Cooperative Information System (CIS). A CIS is a set of components, exchanging information, expertise and coordinating their activities. This must consider interoperability related to differences of data description and semantic. Data management is provided without using a comprehensive global scheme to respect the autonomy of local databases.In this context, we chose to treat access security in order to ensure confidentiality and data integrity in a cooperation. This adds new security issues regarding heterogeneity and conflict resolution, on top of those in terms of data cooperation. We use two canonical models proposed by the MODEME team, to represent the local schemas and security policies in a unified way.We build a system to manage the interoperation of data and security policies, and the resolution of secure global queries. We have chosen to implement our system using the multi-agent paradigm, with an schema integration and mediation approach. Two protocols have been defined related to the features of the system: - A knowledge management protocol to address the problem of interoperability between different modes of data representation and security models, and to generate the matches between these different models. - A query resolution protocol using the global knowledge, which aims to present the results semantically consistent and secure. Agents are described in their goals, their interactions, their knowledge by defining their role for each protocol, including the key role of security mediator. An experimental scenario illustrates the knowledge generation from local schemas and the development of protocol for access control. Système d’Information Coopératif Interopérabilité Contrôle d’accès Politique de sécurité Système Multi-Agents Cooperative Information System Interoperability Access Control Security Policy Multi-Agent Systems 005
557	Intelligent medium access control for the future wireless networks Ghaboosi, K. (Kaveh) 19 October 2009 (has links) Abstract Medium access control (MAC) in wireless ad hoc networks has received considerable attention for almost a couple of decades; however, there are still open problems which deserve thorough study in order to facilitate migration to the next generation broadband wireless communication systems. In ad hoc networks, a detected frame collision can be due to the so-called unreachability problem, where the destination station is situated either in the transmission or interference range of an emitting station and is unable to receive connection establishment frames from any of its neighboring stations. Unreachability might also be due to the inability of a radio station to respond to any connection establishment request, though when the unreachable station receives the connection establishment requests, however, it is prohibited from responding to the requests due to being situated in the interference range of the emitting neighbor. To investigate the impact of this problem, we have to be equipped with a proper analytical framework; therefore, as the first part of this thesis, a scalable framework called Parallel Space – Time Markov chain (PSTMC) is proposed, through which a finite load non-saturated ad hoc network can be easily modeled. At the first step, a single-hop ad hoc network is considered and the accuracy of the model is evaluated using extensive numerical results. Subsequently, the proposed framework is further extended to model multi-hop ad hoc networks. Several discussions are also given on how the framework can be deployed for an arbitrary network topology. One of the main key features of the PSTMC model is its remarkable scalability in modeling complex network configurations. In fact, it is shown that multi-hop ad hoc networks have bounded complexity in being modeled by the PSTMC framework due to its spectacular specifications. These features lead us to a powerful tool by which an arbitrary network topology can be studied. In addition, the proposed models clearly facilitate demonstrating the impact of the unreachability problem on the performance of multi-hop networks. The introduced framework shows how the unreachability problem degrades the achieved throughput and channel capacity by the contending radio stations depending on the deployed network topology. In the remainder of the thesis the unreachability problem in mobile ad hoc networks is tackled and a new MAC protocol to enhance the performance of the network is proposed. This MAC scheme is equipped with smart decision-making algorithms as well as adaptive management mechanisms to reduce the impact of the unreachability problem in single channel scenarios. Subsequently, the problem of concurrent radio resource management and contention resolution in multi-channel cognitive ad hoc networks is considered. In particular, a multi-channel technique for traffic distribution among a set of data channels without centralized control, which is enabled by a probabilistic channel selection algorithm as well as a multi-channel binary exponential backoff mechanism, is proposed. It is shown through simulations that the suggested scheme outperforms the existing MAC protocols in multi-channel environments as well as cognitive networks coexisting with primary users. A mathematical model is also introduced to study the performance of the multi-channel MAC protocol in a single-hop non-saturated wireless network. Ad hoc networks Parallel Space – Time Markov chain cognitive radio finite load analysis hidden terminal problem medium access control queuing theory unreachability problem
558	Interoperability and Negotiation of Security Policies / Interopérabilité et négociation des politiques de sécurité Li, Yanhuang 24 November 2016 (has links) Suite au développement des technologies de l'information, et en particulier au déploiement d'infrastructures telles que le Cloud Computing, de plus en plus d'applications et plateformes coopèrent en échangeant des données et des services. Cette tendance renforce l'importance de la gestion de la sécurité. Afin d'assurer la sécurité des données et de l'interaction de service une politique de sécurité doit être appliquée. Dans cette thèse, nous nous intéressons aux politiques de contrôle d'accès. Ce type de politique spécifie les privilèges de l'utilisation des ressources et est implémentée par différents modèles selon différents scénarios. Notre objectif ici est d'aider le client du service à bien exprimer ses exigences de sécurité et à choisir les fournisseurs de services qui peuvent la déployer. La première partie de cette thèse est dédiée à la sélection des fournisseurs de service. Dans le cas où les politiques de sécurité du fournisseur sont accessibles au client, nous proposons une méthode pour mesurer la similarité entre les politiques de sécurité. Dans le cas où les politiques de sécurité ne sont pas accessibles au client ou ne sont pas explicitement spécifiées, nous proposons un cadre à base de règles permettant la dérivation à partir des exigences de sécurité aux politiques de sécurité concrètes. La seconde partie de la thèse porte sur la négociation de politiques de sécurité. Nous étudions le processus permettant aux parties en négociation de parvenir à un accord par une série d'échanges d'offres et de contre-offres. Lorsque le résultat de la négociation est positif, un contrat incluant la politique de sécurité acceptée par les parties est généré. / Security policy provides a way to define the constraints on behavior of the members belonging to a system, organization or other entities. With the development of IT technology such as Grid Computing and Cloud Computing, more and more applications and platforms exchange their data and services for cooperating. Toward this trend, security becomes an important issue and security policy has to be applied in order to ensure the safety of data and service interaction. In this thesis, we deal with one type of security policy: access control policy. Access control policy protects the privileges of resource's utilization and there exist different policy models for various scenarios. Our goal is to ensure that the service customer well expresses her security requirements and chooses the service providers that fit these requirements.The first part of this dissertation is dedicated to service provider selection. In case that the security policies of the service provider are accessible to the service customer, we provide a method for measuring the similarity between security policies. Another case is that security policies are not accessible to the service customer or not specified explicitly. Our solution is proposing a policy-based framework which enables the derivation from attribute-based security requirements to concrete security policies. The second part of the dissertation focuses on the security policy negotiation. We investigate the process of reaching agreement through bargaining process in which negotiators exchange their offers and counter offers step by step. The positive result of the negotiation generates a policy contract. Politique de sécurité Evaluation Informatique en nuage Négociation Interopérabilité Contrôle d'accès Fournisseur de services Courtage Security policy Evaluation Cloud computing Negotiation Interoperability Access control Service provider Broker 004
559	Energy efficiency improvements for wireless sensor networks by using cross-layer analysis Karvonen, H. (Heikki) 02 March 2015 (has links) Abstract This thesis proposes cross-layer approaches which enable to improve energy efficiency of wireless sensor networks and wireless body area networks (WSN & WBAN). The focus is on the physical (PHY) and medium access control (MAC) layers of communication protocol stack and exploiting their interdependencies. In the analysis of the PHY and MAC layers, their relevant characteristics are taken into account, and cross-layer models are developed to study the effect of these layers on energy efficiency. In addition, cross-layer analysis is applied at the network level by addressing hierarchical networks' energy efficiency. The objective is to improve energy efficiency by taking into account that substantial modifications to current standards and techniques are not required to take advantage of the proposed methods. The studied scenarios of WSN take advantage of the wake-up radio (WUR). A generic WUR-based MAC (GWR-MAC) protocol with objective to improve energy efficiency by avoiding idle listening is proposed. First, the proposed cross-layer model is developed at a general level and applied to study the forward error correction (FEC) code rate selection effect on the length of the transmission period and energy efficiency in a star topology network. Then an energy efficiency model for intelligent hierarchical architecture based on GWR-MAC is proposed and performance comparison with a duty-cycle radio (DCR) approach is performed. Interactions between different layers' devices are taken into account, and the WUR and DCR approaches are compared as a function of event frequency. The third cross-layer model focuses on the effect of the FEC code rate and data packet payload length on the energy efficiency of the IEEE Std 802.15.6-based WBANs using IR-UWB PHY. The results acquired by using analytical modelling and simulations with the Matlab software clearly illustrates the potential energy gains that can be achieved with the proposed cross-layer approaches. The developed WUR-based MAC protocol, analytical models and achieved results can be exploited by other researchers in the WSN and WBAN field. The contribution of this thesis is also to stimulate further research on these timely topics and foster development of short-range communication, which has a crucial role in future converging networks such as the Internet of Things. / Tiivistelmä Tässä väitöskirjassa ehdotetaan protokollakerrosten välistä tietoa hyödyntäviä (cross-layer) lähestymistapoja, jotka mahdollistavat energiatehokkuuden parantamisen langattomissa sensori- ja kehoverkoissa. Työ kohdistuu fyysisen- ja kanavanhallintakerroksen välisen vuorovaikutuksen tutkimiseen. Fyysisen- ja kanavanhallintakerrosten analyysissä huomioidaan niiden tärkeimmät ominaisuudet ja tutkitaan kerrosten yhteistä energiatehokkuutta. Lisäksi kerrosten välistä analyysiä sovelletaan verkkotasolle tutkimalla hierarkkisen verkon energiatehokkuutta. Tavoitteena on energiatehokkuuden parantamisen mahdollistaminen siten, että merkittäviä muutoksia nykyisiin standardeihin ja tekniikoihin ei tarvitse tehdä hyödyntääkseen ehdotettuja menetelmiä. Tutkitut sensoriverkkoskenaariot hyödyntävät heräteradiota. Väitöskirjassa ehdotetaan geneerinen heräteradiopohjainen kanavanhallintaprotokolla (GWR-MAC), jolla parannetaan energiatehokkuutta vähentämällä turhaa kanavan kuuntelua. Kerrosten välinen malli kehitetään ensin yleisellä tasolla ja sen avulla tutkitaan virheenkorjauskoodisuhteen valinnan vaikutusta lähetysperiodin pituuteen ja energiatehokkuuteen tähtitopologiaan pohjautuvissa sensoriverkoissa. Sitten väitöskirjassa ehdotetaan energiatehokkuusmalli älykkäälle GWR-MAC -protokollaan perustuvalle hierarkkiselle arkkitehtuurille ja sen suorituskykyä vertaillaan toimintajaksoperiaatteella toimivaan lähestymistapaan. Eri kerroksilla olevien laitteiden väliset vuorovaikutukset huomioidaan heräteradio- ja toimintajaksoperiaatteella toimivien verkkojen suorituskykyvertailussa tapahtumatiheyden funktiona. Kolmas malli kohdistuu virheenkorjauskoodisuhteen ja datapaketin hyötykuorman pituuden energiatehokkuusvaikutuksen tutkimiseen IEEE 802.15.6 -standardiin perustuvissa langattomissa kehoverkoissa. Analyyttinen mallinnus ja Matlab-ohjelmiston avulla tuotetut simulointitulokset osoittavat selvästi energiatehokkuushyödyt, jotka saavutetaan ehdotettuja menetelmiä käyttämällä. Kehitetty GWR-MAC -protokolla, analyyttiset mallit ja tulokset ovat hyödynnettävissä sensori- ja kehoverkkotutkijoiden toimesta. Tämän väitöskirjan tavoitteena on myös näiden ajankohtaisten aiheiden jatkotutkimuksen stimulointi sekä lyhyen kantaman viestinnän kehityksen vauhdittaminen, sillä niillä on erittäin merkittävä rooli tulevaisuuden yhteen liittyvissä verkoissa, kuten esineiden ja asioiden Internetissä. cross-layer design forward error correction hierarchical network medium access control wake-up radio wireless body area network heräteradio hierarkkinen verkko kanavanhallinta kerrosten välinen suunnittelu langaton kehoverkko virheenkorjaus
560	An enterprise information security model for a micro finance company: a case study Owen, Morné January 2009 (has links) The world has entered the information age. How the information is used within an organization will determine success or failure of the organisation. This study aims to provide a model, that once implemented, will provide the required protection for the information assets. The model is based on ISO 27002, an international security standard. The primary objective is to build a model that will provide a holistic security system specifically for a South African Micro Finance Company (MFC). The secondary objectives focuses on successful implementation of such a model, the uniqueness of the MFC that should be taken into account, and the maintenance of the model once implemented to ensure ongoing relevance. A questionnaire conducted at the MFC provided insight into the perceived understanding of information security. The questionnaire results were used to ensure the model solution addressed current information security shortcomings within the MFC. This study found that the information security controls in ISO 27002 should be applicable to any industry. The uniqueness for the MFC is not in the security controls, but rather in the regulations and laws applicable to it.

Search results