- About
-
The Global ETD Search service is a free service for researchers
to find electronic theses and dissertations. This service is
provided by the
Networked Digital Library of Theses and Dissertations.
Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
Search results
Showing 661 to 670 of 698 (0.045 seconds)Spelling suggestions: "subject:"accesscontrol"" "subject:"accesskontroll""
| 661 |
Visualizing Zones : Defining the Notion of Zones in Physical Access Control for Security Management SystemJu, Joanne January 2023 (has links)
In the domain of access control, the notion of zone is still ambiguous. The zone demands clearer contextualization that resonates with the security operators in their workplace. Through interpretive research, this project aims to investigate intuitive ways to monitor the overview of security through visualisation and propose a groundwork that can facilitate discussion around future possibilities of zones in physical access control. Based on the sense making process, this project presents three visualisation models: textual, physical, and abstract. Each model explores various representations of zones to communicate zone-to-zone relationships to improve usability. Also, the design work demonstrates diverse expressive qualities interacting with spaces that are physical, conceptual, and logical. In the most practical sense, the zone means groups of doors, however, the zone also embodies an abstract layer of interpretation that is not strictly connected to a physical space.
|
| 662 |
KARTAL: Web Application Vulnerability Hunting Using Large Language Models : Novel method for detecting logical vulnerabilities in web applications with finetuned Large Language Models / KARTAL: Jakt på sårbarheter i webbapplikationer med hjälp av stora språkmodeller : Ny metod för att upptäcka logiska sårbarheter i webbapplikationer med hjälp av finjusterade stora språkmodellerSakaoglu, Sinan January 2023 (has links)
Broken Access Control is the most serious web application security risk as published by Open Worldwide Application Security Project (OWASP). This category has highly complex vulnerabilities such as Broken Object Level Authorization (BOLA) and Exposure of Sensitive Information. Finding such critical vulnerabilities in large software systems requires intelligent and automated tools. State-of-the-art (SOTA) research including hybrid application security testing tools, algorithmic brute forcers, and artificial intelligence has shown great promise in detection. Nevertheless, there exists a gap in research for reliably identifying logical and context-dependant Broken Access Control vulnerabilities. We modeled the problem as text classification and proposed KARTAL, a novel method for web application vulnerability detection using a Large Language Model (LLM). It consists of 3 components: Fuzzer, Prompter, and Detector. The Fuzzer is responsible for methodically collecting application behavior. The Prompter processes the data from the Fuzzer and formulates a prompt. Finally, the Detector uses an LLM which we have finetuned for detecting vulnerabilities. In the study, we investigate the performance, key factors, and limitations of the proposed method. Our research reveals the need for a labeled Broken Access Control vulnerability dataset in the cybersecurity field. Thus, we custom-generate our own dataset using an auto-regressive LLM with SOTA few-shot prompting techniques. We experiment with finetuning 3 types of decoder-only pre-trained transformers for detecting 2 sophisticated vulnerabilities. Our best model attained an accuracy of 87.19%, with an F1 score of 0.82. By using hardware acceleration on a consumer-grade laptop, our fastest model can make up to 539 predictions per second. The experiments on varying the training sample size demonstrated the great learning capabilities of our model. Every 400 samples added to training resulted in an average MCC score improvement of 19.58%. Furthermore, the dynamic properties of KARTAL enable inferencetime adaption to the application domain, resulting in reduced false positives. / Brutet åtkomstkontroll är den allvarligaste säkerhetsrisken för webbapplikationer enligt Open Worldwide Application Security Project (OWASP). Denna kategori har mycket komplexa sårbarheter såsom Brutet behörighetskontroll på objektnivå (BOLA) och exponering av känslig information. Att hitta sådana kritiska sårbarheter i stora programvarusystem kräver intelligenta och automatiserade verktyg. Senaste tekniken (SOTA)-forskning, inklusive hybridverktyg för säkerhetstestning av applikationer, algoritmiska bruteforcers och artificiell intelligens, har visat stor potential för upptäckt. Trots detta finns det en lucka i forskningen när det gäller tillförlitlig identifiering av logiska och kontextberoende sårbarheter relaterade till Brutet åtkomstkontroll. Vi modellerade problemet som textklassificering och föreslog KARTAL, en ny metod för att upptäcka sårbarheter i webbapplikationer med hjälp av en stor språkmodell (LLM). Den består av 3 komponenter: Fuzzer, Prompter och Detector. Fuzzer ansvarar för att systematiskt samla in applikationsbeteende. Prompter bearbetar data från Fuzzer och formulerar en förfrågan. Slutligen använder Detector en LLM som vi har finjusterat för att upptäcka sårbarheter. I studien undersöker vi prestanda, nyckelfaktorer och begränsningar hos den föreslagna metoden. Vår forskning visar behovet av en märkt dataset för sårbarheter relaterade till Brutet åtkomstkontroll inom cybersäkerhetsområdet. Därför genererar vi anpassade dataset med hjälp av en auto-regressiv LLM med SOTA few-shot-prompting-tekniker. Vi experimenterar med att finjustera 3 typer av endast avkodare transformers som är förtränade för att upptäcka 2 sofistikerade sårbarheter. Vår bästa modell uppnådde en noggrannhet på 87.19% med en F1-poäng på 0.82. Genom att använda hårdvaruacceleration på en bärbar dator för konsumenter kan vår snabbaste modell göra upp till 539 förutsägelser per sekund. Experimenten med varierande storlek på träningsprovet visade på vår modells stora förmåga att lära sig. Varje 400 prover som lades till träningen resulterade i en genomsnittlig förbättring av MCC-poängen med 19.58%. Dessutom möjliggör de dynamiska egenskaperna hos KARTAL anpassning vid inferringstid till applikationsdomänen, vilket resulterar i färre falska positiva resultat.
|
| 663 |
Analysis and improvement of medium access control protocols in wireless networks. Performance modelling and Quality-of-Service enhancement of IEEE 802.11e MAC in wireless local area networks under heterogeneous multimedia traffic.Hu, Jia January 2010 (has links)
In order to efficiently utilize the scarce wireless resource as well as keep up
with the ever-increasing demand for Quality-of-Service (QoS) of multimedia
applications, wireless networks are undergoing rapid development and dramatic
changes in the underlying technologies and protocols. The Medium Access Control
(MAC) protocol, which coordinates the channel access and data transmission of
wireless stations, plays a pivotal role in wireless networks.
Performance modelling and analysis has been and continues to be of great
theoretical and practical importance in the design and development of wireless
networks. This research is devoted to developing efficient and cost-effective
analytical tools for the performance analysis and enhancement of MAC protocols in
Wireless Local Area Networks (WLANs) under heterogeneous multimedia traffic.
To support the MAC-layer QoS in WLANs, the IEEE 802.11e Enhanced Distributed
Channel Access (EDCA) protocol has proposed three QoS differentiation schemes
in terms of Arbitrary Inter-Frame Space (AIFS), Contention Window (CW), and
Transmission Opportunity (TXOP). This research starts with the development of
new analytical models for the TXOP scheme specified in the EDCA protocol under
Poisson traffic. A dynamic TXOP scheme is then proposed to adjust the TXOP
limits according to the status of the transmission queue. Theoretical analysis and
simulation experiments show that the proposed dynamic scheme largely improves
the performance of TXOP. To evaluate the TXOP scheme in the presence of
ii
heterogeneous traffic, a versatile analytical model is developed to capture the traffic
heterogeneity and model the features of burst transmission. The performance results
highlight the importance of taking into account the heterogeneous traffic for the
accurate evaluation of the TXOP scheme in wireless multimedia networks.
To obtain a thorough and deep understanding of the performance attributes of
the EDCA protocol, a comprehensive analytical model is then proposed to
accommodate the integration of the three QoS schemes of EDCA in terms of AIFS,
CW, and TXOP under Poisson traffic. The performance results show that the TXOP
scheme can not only support service differentiation but also improve the network
performance, whereas the AIFS and CW schemes provide QoS differentiation only.
Moreover, the results demonstrate that the MAC buffer size has considerable impact
on the QoS performance of EDCA under Poisson traffic. To investigate the
performance of EDCA in wireless multimedia networks, an analytical model is
further developed for EDCA under heterogeneous traffic. The performance results
demonstrate the significant effects of heterogeneous traffic on the total delay and
frame losses of EDCA with different buffer sizes. Finally, an efficient admission
control scheme is presented for the IEEE 802.11e WLANs based on analytical
modelling and a game-theoretical approach. The admission control scheme can
maintain the system operation at an optimal point where the utility of the Access
Point (AP) is maximized with the QoS constraints of various users.
|
| 664 |
Semantically-enriched and semi-Autonomous collaboration framework for the Web of Things. Design, implementation and evaluation of a multi-party collaboration framework with semantic annotation and representation of sensors in the Web of Things and a case study on disaster managementAmir, Mohammad January 2015 (has links)
This thesis proposes a collaboration framework for the Web of Things based on the concepts of Service-oriented Architecture and integrated with semantic web technologies to offer new possibilities in terms of efficient asset management during operations requiring multi-actor collaboration. The motivation for the project comes from the rise in disasters where effective cross-organisation collaboration can increase the efficiency of critical information dissemination. Organisational boundaries of participants as well as their IT capability and trust issues hinders the deployment of a multi-party collaboration framework, thereby preventing timely dissemination of critical data. In order to tackle some of these issues, this thesis proposes a new collaboration framework consisting of a resource-based data model, resource-oriented access control mechanism and semantic technologies utilising the Semantic Sensor Network Ontology that can be used simultaneously by multiple actors without impacting each other’s networks and thus increase the efficiency of disaster management and relief operations. The generic design of the framework enables future extensions, thus enabling its exploitation across many application domains. The performance of the framework is evaluated in two areas: the capability of the access control mechanism to scale with increasing number of devices, and the capability of the semantic annotation process to increase in efficiency as more information is provided. The results demonstrate that the proposed framework is fit for purpose.
|
| 665 |
Providing QoS in Autonomous and Neighbor-aware multi-hop Wireless Body Area NetworksIyengar, Navneet 15 October 2015 (has links)
No description available.
|
| 666 |
Fair Medium Access Control Mechanism Reducing Throughput Degradation in IEEE 802.11s Wireless Mesh NetworksGhasemi, Saeed, El-hajj Moussa, Haisam January 2016 (has links)
Denna rapport behandlar prestandaproblem i den nyligen standardiserade Mesh kommunikationsstandarden (IEEE 802.11s). I denna rapport, undersöker och förbättra vi ett förhållande som resulterar i reduktion av genomströmningen i en kedja av noder topologi. IEEE802.11s är mycket lovande med många fördelar för både IoT-systemen och trådlösa nätverk i båda hemmet och arbete.Vi arbetar med frågan om orättvisa när CSMA/CA tillämpas, vilket orsakar genomströmningsreduktion på grund av paketförluster och indikerar svältning. Vi analyserar konsekvenserna av Collision Avoidance (CA) mekanism och föreslår en ersättning för CA som är både rättvist och samtidigt kan upprätthålla undvikande av kollisioner. Vi implementera detta i en simulator och resultatet visar på betydligt högre end-to-end-genomströmning än standard CSMA/CA och inga paketförluster på grund av buffertspill. / This thesis rapport deals with the performance issues of the newly standardized Wireless mesh protocol (IEEE 802.11s). In this thesis, we work on improving the conditions that results in throughput degradation in a chain of nodes topology. The mesh standard is very promising with many advantages for both IoT systems and home wireless networks.We work on the issue of unfairness when CSMA/CA is applied, which causes throughput degradation due to packet loss and indicates starvation. We analyze the implication of the Collision Avoidance (CA) mechanism and propose a replacement for the CA that is both fair and able to maintain collision avoidance. We implement this in a simulator and the result shows significantly higher end-to-end throughput compared to the original CSMA/CA and no packet loss due to buffer overflow.
|
| 667 |
Implementering av Zero Trust i ett händelsestyrt meddelandesystem / Implementation of Zero Trust in an Event-Driven Messaging SystemWilson, Paul-Stefan Luay, Bahadi, Georges January 2024 (has links)
Denna rapport adresserar den centrala problemställningen kring säkerheten i händelsestyrda meddelandesystem genom att undersöka och implementera Zero Trust-arkitektur. Problemet är av stor relevans på grund av den ökande användningen av sådana system och det växande behovet av robusta säkerhetslösningar för att hantera utmaningar relaterade till asynkron kommunikation och datahantering. Zero Trust-modellen erbjuder en innovativ strategi för att förstärka säkerheten genom att eliminera implicit tillit och istället kontinuerligt verifiera användare och enheter, vilket gör det särskilt lämpligt för dynamiska och distribuerade system. Genom att utforska och analysera egenskaperna hos händelsestyrda meddelandesystem och identifiera de utmaningar som de presenterar för säkerhetsarkitekturen, undersöker rapporten en mängd olika metoder för att genomföra Zero Trust-principen. Genom en noggrann integrering av dessa metoder framhäver rapporten en effektiv och skalbar lösning för att säkra och skydda känsliga resurser och data i händelsestyrda meddelandesystem. Den presenterade lösningen belyser värdet av Zero Trust som en tillförlitlig modell för att hantera säkerhetsrisker och säkerställa en hållbar och robust arkitektur för asynkron kommunikation i moderna IT-system. / This report addresses the central issue of security in event-driven messaging systems by examining and implementing Zero Trust architecture. The problem is highly relevant due to the increasing use of such systems and the growing need for robust security solutions to manage challenges related to asynchronous communication and data handling. The Zero Trust model offers an innovative approach to enhancing security by eliminating implicit trust and instead continuously verifying users and devices, making it particularly suitable for dynamic and distributed systems. By exploring and analyzing the characteristics of event-driven messaging systems and identifying the challenges they present for security architecture, the report investigates various methods for implementing the Zero Trust principle. Through careful integration of these methods, the report highlights an effective and scalable solution for securing and protecting sensitive resources and data in event-driven messaging systems. The presented solution underscores the value of Zero Trust as a reliable model for addressing security risks and ensuring a sustainable and robust architecture for asynchronous communication in modern IT systems.
|
| 668 |
Mapping out the Key Security Components in Relational Databases (MK-SCoRe) : Enhancing the Security of Relational Database Technology / Kartläggning av Nyckelkomponenter för Säkerhet i Relationsdatabaser (MK-SCoRe) : Förbättring av Säkerheten i RelationsdatabasteknikAlobaidi, Murtadha, Trabulsiah, Abdullah January 2024 (has links)
Relational database security has become an increasingly important issue for organizations worldwide in the current era of data-driven operations. The urgent need for an extensive knowledge of relational database security components in relational databases is addressed in this thesis. Database security is constantly improving, but there is still a lack of research that analyzes these important factors. Because of this gap, databases are not sufficiently secured from new cyber threats, which endangers its accessibility, confidentiality, and integrity. The problem that the thesis addresses is the lack of comprehensive research covering all key security components in relational databases which, presents a challenge for organizations seeking to comprehensively secure their database systems. The purpose of this thesis is to systematically map the key security components essential to relational databases. The goal is to assist organizations and Database professionals to secure their relational databases against diverse cyber threats. Using a qualitative and exploratory methodology, the research analyzes a wide range of literature on database security. The research offers a balanced and comprehensive perspective on the current security landscape in relational databases by integrating theoretical study with structured interviews. This method guarantees that all essential security components is fully investigated. The results of this thesis involve a detailed mapping of the key security components within relational databases, which are uniquely informed by a combination of academic research and empirical findings from structured interviews with Database security experts. This thesis analyzes these security components based on how well they address current security threats, how well they secure databases, and how well they can adapt to different organizational needs. / Säkerhet i relationsdatabaser har blivit en allt viktigare fråga för organisationer världen över i den nuvarande eran av datadriven verksamhet. I den här avhandlingen behandlas det akuta behovet av en omfattande kunskap om säkerhetskomponenter för relationsdatabaser i relationsdatabaser. Databassäkerheten förbättras ständigt, men det finns fortfarande en brist på forskning som analyserar dessa viktiga faktorer. På grund av denna brist är databaser inte tillräckligt skyddade mot nya cyberhot, vilket äventyrar deras tillgänglighet, konfidentialitet och integritet. Problemet som avhandlingen tar upp är bristen på omfattande forskning som täcker alla viktiga säkerhetskomponenter i relationsdatabaser, vilket utgör en utmaning för organisationer som vill säkra sina databassystem på ett heltäckande sätt. Syftet med denna avhandling är att systematiskt kartlägga de viktigaste säkerhetskomponenterna som är väsentliga för relationsdatabaser. Målet är att hjälpa organisationer och databasspecialister att säkra sina relationsdatabaser mot olika cyberhot. Med hjälp av en kvalitativ och explorativ metod analyseras ett brett spektrum av litteratur om databassäkerhet. Forskningen erbjuder ett balanserat och omfattande perspektiv på det nuvarande säkerhetslandskapet i relationsdatabaser genom att integrera teoretiska studier med strukturerade intervjuer. Denna metod garanterar att alla väsentliga säkerhetskomponenter undersöks fullständigt. Resultatet av denna avhandling innebär en detaljerad kartläggning av de viktigaste säkerhetskomponenterna inom relationsdatabaser, som är unikt informerade av en kombination av akademisk forskning och empiriska resultat från strukturerade intervjuer med databassäkerhetsexperter. Denna avhandling analyserar dessa säkerhetskomponenter utifrån hur väl de hanterar aktuella säkerhetshot, hur väl de säkrar databaser och hur väl de kan anpassas till olika organisatoriska behov.
|
| 669 |
Modeling of initial contention window size for successful initial ranging process in IEEE 802.22 WRAN cellAfzal, Humaira, Awan, Irfan U., Mufti, Muhammad R., Sheriff, Ray E. 20 December 2014 (has links)
No / Avoiding collision among contending customer premise equipments (CPEs) attempting to associate with a base station (BS) in a wireless regional area network (WRAN) is a challenging issue. The collision probability is highly dependent upon the size of the initial contention window and the number of contending CPEs. To reduce the collision probability among CPEs in order to start the ranging process in an IEEE 802.22 network, the BS needs to adjust the initial contention window size. This paper provides an analytical framework to estimate the ranging request collision probability depending upon the size of the initial contention window and the number of CPEs attempting to join the IEEE WRAN cell. The accuracy of the estimated curve is analyzed for various numbers of contention CPEs on the basis of the relative errors. The numerical results confirm that the approximation works reasonably well for finding the ranging request collision probability for any number of contention CPEs at a particular value of initial contention window size. Moreover, this approximation provides the threshold size for a contention window to start the initial ranging process for any number of CPEs in an IEEE 802.22 network. (C) 2014 Elsevier B.V. All rights reserved.
|
| 670 |
Senior health care systemLing, Meng-Chun 01 January 2005 (has links)
Senior Health Care System (SHCS) is created for users to enter participants' conditions and store information in a central database. When users are ready for quarterly assessments the system generates a simple summary that can be reviewed, modified, and saved as part of the summary assessments, which are required by Federal and California law.
|
Page generated in 0.0583 seconds