Global ETD Search

241	Internet-based electronic payment systems Kortekaas, Birgit Friederike 01 January 2002 (has links) As today, the traditional payment systems of cash, cheques and credit cards are being supplemented by electronic cheques, electronic credit card-based systems, and token-based systems, online security is of utmost importance and one of the biggest criteria used for evaluating electronic payment systems. Electronic payment systems must guarantee the essential security requirements: confidentiality, privacy, integrity, availability. authentication, non-repudiation as well as anonymity and trust. This paper compares the various payment systems (both traditional and electronic) available today mainly according to their security aspects. Secure processing can be accomplished including access controls and detection techniques, such as, encrypted communication channels, user and/or message authentication, symmetric and asymmetric encryption, digital certificates and firewalls. These effective security measures, which are outlined in detail in this paper, will protect the information and payment systems against security risks that currently threaten the Internet / Computing / M.Sc. (Information Systems) Internet Electronic commerce Electronic payment systems Authentication Confidentiality Identification Integrity Privacy Security Cryptography Certificates Encryption Digital signatures Anonymity Threats Electronic cash Electronic cheque Smart cards Electronic credit cards 658.478 Internet -- Economic aspects Internet -- Security measures Payment Electronic commerce -- Security measures Computer networks -- Security measures Data encryption (Computer science) Smart cards
242	A comparative review of legislative reform of electronic contract formation in South Africa Snail, Sizwe 09 May 2016 (has links) Electronic contracts in the new technological age and electronic commerce have brought about world-wide legal uncertainty. When compared to the traditional paper-based method of writing and signing, the question has arisen whether contracts concluded by electronic means should be recognised as valid and enforceable agreements in terms of the functional equivalence approach. This study will examine the law regulating e-commerce from a South African perspective in contrast to international trends and e-commerce law from the perspective of the United States. The research investigates various aspects of contract formation such as time and place, validity of electronic agreements, electronic signatures, attribution of electronic data messages and signatures, automated transaction as well as select aspects of e-jurisdiction from a South African and United States viewpoint. / Mercantile Law / LLM Automated transaction Electronic contract formation Cyberlaw E-commerce Electronic writing Electronic agreements Electronic signatures Functional equivalence Technological neutrality Time and place of contract conclusion E-jurisdiction 343.9944068 Electronic contracts -- South Africa
243	Internet-based electronic payment systems Kortekaas, Birgit Friederike 01 January 2002 (has links) As today, the traditional payment systems of cash, cheques and credit cards are being supplemented by electronic cheques, electronic credit card-based systems, and token-based systems, online security is of utmost importance and one of the biggest criteria used for evaluating electronic payment systems. Electronic payment systems must guarantee the essential security requirements: confidentiality, privacy, integrity, availability. authentication, non-repudiation as well as anonymity and trust. This paper compares the various payment systems (both traditional and electronic) available today mainly according to their security aspects. Secure processing can be accomplished including access controls and detection techniques, such as, encrypted communication channels, user and/or message authentication, symmetric and asymmetric encryption, digital certificates and firewalls. These effective security measures, which are outlined in detail in this paper, will protect the information and payment systems against security risks that currently threaten the Internet / Computing / M.Sc. (Information Systems) Internet Electronic commerce Electronic payment systems Authentication Confidentiality Identification Integrity Privacy Security Cryptography Certificates Encryption Digital signatures Anonymity Threats Electronic cash Electronic cheque Smart cards Electronic credit cards 658.478 Internet -- Economic aspects Internet -- Security measures Payment Electronic commerce -- Security measures Computer networks -- Security measures Data encryption (Computer science) Smart cards
244	A comparative review of legislative reform of electronic contract formation in South Africa Snail, Sizwe 09 May 2016 (has links) Electronic contracts in the new technological age and electronic commerce have brought about world-wide legal uncertainty. When compared to the traditional paper-based method of writing and signing, the question has arisen whether contracts concluded by electronic means should be recognised as valid and enforceable agreements in terms of the functional equivalence approach. This study will examine the law regulating e-commerce from a South African perspective in contrast to international trends and e-commerce law from the perspective of the United States. The research investigates various aspects of contract formation such as time and place, validity of electronic agreements, electronic signatures, attribution of electronic data messages and signatures, automated transaction as well as select aspects of e-jurisdiction from a South African and United States viewpoint. / Mercantile Law / LLM Automated transaction Electronic contract formation Cyberlaw E-commerce Electronic writing Electronic agreements Electronic signatures Functional equivalence Technological neutrality Time and place of contract conclusion E-jurisdiction 343.9944068 Electronic contracts -- South Africa
245	The adoption and challenges of electronic voting technologies within the South African context Achieng, Mourine Sarah January 2013 (has links) Thesis submitted in fulfilment of the requirements for the degree Master of Technology: in Information Technology in the Faculty of Informatics and Design at the Cape Peninsula University of Technology Supervisor: Dr Ephias Ruhode Cape Town campus December 2013 / The use of ICTs such as computers, electronic databases and other technologies have been in use for a number of years within the public sector to organise, manage and disseminate information to the public as well as to facilitate day-to-day communication in government offices. In this context, the value of the use of ICTs has been to assist and streamline government operations. The technological development in South Africa has opened up the possibilities of the use of ICTs in the democratic and governance process. E-democracy has been defined as a tool for abandoning the representative system for one with more direct citizen engagement. This study sets out to explore the challenges of the current electoral process, and also determine the factors that could influence the adoption and diffusion of e-voting technologies within the South African context. Literature has shown that countries such as Brazil and India have successfully implemented electronic voting systems and other countries are at various piloting stages to address many challenges and problems associated with manual paper based system such as costs of physical ballot paper and other overheads, electoral delays, distribution of electoral materials, and general lack of confidence in the electoral process. It is in this context that the study also seeks to determine whether the South African electoral management body can leverage on the opportunities that e-voting presents. However, with all the benefits that e-voting presents, there are countries such Germany, the Netherlands etc. that have tried and tested e-voting systems and decided to abandon these system to go back to the manual paper ballot voting systems because of various reasons ranging from cost, security and verifiability. This research is exploratory in nature and adopts qualitative research approach and it is within the interpretivism paradigm. Survey and interview strategies were used to collect data. A purposive sampling method was used to select the participants for the survey. To gain an understanding of the views of voters and electoral management body (IEC) about the current electoral process and e-voting technologies, literature was explored, a questionnaire was distributed online to voters and an in-depth semi-structured interview was conducted with the IEC. The study targeted voters who had access to the internet since the survey questionnaire was distributed online. The analysis is based on thematic analysis and diffusion of innovation (DoI) theory was also used to provide an analytical framework for the study. Through this framework the aims and objectives of the study were conceptualized around three constructs from the theory (relative advantage, compatibility and complexity). The findings of the study revealed that the three constructs from the DoI framework are important factors that may influence the adoption process of e-voting technologies. The findings also revealed other factors such as availability of ICT enable infrastructure and resources, digital divide, trust in technology, awareness of the technology and environment could that also influence the adoption process. The contributions of this research are anticipated to be a better understanding of the adoption of e-voting technologies in South Africa. For the electoral management bodies, the contribution of this research is that the research to some extent portrays factors that could influence the adoption of e-voting technologies in South Africa. Therefore, findings such as availability of ICT infrastructure and accessibility of these infrastructures should be taken into consideration before introducing e-voting technologies. Keywords: DoI (diffusion of Innovation), e-voting (electronic voting) technologies, E-governance, e-participation. Voting systems -- South Africa Electronic voting -- South Africa Electoral systems -- South Africa Internet voting Data encryption (Computer science) Information systems Diffusion of innovation (Dol) e-voting technologies e-governance e-participation MTech Theses, dissertations, etc. NavTech
246	Proposta de implementação de uma arquitetura para a Internet de nova geração / An implementation proposal of a next generation internet architecture Wong, Walter 07 November 2007 (has links) Orientadores: Mauricio Ferreira Magalhães, Fabio Luciano Verdi / Dissertação (mestrado) - Universidade Estadual de Campinas, Faculdade de Engenharia Eletrica e Computação / Made available in DSpace on 2018-08-09T14:41:11Z (GMT). No. of bitstreams: 1 Wong_Walter_M.pdf: 1265045 bytes, checksum: 15a2435e5676b973ffe726e4757323e4 (MD5) Previous issue date: 2007 / Resumo: A concepção original da arquitetura da Internet foi baseada em uma rede fixa e confiável. Hoje em dia, a Internet se tornou dinâmica e vulnerável aos ataques de segurança. Também não era prevista a necessidade de integração de tecnologias heterogêneas nem de ambientes sem fio. A arquitetura atual apresenta uma série de barreiras técnicas para prover estes serviços, sendo uma das maiores a sobrecarga semântica do Internet Protocol (IP). O endereço IP atua como localizador na camada de rede e como identificador na camada de transporte, impossibilitando novas funcionalidades como a mobilidade e abrindo brechas de segurança. Este trabalho apresenta uma proposta de implementação de uma arquitetura para Internet de nova geração para o provisionamento de novos serviços de forma natural e integrada para a Internet atual. A proposta de arquitetura de implementação oferece suporte à mobilidade, ao multihoming, à segurança, à integração de redes heterogêneas e às aplicações legadas através da introdução de uma nova camada de identificação na arquitetura atual. Esta nova camada tem por objetivo separar a identidade da localização e se tornar uma opção de comunicação para as redes heterogêneas. Mecanismos adicionais foram propostos para prover o suporte às funcionalidades da arquitetura, tais como a resolução de nomes em identificadores, o roteamento baseado no identificador, a gerência de localização e um plano de controle para a troca de mensagens de sinalização fim-a-fim entre os componentes da arquitetura. Para a validação da arquitetura proposta, um protótipo foi implementado e vários testes de desempenho foram realizados para avaliação do overhead da implementação, do modelo de segurança, da robustez e do suporte à mobilidade e às aplicações legadas / Abstract: The original concept of the Internet architecture was based on static and reliable networks. Nowadays, the Internet became more dynamic and vulnerable to security attacks. The integration of heterogeneous technologies and wireless environment were not predicted. The current architecture presents some technical barriers to provide these services. One of these problems is the semantic overload of the Internet Protocol (IP). The IP address acts as locator in the network layer and identifier in the transport layer, preventing new features such as mobility and allowing security flaws. This work presents an implementation proposal of a next generation Internet architecture to provide new services naturally integrated to the Internet. The implementation proposal supports mobility, multihoming, security, heterogeneous networks integration and legacy applications by the introduction of a new identification layer in the current architecture. This new layer will separate the identity from the location and become an option for communication between heterogeneous networks. Additional mechanisms were proposed to support the new functionalities of the architecture, e.g., resolution of names to identifiers, identifier-based routing, location management and a control plane to exchange end-toend signalling control messages between the components of the architecture. In order to evaluate the proposed architecture, a prototype was implemented and some tests were performed considering implementation overhead, security model, robustness and support for mobility and legacy applications / Mestrado / Engenharia de Computação / Mestre em Engenharia Elétrica Arquitetura de redes de computador Internet sem fio Sistemas de comunicação sem fio Criptografia de dados (Computação) Redes de computadores - Protocolos Computer network architectures Computer networks - Security measures Wireless Internet Wireless communication systems Data encryption (Computer science) Computer network protocols Next-generation internet architectures Multihoming Security Heterogeneous networks
247	Attaques par canaux auxiliaires: nouvelles attaques, contre-mesures et mises en oeuvre Fernandes Medeiros, Stéphane 28 April 2015 (has links) Les attaques par canaux auxiliaires sont apparues dans la deuxième moitié des années 1990. Ces attaques exploitent différentes informations qu’il est possible de collecter lors de l’exécution d’un algorithme sur un appareil cryptographique. Il est ainsi possible, entre autres, de mesurer la consommation d’énergie d’un appareil cryptographique, ou encore d’observer le temps d’exécution d’un certain algorithme sur un appareil. C’est à ces deux sources d’in- formation que nous nous intéressons dans ce travail. Après une présentation des concepts utiles à la lecture du travail et de l’état de l’art des attaques et des contre-mesures du domaine, nous abordons les résultats de nos recherches effectuées lors de ce travail de thèse. Nous présentons d’abord nos contributions aux attaques par mesure de consommation d’énergie :(1) une approche com- binant apprentissage semi-supervisé et attaques par templates pour retrouver le poids de Hamming des différents bytes d’une clé de chiffrement et (2) une approche utilisant des techniques d’apprentissage automatique pour attaquer une implantation protégée d’AES. Ensuite, nous abordons les contre-mesures investiguées durant nos recherches qui se résument (1) en la possibilité de rendre l’ordre des instructions d’AES le plus aléatoire possible en jouant sur la relation de dépendance entre celles-ci ainsi qu’en (2) l’étude de l’application partielle (sur un sous-ensemble de données) de certaines contre-mesures, afin de protéger les données sensibles d’un algorithme. Enfin, nous terminons ce travail par l’emploi de la programmation orientée aspects comme manière d’implanter des contre-mesures pour les attaques temporelles (sur RSA) et pour les attaques par mesures de consommation d’énergie (sur AES). / Doctorat en Sciences / info:eu-repo/semantics/nonPublished Informatique générale Sciences exactes et naturelles Computer crimes Cyberterrorism -- Prevention Cryptography -- Equipment and supplies Data encryption (Computer science) Computer algorithms Criminalité informatique Cyberterrorisme -- Prévention Cryptographie -- Appareils et matériel Chiffrement (Informatique) Algorithmes TA SPA AOP shuffling hiding attaques par canaux auxiliaires masking AES MIA CPA DPA
248	Securing sensor network Zare Afifi, Saharnaz January 2014 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / A wireless sensor network consists of lightweight nodes with a limited power source. They can be used in a variety of environments, especially in environments for which it is impossible to utilize a wired network. They are easy/fast to deploy. Nodes collect data and send it to a processing center (base station) to be analyzed, in order to detect an event and/or determine information/characteristics of the environment. The challenges for securing a sensor network are numerous. Nodes in this network have a limited amount of power, therefore they could be faulty because of a lack of battery power and broadcast faulty information to the network. Moreover, nodes in this network could be prone to different attacks from an adversary who tries to eavesdrop, modify or repeat the data which is collected by other nodes. Nodes may be mobile. There is no possibility of having a fixed infrastructure. Because of the importance of extracting information from the data collected by the sensors in the network there needs to be some level of security to provide trustworthy information. The goal of this thesis is to organize part of the network in an energy efficient manner in order to produce a suitable amount of integrity/security. By making nodes monitor each other in small organized clusters we increase security with a minimal energy cost. To increase the security of the network we use cryptographic techniques such as: public/ private key, manufacturer signature, cluster signature, etc. In addition, nodes monitor each other's activity in the network, we call it a "neighborhood watch" In this case, if a node does not forward data, or modifies it, and other nodes which are in their transmission range can send a claim against that node. Cluster-Base Network Threshold Signature Data Aggregation Wireless Network Ad-hoc Network Neighborhood Watch Threshold signatures -- Research Computer networks -- Security measures Wireless communication systems Wireless LANs Group signatures (Computer security) Data protection Computer security -- Management Sensor networks -- Research Pattern recognition systems Computers -- Access control Computer network protocols
249	Information-Theoretic aspects of quantum key distribution Van Assche, Gilles 26 April 2005 (has links) <p>La distribution quantique de clés est une technique cryptographique permettant l'échange de clés secrètes dont la confidentialité est garantie par les lois de la mécanique quantique. Le comportement particulier des particules élémentaires est exploité. En effet, en mécanique quantique, toute mesure sur l'état d'une particule modifie irrémédiablement cet état. En jouant sur cette propriété, deux parties, souvent appelées Alice et Bob, peuvent encoder une clé secrète dans des porteurs quantiques tels que des photons uniques. Toute tentative d'espionnage demande à l'espion, Eve, une mesure de l'état du photon qui transmet un bit de clé et donc se traduit par une perturbation de l'état. Alice et Bob peuvent alors se rendre compte de la présence d'Eve par un nombre inhabituel d'erreurs de transmission.</p><p><p><p>L'information échangée par la distribution quantique n'est pas directement utilisable mais doit être d'abord traitée. Les erreurs de transmissions, qu'elles soient dues à un espion ou simplement à du bruit dans le canal de communication, doivent être corrigées grâce à une technique appelée réconciliation. Ensuite, la connaissance partielle d'un espion qui n'aurait perturbé qu'une partie des porteurs doit être supprimée de la clé finale grâce à une technique dite d'amplification de confidentialité.</p><p><p><p>Cette thèse s'inscrit dans le contexte de la distribution quantique de clé où les porteurs sont des états continus de la lumière. En particulier, une partie importante de ce travail est consacrée au traitement de l'information continue échangée par un protocole particulier de distribution quantique de clés, où les porteurs sont des états cohérents de la lumière. La nature continue de cette information implique des aménagements particuliers des techniques de réconciliation, qui ont surtout été développées pour traiter l'information binaire. Nous proposons une technique dite de réconciliation en tranches qui permet de traiter efficacement l'information continue. L'ensemble des techniques développées a été utilisé en collaboration avec l'Institut d'Optique à Orsay, France, pour produire la première expérience de distribution quantique de clés au moyen d'états cohérents de la lumière modulés continuement.</p><p><p><p>D'autres aspects importants sont également traités dans cette thèse, tels que la mise en perspective de la distribution quantique de clés dans un contexte cryptographique, la spécification d'un protocole complet, la création de nouvelles techniques d'amplification de confidentialité plus rapides à mettre en œuvre ou l'étude théorique et pratique d'algorithmes alternatifs de réconciliation.</p><p><p><p>Enfin, nous étudions la sécurité du protocole à états cohérents en établissant son équivalence à un protocole de purification d'intrication. Sans entrer dans les détails, cette équivalence, formelle, permet de valider la robustesse du protocole contre tout type d'espionnage, même le plus compliqué possible, permis par les lois de la mécanique quantique. En particulier, nous généralisons l'algorithme de réconciliation en tranches pour le transformer en un protocole de purification et nous établissons ainsi un protocole de distribution quantique sûr contre toute stratégie d'espionnage.</p><p><p><p>Quantum key distribution is a cryptographic technique, which allows to exchange secret keys whose confidentiality is guaranteed by the laws of quantum mechanics. The strange behavior of elementary particles is exploited. In quantum mechnics, any measurement of the state of a particle irreversibly modifies this state. By taking advantage of this property, two parties, often called Alice and bob, can encode a secret key into quatum information carriers such as single photons. Any attempt at eavesdropping requires the spy, Eve, to measure the state of the photon and thus to perturb this state. Alice and Bob can then be aware of Eve's presence by a unusually high number of transmission errors.</p><p><p><p>The information exchanged by quantum key distribution is not directly usable but must first be processed. Transmission errors, whether they are caused by an eavesdropper or simply by noise in the transmission channel, must be corrected with a technique called reconciliation. Then, the partial knowledge of an eavesdropper, who would perturb only a fraction of the carriers, must be wiped out from the final key thanks to a technique called privacy amplification.</p><p><p><p>The context of this thesis is the quantum key distribution with continuous states of light as carriers. An important part of this work deals with the processing of continuous information exchanged by a particular protocol, where the carriers are coherent states of light. The continuous nature of information in this case implies peculiar changes to the reconciliation techniques, which have mostly been developed to process binary information. We propose a technique called sliced error correction, which allows to efficiently process continuous information. The set of the developed techniques was used in collaboration with the Institut d'Optique, Orsay, France, to set up the first experiment of quantum key distribution with continuously-modulated coherent states of light.</p><p><p><p>Other important aspects are also treated in this thesis, such as placing quantum key distribution in the context of a cryptosystem, the specification of a complete protocol, the creation of new techniques for faster privacy amplification or the theoretical and practical study of alternate reconciliation algorithms.</p><p><p><p>Finally, we study the security of the coherent state protocol by analyzing its equivalence with an entanglement purification protocol. Without going into the details, this formal equivalence allows to validate the robustness of the protocol against any kind of eavesdropping, even the most intricate one allowed by the laws of quantum mechanics. In particular, we generalize the sliced error correction algorithm so as to transform it into a purification protocol and we thus establish a quantum key distribution protocol secure against any eavesdropping strategy.</p> / Doctorat en sciences appliquées / info:eu-repo/semantics/nonPublished Sciences de l'ingénieur Electronique générale Information theory Data protection Quantum computers Cryptography -- Data processing Computer security Data encryption (Computer science) Source code (Computer science) Théorie de l'information Ordinateurs quantiques Cryptographie -- Informatique Sécurité informatique Chiffrement (Informatique) Programme source (Informatique) cryptographie quantique distribution quantique de clés quantum key distribution security reconciliation source coding quantum cryptography privacy amplification entanglement purification purification d'intrication sécurité théorie de l'information information theory quantum information theory cryptography réconciliation cryptographie codage source amplification de confidentialité théorie de l'information quantique
250	Secure Digital Provenance: Challenges and a New Design Rangwala, Mohammed M. January 2014 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / Derived from the field of art curation, digital provenance is an unforgeable record of a digital object's chain of successive custody and sequence of operations performed on the object. It plays an important role in accessing the trustworthiness of the object, verifying its reliability and conducting audit trails of its lineage. Digital provenance forms an immutable directed acyclic graph (DAG) structure. Since history of an object cannot be changed, once a provenance chain has been created it must be protected in order to guarantee its reliability. Provenance can face attacks against the integrity of records and the confidentiality of user information, making security an important trait required for digital provenance. The digital object and its associated provenance can have different security requirements, and this makes the security of provenance different from that of traditional data. Research on digital provenance has primarily focused on provenance generation, storage and management frameworks in different fields. Security of digital provenance has also gained attention in recent years, particularly as more and more data is migrated in cloud environments which are distributed and are not under the complete control of data owners. However, there still lacks a viable secure digital provenance scheme which can provide comprehensive security for digital provenance, particularly for generic and dynamic ones. In this work, we address two important aspects of secure digital provenance that have not been investigated thoroughly in existing works: 1) capturing the DAG structure of provenance and 2) supporting dynamic information sharing. We propose a scheme that uses signature-based mutual agreements between successive users to clearly delineate the transition of responsibility of the digital object as it is passed along the chain of users. In addition to preserving the properties of confidentiality, immutability and availability for a digital provenance chain, it supports the representation of DAG structures of provenance. Our scheme supports dynamic information sharing scenarios where the sequence of users who have custody of the document is not predetermined. Security analysis and empirical results indicate that our scheme improves the security of the typical secure provenance schemes with comparable performance. availability confidentiality cryptography integrity provenance signatures Cryptography -- Research Data protection -- Research Digital signatures Cultural property -- Protection Computer networks -- Security measures Database management Databases -- Quality control Computer networks -- Monitoring Information services -- Quality control Application software -- Development Computer programs -- Validation

Search results