Global ETD Search

511	Security Analysis and Recommendations for CONIKS as a PKI Solution for Mobile Apps Spendlove, George Bradley 01 December 2018 (has links) Secure mobile apps, including end-to-end encrypted messaging apps such as Whats-App and Signal, are increasingly popular today. These apps require trust in a centralized key directory to automatically exchange the public keys used to secure user communication. This trust may be abused by malicious, subpoenaed, or compromised directories. A public key infrastructure (PKI) solution that requires less trust would increase the security of these commonly used apps.CONIKS is a recent PKI proposal that features transparent key directories which publish auditable digests of the public keys they present to queriers. By monitoring its key every time a new digest is published, a client can verify that its key is published correctly, reducing the need to trust the directory. CONIKS features improved security at the cost of unique auditing and monitoring requirements. In this thesis, we examine CONIKS' suitability as a PKI solution for secure mobile apps. We present a threat analysis of possible attacks on the CONIKS protocol and explore several important implications of CONIKS' system description, including recommendations for whistleblowing and key change policies. We also analyze mobile device usage data to estimate whether typical mobile device Internet connectivity is sufficient to fulfill CONIKS' monitoring requirement. public key infrastructure CONIKS public ledger transparency log end-to-end encryption mobile devices Internet connectivity Computer Sciences
512	Usable Security and Privacy for Secure Messaging Applications Vaziripour, Elham 01 December 2018 (has links) The threat of government and corporate surveillance around the world, as well as the publicity surrounding major cybersecurity attacks, have increased interest in secure and private end-to-end communications. In response to this demand, numerous secure messaging applications have been developed in recent years. These applications have been welcomed and publically used not just by political activists and journalists but by everyday users as well. Most of these popular secure messaging applications are usable because they hide many of the details of how encryption is provided. The strength of the security properties of these applications relies on the authentication ceremony, wherein users validate the keys being used for encryption that is exchanged through the service providers. The validation process typically involves verifying the fingerprints of encryption keys to protect the communication from being intercepted.In this dissertation, we explore how to help users enhance the privacy of their communica- tions, with a particular focus on secure messaging applications. First, we explore whether secure messaging applications are meeting the security and privacy needs of their users, especially in countries that practice censorship and restrict civil liberties, including blocking access to social media and communication applications. Second, we studied existing popular secure messaging applications to explore how users interact with these applications and how well they are using the authentication ceremony during lab studies. Third, we applied design principles to improve the interfaces for the authentication ceremony, and also to help users find and perform the authentication ceremony faster. Forth, we applied the lessons from our interviews with participants in our user studies to help users comprehend the importance of authentication. As part of the effort, we developed an authentication ceremony using social media accounts to map key fingerprints to social features, pushing the ceremony to a more natural domain for users. We modified the Signal secure messaging application to include this social authentication ceremony and used a user study to compare this method to other common methods. We found that social authentication has some promising features, but that social media companies are too distrusted by users. Based on our results, we make several recommendations to improve the use of security and privacy features in secure messaging applications and outline areas for future work. Security HCI Authentication Ceremony Usable Security User Study End-to-End Encryption Secure Messaging Applications Computer Sciences
513	Värdet av Personligheter i Front-End Innovation / The Utility of Personalities in Front-End Innovation Ramoser, Hannes, Hygerth, Fredrik January 2016 (has links) Denna rapport söker att utforska ett nytt sätt att organisera front-end innovation. Därmed förbättra modeller av aktuell forskning som ger belägg för framgångsrika sociala nätstrukturer eller heterogenitetförhållanden, målet med denna studie är att hitta idealiska personlighetskonstellationer inom projektteam - för att göra dem kraftfulla och användbara. Det finns begränsad forskning som beskriver hur individers personlighetsdrag i team påverkar förmågan att innovera, dock vet man att personligheten är en absolut nödvändigt för att matcha ihop rätt personer för att skapa rätt resultat. Inledande research påvisade fyra idénytto- dimensioner som gör en idé värdefull; kundorientering, genomförbarhet, marknadsmöjligheter och strategisk passform. Den teoretiska referensramen tyder på att var och en av de fyra personlighetsarketyperna (rationals, guardians, idealists och artisans) är naturligt benägna för att producera idéer inom dessa dimensioner. Att känna till den dominerande typen av idéer som enskilda personer producerar möjliggör organisering för att förbättra flödet av idéer. En noggrann metodik har genomfördes där ett initialt personlighetstest med 96 deltagare genomfördes, följt av en idégenereringssession i skräddarsydda personlighets-team med de nämnda deltagarna, det medförde att 179 idéer producerades. Samarbeten med externa yrkesmän underlättade kategorisering av idéerna enligt de fyra idé-nytto-dimensionerna. Vid korrelation- och regressionsanalys av datan påvisades att personligheter har en prediktiv effekt, som kan utnyttjas. Arketypen rationals, var benägna att producera genomförbara och kundorienterade idéer. Fortsättningsvis kan idealister och artisanier porträtteras som motsatser, eftersom deras idéer var mindre genomförbara men rik på möjligheter på marknaden. Ett företag kan därför vertikalt översätta en kortsiktig lågrisk innovationsstrategi genom att sysselsätta rationella arketyper lämpligt. Likaså idealister och artisanier spelar in för att passa en långsiktig framtidsorienterad innovationsstrategi. / This report embarks to explore a new way to organise front-end innovation. Enhancing the models of current research that conclude to beneficial social network structures or heterogeneity ratios, this study aim to find ideal personality constellations within project teams - to make them powerful and useful. There is limited research given to how an individual’s personality traits in the context of a team impacts the potential of that team to innovate, yet it is vital to match up the right individuals in order to create desirable outcomes. Initial exploration provided insights to the key dimensions that makes an idea valuable; customer orientation, feasibility, market opportunity and strategic fit. The theoretical framework suggests that each of four personality archetypes (rationals, guardians, idealist and artisans) is naturally prone to produce ideas within one or more of those specific dimensions. Knowing the predominant type of ideas, which teams produce will allow for a better organisational structure to improve the flow of ideas. A meticulous methodology was designed to supply the quantitative and qualitative data needed for such conclusions. A personality test with 96 participants, followed by an ideation session granted for a sample of 179 ideas to be produced. Collaborations with external industry professionals facilitated for the categorisation of ideas according to the four idea utility dimensions. The empirical data was analysed within correlations and regressions to show that personalities have, in fact, a predictive impact that can be exploited. The archetype of rationals, on the one hand, was prone to produce feasible and customer orientated ideas. Alternatively, the idealist and artisan archetypes portrayed to opposite as their ideas were less feasible but rich in market opportunities. A firm can therefore vertically translate a short-term, low risk innovation strategy into tasking rationals appropriately. Likewise, idealists and artisans come into play to suit a long-term and future oriented innovation strategy. Organisation Front-End Innovation Personality Team Idea Management Organisation Front End Innovation Personlighet Team Idea Management Mechanical Engineering Maskinteknik
514	Analysis of German real estate funds: selection criteria for investment opportunities perspective Himbert, Esther January 2014 (has links) This study is focused on real estate funds formed in Germany and has two major purposes: first to investigate the liquidity crisis and followed change of the legal framework for German real estate funds and secondly to demonstrate the impact on investment selection criteria of German real estate investment companies . By both quantitative and qualitative methods the thesis approaches those two different purposes. The quantitative part provides theoretical background about the construct of open-end and closed-end real estate funds and about the triggers and effects of the liquidity crisis. The qualitative part consists of an online survey that was sent to German real estate investment companies in which respondents indicated their preferred criteria for real estate investment opportunities. Furthermore telephone interviews on this topic were conducted with four German real estate investment experts. In the end the findings from the survey and the interviews are applied to a case study about a trophy asset in Luxembourg, in order to analyze if this property meets the investment criteria of German real estate funds. The survey and the conducted interviews indicate that German real estate investment companies have adapted to the risk-averse investment behaviour of investors and preferably make safe haven investments in terms of the investment style, the location of the real estate asset and the characteristics of the property itself and its tenants. The case study as well confirms this result. Open-end real estate funds closed-end real estate funds liquidity crisis investment selection criteria Engineering and Technology Teknik och teknologier
515	ANIONIC SYNTHESIS OF FUNCTIONALIZED POLYMERS Janoski, Jonathan E. 01 December 2010 (has links) No description available. Chemistry Experiments Molecules Polymers Anionic Polymerization Functionalized Functional Polymer Chain end Chain-end Hydrosilation Hydrosilylation Living Lithium Polystyrene Polybutadiene
516	Improving Amphibian Barrier-ecopassages: Evaluating Fence-end Treatments to Mitigate the Fence-end Effect using Behavior Analysis Harman, Kristine Elisa 23 May 2022 (has links) No description available. Ecology Conservation Transportation Wildlife Conservation Wildlife Management Amphibians Road Ecology Barrier-ecopassage Fence-end Treatments Fence-end Effect
517	Key management with a trusted third party using LoRaWAN protocol : A study case for E2E security Ralambotiana, Miora January 2018 (has links) Nowadays, Internet of Things (IoT) applications are gaining more importance in people’s everyday life. Depending of their usage (for long or short distance communications, using low or high power devices, etc.), several standards exist. In this study, the focus is on Low Power Wide Area Networks (LPWAN) and particularly a protocol which is raising in popularity for long-range low-power communications in IoT: LoRaWAN. LoRaWAN is still at an early stage and has been mainly used in use cases where the network server was managing the keys ensuring confidentiality and integrity of the data. Gemalto has raised the issue of interest conflicts in the case where the network operator and the application provider are two distinct entities: if the end-device and the application server are exchanging sensitive data, the network server should not be able to read them. In order to solve this problem, an architecture using a trusted third party to generate and manage the keys has been implemented during this project. The following research aims at finding security threats and weaknesses on the confidentiality and integrity of the data and devices’ authentication in this study case. The LoRaWAN protocol and key management in general were studied first before describing the studied system and finding the possible attacks exploring its vulnerabilities on the mentioned points via an attack tree. These attacks were simulated in order to define their consequences on the system and according to them, security improvements on the architecture was proposed based on previous work on the topic and exploration on potential countermeasures. / Idag blir Internet av saker (IoT) applikationer allt viktigare i människors vardag. Beroende på användningen (för långeller kortdistanskommunikation, med låga eller höga effektenheter etc.) finns flera standarder. I denna studie ligger fokus på Low Power Wide Area Networks (LPWAN) och i synnerhet ett protokoll som ökar i popularitet för långsiktig lågkapacitetskommunikation i IoT: LoRaWAN. LoRaWAN är fortfarande på ett tidigt stadium och har i huvudsak använts i användarfall där nätverksservern hanterade nycklarna som säkerställer konfidentialitet och integritet av data. Gemalto har tagit upp frågan om intressekonflikter i det fall nätverksoperatören och programleverantören är två separata enheter: Om slutanordningen och applikationsservern utbyter känslig data, ska nätverksservern inte kunna läsa dem. För att lösa detta problem har en arkitektur som använder en betrodd tredje part för att generera och hantera nycklarna implementerats under det här projektet. Följande forskning syftar till att hitta säkerhetshot och svagheter om konfidentialiteten och integriteten hos data och enheternas autentisering i detta studiefall. LoRaWAN-protokollet och nyckelhanteringen i allmänhet kommer att studeras först innan författaren beskriver det studerade systemet och upptäcker de eventuella attacker som undersöker sårbarheten på de nämnda punkterna via ett angreppsträd. Dessa attacker kommer att simuleras för att definiera deras konsekvenser på systemet och enligt dem kommer säkerhetsförbättringar på arkitekturen att föreslås utifrån tidigare arbete med ämnet och undersökning av potentiella motåtgärder IoT LoRaWAN key management E2E security IoT LoRaWAN nyckelhantering end-to-end-säkerhet Computer and Information Sciences Data- och informationsvetenskap
518	A design of an iOS application prototype supporting the handling of issues in retail environments Lohse, Thim, Pettersson, Gustav January 2017 (has links) The development of new technology has made it possible for new ways of shopping. By providing more digital services in the physical stores, there is a possibility for the stores to provide a more ubiquitous and smart shopping experience for its customers. The report will present an iOS application prototype, as part of an ubiquitous store system concept, which will turn an iPhone into a temporary, integrated part of a smart store system concept. The purpose of the system is to enhance the shopping experience by reducing known non-technical issues such as perceived low level of service, lack of product information and the slow speed of the shopping process, with the use of technology based solutions, such as self-scanning with the use of an iPhone and indoor localization for easier navigation and faster service. The developed iOS application enables a user to scan any product, with a barcode, in the store and get further information about availability, color options and so forth. It will enables the user to request products from the staff members if sizes are not available in the actual store. It also provides easier and faster service with the use of indoor localization and positioning, to find the user or find product sections in the store faster. The focus of the report was the development of the iOS application prototype, and a case-study was used to evaluate the prototype in a retail store setting. The evaluation included a case scenario where participants were asked to perform three tasks related to a general shopping scenario, as well as the identified problems. The time difference to finish each task was observed and measured to determine the actual impact in time on each task, together with a survey to determine the perceived impact of the developed application prototype on each task. 83,3 % of the participants found it easier to navigate in the store, as well as getting product information with the use of the application. 66,3 % found that the application did not fully compensate the services generally provided by the store staff, but was a good complement. The overall experience of the application was positive, with emphasis on the scanning possibility in store, as well as the great concept with having indoor location. Further, a total time improvement of 31,6 % for the full scenario was achieved with the use of the application. The thesis conclude that an application can be designed to reduce some common time-related issues, such as low level of service, lack of product information and the slow speed of the shopping process. Although the proof of concept is deemed satisfactory, further work and test are needed to fully implement and integrate the prototype and store system concept in reality. / Utvecklingen av ny teknik har möjliggjort nya sätt att shoppa. Genom att förse de fysiska butikerna med fler digitala lösningar skapas det möjligheter för butiker att tillhandahålla en mer ubikvitär och smart shoppingupplevelse för sina kunder. Rapporten kommer att presentera en iOS-applikation prototyp, som en del av ett ubikvitär butikssystemskoncept, som kommer att göra en iPhone till en tillfällig integrerad del av ett smart butikssystemkoncept. Syftet med systemet är att förbättra shoppingupplevelsen genom att minska kända icketekniska problem som uppfattad låg servicenivå, brist på produktinformation och låg hastighet på shoppingprocessen, med hjälp av tekniskt baserade lösningar, som självskanning, med hjälp av en iPhone, och inomhuslokalisering för enklare navigering och snabbare service. Den utvecklade iOS-applikationen möjliggör för en användare att skanna en produkt, med streckkod, i butiken och få mer information om tillgänglighet, färgalternativ och så vidare. Den gör det även möjligt för användaren att begära produkter från personalen om storlekar inte finns tillgängliga i den aktuella butiken. Applikationen möjliggör också enklare och snabbare service med användning av inomhuslokalisering och positionering, för att hitta användaren eller hitta produktsektioner i butiken snabbare. Rapportens inriktning var utvecklingen av iOS-applikation prototypen, och en fallstudie användes för att utvärdera prototypen i en simulerad butikmiljö. I utvärderingen ingick ett scenario där deltagarna ombads utföra tre uppgifter relaterade till ett generellt köpescenario, samt de identifierade problemen. Tidsskillnaden för att slutfora varje uppgift observerades och mättes för att bestämma den aktuella effekten i tid för varje uppgift, tillsammans med en enkätundersökning för att bestämma den upplevda effekten av den utvecklade applikationsprototypen på varje uppgift. 83,3% av deltagarna fann det lättare att navigera i affären, samt att få produktinformation med användningen av applikationen. 66,3% fann att applikationen inte fullt ut kompenserade för de tjänster som allmänt tillhandahålls av butikspersonalen, men den ansågs vara ett bra komplement. Den övergripande upplevelsen av applikationen var positiv, med tonvikt på möjligheten att skanna varor själv i butiken, såväl som det bra konceptet med inomhuslokalisering. Vidare uppnåddes en total tidsförbättring på 31,6% för hela scenariot med användning av applikationen. Arbetet drar slutsatsen att en applikation kan utformas för att minska vissa vanliga tidsrelaterade problem, såsom låg servicenivå, brist på produktinformation och inköpsprocessens långsamma hastighet. Trots att “proof of concept” anses vara tillfredsställande krävs ytterligare arbete och tester för att fullt ut kunna implementera och integrera prototypoch butikssystemskonceptet i verkligheten. Computer and Information Sciences Data- och informationsvetenskap
519	Towards secure computation for people Issa, Rawane 23 June 2023 (has links) My research investigates three questions: How do we customize protocols and implementations to account for the unique requirement of each setting and its target community, what are necessary steps that we can take to transition secure computation tools into practice, and how can we promote their adoption for users at large? In this dissertation I present several of my works that address these three questions with a particular focus on one of them. First my work on "Hecate: Abuse Reporting in Secure Messengers with Sealed Sender" designs a customized protocol to protect people from abuse and surveillance in online end to end encrypted messaging. Our key insight is to add pre-processing to asymmetric message franking, where the moderating entity can generate batches of tokens per user during off-peak hours that can later be deposited when reporting abuse. This thesis then demonstrates that by carefully tailoring our cryptographic protocols for real world use cases, we can achieve orders of magnitude improvements over prior works with minimal assumptions over the resources available to people. Second, my work on "Batched Differentially Private Information Retrieval" contributes a novel Private Information Retrieval (PIR) protocol called DP-PIR that is designed to provide high throughput at high query rates. It does so by pushing all public key operations into an offline stage, batching queries from multiple clients via techniques similar to mixnets, and maintain differential privacy guarantees over the access patterns of the database. Finally, I provide three case studies showing that we cannot hope to further the adoption of cryptographic tools in practice without collaborating with the very people we are trying to protect. I discuss a pilot deployment of secure multi-party computation (MPC) that I have done with the Department of Education, deployments of MPC I have done for the Boston Women’s Workforce Council and the Greater Boston Chamber of Commerce, and ongoing work in developing tool chain support for MPC via an automated resource estimation tool called Carousels. Computer science Abuse reporting Differential privacy End to end encrypted messaging Message franking Private information retrieval Secure multi-party computation
520	Novel Architectures for Human Voice and Environmental Sound Recognitionusing Machine Learning Algorithms Dhakal, Parashar January 2018 (has links) No description available. Computer Engineering Electrical Engineering classifiers end-to-end architecture feature extraction machine learning speaker recognition voice interface background sound identification

Search results