Global ETD Search

61	Storage Systems and Security Challenges in Telemetry Post Processing Environments Kalibjian, Jeff 10 1900 (has links) ITC/USA 2008 Conference Proceedings / The Forty-Fourth Annual International Telemetering Conference and Technical Exhibition / October 27-30, 2008 / Town and Country Resort & Convention Center, San Diego, California / A common concern in telemetry post-processing environments is adequate disk storage capacity to house captured and post-processed telemetry data. In today's network environments there are many storage solutions that can be deployed to address storage needs. Recent trends in storage systems reveal movement to implement security services in storage systems. After reviewing storage options appropriate for telemetry post-processing environments; the security services such systems typically offer will also be discussed and contrasted with other third party security services that might be implemented directly on top of a networked storage system. Storage security Network Attached Storage (NAS) Storage Area Networks (SAN) disk arrays key management symmetric key cryptography dual asymmetric key cryptography digitial signature
62	Securing Telemetry Post Processing Applications with Hardware Based Security Kalibjian, Jeff 10 1900 (has links) International Telemetering Conference Proceedings / October 18-21, 2004 / Town & Country Resort, San Diego, California / The use of hardware security for telemetry in satellites utilized for intelligence and defense applications is well known. Less common is the use of hardware security in ground-based computers hosting applications that post process telemetry data. Analysis reveals vulnerabilities in software only security solutions that can result in the compromise of telemetry data housed on ground-based computer systems. Such systems maybe made less susceptible to compromise with the use of hardware based security. Hardware Security Modules (HSM) Hardware Security Module Hybrids (HSMH) Common Criteria (CC) security boundary key management
63	Telemetry Post-Processing in the Clouds: A Data Security Challenge Kalibjian, J. R. 10 1900 (has links) ITC/USA 2011 Conference Proceedings / The Forty-Seventh Annual International Telemetering Conference and Technical Exhibition / October 24-27, 2011 / Bally's Las Vegas, Las Vegas, Nevada / As organizations move toward cloud [1] computing environments, data security challenges will begin to take precedence over network security issues. This will potentially impact telemetry post processing in a myriad of ways. After reviewing how data security tools like Enterprise Rights Management (ERM), Enterprise Key Management (EKM), Data Loss Prevention (DLP), Database Activity Monitoring (DAM), and tokenization are impacting cloud security, their effect on telemetry post-processing will also be examined. An architecture will be described detailing how these data security tools can be utilized to make telemetry post-processing environments in the cloud more robust. Data security network security cloud computing Enterprise Rights Management (ERM) Enterprise Key Management (EKM) Data Loss Prevention (DLP) Database Activity Monitoring (DAM) tokenization
64	Securing wireless sensor and vehicular networks / Sécurité des réseaux de capteurs et des communications véhiculaires Ben Jaballah, Wafa 08 January 2014 (has links) Les Réseaux de Capteurs Sans Fils (RCSFs) et les réseaux véhiculaires sont de plus en plus répandus, et déployés dans des domaines d’applications variés tels que la santé, la surveillance environnementale, les applications d’alerte d’accident, et les applications militaires. Cependant, ces réseaux peuvent être sujets à des attaques, ce qui empêche leur utilisation à grande échelle. Cette thèse étudie la sécurité des communications pour les réseaux de capteurs sans fils, et les communications inter-véhiculaires. Dans ce but, nous abordons quatre aspects importants. La première étude porte sur l’authentification des messages diffusés dans les réseaux de capteurs. Nous nous concentrons sur les principaux schémas à base de divulgation de clés d’authentification. Nous démontrons que le délai de divulgation de clé induit un délai d’authentification, ce qui pourrait conduire à une attaque de mémoire de déni de service. Nous proposons ensuite deux protocoles d’authentification de la source dans les RCSFs, pour surmonter la vulnérabilité des solutions existantes. Les schémas proposés garantissent la gestion efficace de la mémoire tampon du récepteur, en utilisant un mécanisme d’authentification par niveau, et une structure de Filtre de Bloom afin de réduire le coût de communication. Ensuite, nous validons nos protocoles en utilisant l’outil de vérification AVISPA, et nous les évaluons avec des expérimentations dans l’environment TinyOS. Nous confirmons que ces protocoles fournissent un service d’authentification de la source tout en respectant les contraintes de RCSFs. La seconde étude porte sur le problème de stockage au niveau des capteurs. Nous considérons en particulier l’attaque d’authentification différée “Delayed Authentication Compromise” (DAC) dans les RCSFs, qui permet à un attaquant d’utiliser une clé déjà divulguée pour signer d’autres messages. Nous montrons d’abord que les systèmes récemment proposés qui sont résistants également à l’attaque DAC sont vulnérables aussi à deux types d’attaques: attaque de permutation de commandes (où un adversaire prétend “permuter” deux messages au fil du temps), et l’attaque de rejet de commandes (où un adversaire semble “cacher” un message envoyé par la station de base). Nous proposons ensuite une nouvelle solution d’authentification. Notre analyse montre que notre solution est efficace pour détecter à la fois l’attaque de permutation de commandes et l’attaque de rejet de commandes, — et en même temps — est plus efficace (en termes de communication et de calcul) que les solutions existantes. xxiDans la troisième étude, nous considérons le problème de la sécurité de la gestion des clés dans les réseaux de capteurs. Nous présentons de nouveaux schémas d’authentification à base de clés symétriques qui présentent un faible coût d’authentification et de communication. Nos systèmes sont construits en intégrant un mécanisme de réputation, un filtre de Bloom, et un arbre binaire de clés pour la distribution et la mise à jour des clés d’authentification. Nos schémas d’authentification sont efficaces en matière de communication et de consommation de l’énergie. La quatrième étude porte sur la sécurité des communications véhiculaires. Nous nous concentrons sur les applications d’alerte d’accident. Nous analysons les menaces pour un ensemble d’algorithmes. Nous démontrons que ces systèmes sont vulnérables à l’attaque d’injection d’une fausse position, à l’attaque de rejeu de message d’alerte, et à l’attaque d’interruption de message d’alerte. Ensuite, nous proposons des contre-mesures à ces menaces. Nous avons donc proposé une solution qui est à la fois rapide et sécurisée pour les applications d’alerte d’accident : Un algorithme rapide et sécurisé pour la diffusion des messages en multi-saut (FS-MBA). Enfin, nous confirmons l’efficacité et la faisabilité des différents protocoles en effectuant un ensemble de simulations sous le simulateur NS-2. / Wireless sensor and vehicular networks play an important role in critical military and civil applications, and pervade our daily life. However, security concerns constitute a potential stumbling block to the impeding wide deployment of sensor networks and vehicular communications. This dissertation studies communication security for Wireless Sensor Networks (WSNs), and vehicular communication. To this aim, we address four important aspects. The first study addresses broadcast authentication in WSNs. We focus on key disclosure based schemes. We demonstrate that key disclosure delay induces an authentication delay, which could lead to a memory DoS attack. We then propose two broadcastauthentication protocols for WSNs, which overcome the security vulnerability of existingsolutions. The proposed schemes guarantee the efficient management of receiver’s buffer, by employing a staggered authentication mechanism, and a Bloom filter data structure to reduce the communication overhead. We also validate our protocols under the AVISPA model checking tool, and we evaluate them with experiments under TinyOS. Our findings are that these protocols provide source authentication service while respecting the WSN constraints.The second study addresses the storage issue in WSNs, in particular the Delayed AuthenticationCompromise attack (DAC). We first demonstrate that recently proposed schemes, which also address the DAC issue are vulnerable to two kinds of attacks: switch command attack (where an adversary pretends to “switch” two messages over time), and drop command attack (where an adversary just pretends to “hide” a message sent from the broadcaster). As a countermeasure against these attacks, we propose a new solution for broadcast authentication. Our analysis shows that our solution is effective in detecting both switch command and drop command attack, and—at the same time—is more efficient (in terms of both communication and computation) than the state of the art solutions.In the third study, we address key management security in WSNs. We present novel symmetric-key-based authentication schemes which exhibit low computation and communication authentication overhead. Our schemes are built upon the integration of a reputation mechanism, a Bloom filter, and a key binary tree for the distribution and updating of the auxviii thentication keys. Our schemes are lightweight and efficient with respect to communication and energy overhead. The fourth study addresses security in vehicular communications. We focus on fast multi hop broadcast applications. We analyze the security threats of state of the art vehicular based safety applications. We demonstrate that these schemes are vulnerable to the position cheating attack, the replay broadcast message attack, and the interrupting forwarding attack. Then, we propose countermeasures for these threats. We hence propose a complete solution which is both fast and secure in broadcasting safety related messages: Fast and Secure Multi-hop Broadcast Algorithm (FS-MBA). Finally, we confirm the efficiency and feasibility of our proposals using an extensive set of simulations under NS-2 Simulator. Sécurité Gestion des clés Attaques Source Authentication in WSNs Security Secure Vehicular Communications Key management Attacks
65	Coloration d’arêtes ℓ-distance et clustering : études et algorithmes auto-stabilisants / L-distance-edge-coloring and clustering : studies and self-stabilizing algorithms Drira, Kaouther 14 December 2010 (has links) La coloration de graphes est un problème central de l’optimisation combinatoire. C’est un domaine très attractif par ses nombreuses applications. Différentes variantes et généralisations du problème de la coloration de graphes ont été proposées et étudiées. La coloration d’arêtes d’un graphe consiste à attribuer une couleur à chaque arête du graphe de sorte que deux arêtes ayant un sommet commun n’ont jamais la même couleur, le tout en utilisant le moins de couleurs possibles. Dans la première partie de cette thèse, nous étudions le problème de la coloration d’arêtes ℓ-distance, qui est une généralisation de la coloration d’arêtes classique. Nous menons une étude combinatoire et algorithmique du paramètre. L’étude porte sur les classes de graphes suivantes : les chaines, les grilles, les hypercubes, les arbres et des graphes puissances. Le paramètre de la coloration d’arêtes ℓ-distance permet de modéliser des problèmes dans des réseaux assez grands. Cependant, avec la multiplication du nombre de nœuds, les réseaux sont de plus en plus vulnérables aux défaillances (ou pannes). Dans la deuxième partie, nous nous intéressons aux algorithmes tolérants aux pannes et en particulier les algorithmes auto-stabilisants. Nous proposons un algorithme auto-stabilisant pour la coloration propre d’arêtes. Notre solution se base sur le résultat de vizing pour utiliser un minimum de couleurs possibles. Par la suite, nous proposons un algorithme auto-stabilisant de clustering destine a des applications dans le domaine de la sécurité dans les réseaux mobiles Ad hoc. La solution que nous proposons est un partitionnement en clusters base sur les relations de confiance qui existent entre nœuds. Nous proposons aussi un algorithme de gestion de clés de groupe dans les réseaux mobiles ad hoc qui s’appuie sur la topologie de clusters préalablement construite. La sécurité de notre protocole est renforcée par son critère de clustering qui surveille en permanence les relations de confiance et expulse les nœuds malveillants de la session de diffusion. / Graph coloring is a famous combinatorial optimization problem and is very attractive for its numerous applications. Many variants and generalizations of the graph-coloring problem have been introduced and studied. An edge-coloring assigns a color to each edge so that no two adjacent edges share the same color. In the first part of this thesis, we study the problem of the ℓ-distance-edge-coloring, which is a generalization of the classical edge-coloring. The study focuses on the following classes of graphs : paths, grids, hypercubes, trees and some power graphs. We are conducting a combinatorial and algorithmic study of the parameter. We give a sequential coloring algorithm for each class of graph. The ℓ-distance-edge-coloring is especially considered in large-scale networks. However, with the increasing number of nodes, networks are increasingly vulnerable to faults. In the second part, we focus on fault-tolerant algorithms and in particular self-stabilizing algorithms. We propose a self-stabilizing algorithm for proper edge-coloring. Our solution is based on Vizing’s result to minimize number of colors. Subsequently, we propose a selfstabilizing clustering algorithm for applications in the field of security in mobile ad hoc networks. Our solution is a partitioning into clusters based on trust relationships between nodes. We also propose a group key-management algorithm in mobile ad hoc networks based on the topology of clusters previously built. The security of our protocol is strengthened by its clustering criterion which constantly monitors trust relationships and expels malicious nodes out of the multicast session. Coloration d’arêtes Algorithmes Auto-stabilisation Clustering Réseaux mobiles ad hoc Gestion de clés Edge-coloring Algorithms Self-stabilization Clustering Mobiles ad hoc networks Key-management 004
66	Key Distribution In Wireless Sensor Networks Gupta, Abhishek 06 1900 (has links) In the last few years, wireless sensor networks (WSNs) have become a very actively researched area. The impetus for this spurt of interest were developments in wireless technologies and low-cost VLSI, that made it possible to build inexpensive sensors and actuators. Each such device has limited computational power, memory and energy supply. Nevertheless, because of the low cost, such devices can be deployed in large numbers, and can thereafter form a sensor network. Usually, one or more base stations are also present which act as sink nodes. When sensors are deployed in hostile environments, security becomes an integral part for such type of networks. A first step in this direction is to provide secure communication between any two nodes and between a node and the base station. Since the public key cryptographic techniques are computationally expensive for resource constrained sensors, one need to rely on symmetric key cryptography for secure communication. The distribution and management of cryptographic keys poses a unique challenge in sensor networks. One requires efficient key distribution algorithms for such type of networks. In this thesis, we address the problem of secure path key establishment in wireless sensor networks. We first propose a pairwise key distribution algorithm for probabilistic schemes. Inspired by the recent proxy-based schemes, we introduce a friend-based scheme for establishing pairwise keys securely. We show that the chances of finding friends in a neighbourhood are considerably more than that of finding proxies, leading to lower communication overhead. Further, we prove that the friend-based scheme performs better than the proxy-based scheme both in terms of resilience against node capture as well as in energy consumption for pairwise key establishment. A recent study has shown that the advantages of the probabilistic approach over the deterministic approach, are not as much as people have believed. Thus, we focus our attention on deterministic schemes in which we first discuss why one cannot use the conventional security measure for determining the resilience of a key distribution scheme in case of schemes in which nodes share more than one key. Then, we propose a new and a more general security metric for measuring the resilience of a key distribution scheme in wireless sensor networks. Further, we present a polynomial-based scheme and a novel complete connectivity scheme for distributing keys to sensors and show an analytical comparison, in terms of security and connectivity, between the schemes. Motivated by the schemes, we derive general expressions for the new security measure and the connectivity. A number of conclusions are made using these general expressions. Then, we conclude our work with a number of future directions that can be followed with this piece of work. Wireless Communication Networks Sensors Detectors Sensor Network Security Wireless Sensor Networks (WSNs) Key Distribution Algorithms Pairwise Keys Key Management Key Distribution Communciation Engineering
67	Ασφαλή και έμπιστα πρωτόκολλα επικοινωνιών με χρήση κρυπτογραφίας και κρυπτανάλυσης Λιάγκου, Βασιλική 24 October 2008 (has links) Στην διδακτορική διατριβή αναπτύξαμε ασφαλή και έμπιστα πρωτόκολλα επικοινωνιών εισάγοντας ένα νέο μοντέλο έμπιστου συστήματος που ικανοποιεί τις συνεχώς εξελισσόμενες απαιτήσεις των υπολογιστικών συστημάτων. Για την ανάπτυξη του μοντέλου μας συνδυάσαμε την μαθηματική λογική και τα φαινόμενα κατωφλίου που προκύπτουν ασυμπτωτικά στην ανάπτυξη των συνδυαστικών δομών. Η βασική ιδέα της διδακτορικής διατριβής είναι ότι στα δυναμικά γενικά συστήματα υπολογισμού δεν μπορεί η έννοια της εμπιστοσύνης και της ασφάλειας να είναι στατική. Πιστεύουμε ότι ένα έμπιστο και ασφαλές σύστημα θα πρέπει να μελετάται με στατιστικές, ασυμπτωτικές παραμέτρους, καθώς τα τμήματα του συστήματος εξελίσσονται. Κατά συνέπεια, ο κύριος στόχος μας είναι να καθορίσουμε την εμπιστοσύνη ως μια ιδιότητα του συστήματος που «εμφανίζεται» όταν ισχύουν ασυμπωτικά, σχεδόν βέβαια ένα σύνολο λογικών ιδιοτήτων στις τυχαίες δομές επικοινωνίας, οι οποίες διαμορφώνουν τα συστήματα υπολογισμού. Στην διδακτορική διατριβή καθορίζονται διάφορες ιδιότητες που σχετίζονται με την ασφάλεια και εμπιστοσύνη του συστήματος και εκφράζονται χρησιμοποιώντας την λογική πρώτης ή δεύτερης τάξης και ταυτόχρονα ορίζονται και οι προϋποθέσεις κάτω από τις οποίες αυτές οι ιδιότητες εμφανίζονται στο όριο τους, καθώς το σύστημα αυξάνεται. Στην παρούσα εργασία χρησιμοποιούμε μοντέλα γράφων που μπορούν ρεαλιστικά να περιγράψουν ένα δυναμικό και συνεχώς εξελισσόμενο δίκτυο και δείχνουμε ότι αυτά τα μοντέλα μπορεί να χρησιμοποιηθούν για να ικανοποιούν διάφορες ``καλές'' ιδιότητες, οι οποίες του επιτρέπουν μια ασφαλή επικοινωνία. Το τελευταίο διάστημα παρουσιάζουν αρκετό ερευνητικό και επιστημονικό ενδιαφέρον τα ασύρματά δίκτυα που χρησιμοποιούν συσκευές με μικρούς πόρους σε μνήμη και ενέργεια. Επιπλέον η διδακτορική διατριβή περιλαμβάνει τον σχεδιασμό και την υλοποίηση νέων κρυπτογραφικών πρωτοκόλλων διαχείρισης κλειδιού σε τέτοια ασύρματα δυναμικά δίκτυα . Εδώ παρουσιάζουμε κρυπτογραφικά πρωτόκολλα που είναι κατάλληλα για μια μη στατική δομή δικτύου, τα οποία δεν απαιτούν συγκεκριμένη τοπολογία δικτύου και στηρίζονται μόνο στις απλές περιορισμένου φάσματος ανταλλαγές μηνυμάτων. Για να μπορέσουμε να αναπτύξουμε αυτά τα πρωτόκολλα βασιστήκαμε σε γνωστές κρυπταναλιτικές μεθόδους χρησιμοποιώντας πρωτόκολλα κρυπτογράφησης και αποκρυπτογράφησης. Τέλος η μελέτη μας δίνει έμφαση στα πλεονεκτήματα και τα μειονεκτήματα των πρωτοκόλλων μας δεδομένης της διαθέσιμης τεχνολογίας, των αντίστοιχων κριτηρίων αποδοτικότητας (ενέργεια, χρόνος) και του παρεχόμενου επιπέδου ασφάλειας. / In this Phd thesis,, we try to use formal logic and threshold phenomena that asymptotically emerge with certainty in order to build new trust models and to evaluate the existing one. The departure point of our work is that dynamic, global computing systems are not amenable to a static viewpoint of the trust concept, no matter how this concept is formalized. We believe that trust should be a statistical, asymptotic concept to be studied in the limit as the system's components grow according to some growth rate. Thus, our main goal is to define trust as an emerging system property that ``appears'' or "disappears" when a set of properties hold, asymptotically with probability$ 0$ or $1$ correspondingly . Here we try to combine first and second order logic in order to analyze the trust measures of specific network models. Moreover we can use formal logic in order to determine whether generic reliability trust models provide a method for deriving trust between peers/entities as the network's components grow. Our approach can be used in a wide range of applications, such as monitoring the behavior of peers, providing a measure of trust between them, assessing the level of reliability of peers in a network. Wireless sensor networks are comprised of a vast number of ultra-small autonomous computing, communication and sensing devices, with restricted energy and computing capabilities, that co-operate to accomplish a large sensing task. Sensor networks can be very useful in practice. Such systems should at least guarantee the confidentiality and integrity of the information reported to the controlling authorities regarding the realization of environmental events. Therefore, key establishment is critical for the protection in wireless sensor networks and the prevention of adversaries from attacking the network. Finally in this dissertation we also propose three distributed group key establishment protocols suitable for such energy constrained networks. This dissertation is composed of two parts. Part I develops the theory of the first and second order logic of graphs - their definition, and the analysis of their properties that are expressible in the {\em first order language} of graphs. In part II we introduce some new distributed group key establishment protocols suitable for sensor networks. Several key establishment schemes are derived and their performance is demonstrated. Κρυπτογραφία Εμπιστοσύνη Ασφάλεια 005.82 Trust Security Comunication protocols Group key management protocols Sensors networks Cryptography
68	Crypto-processor - architecture, programming and evaluation of the security Gaspar, Lubos 16 November 2012 (has links) (PDF) Architectures of cryptographic processors and coprocessors are often vulnerable to different kinds of attacks, especially those targeting the disclosure of encryption keys. It is well known that manipulating confidential keys by the processor as ordinary data can represent a threat: a change in the program code (malicious or unintentional) can cause the unencrypted confidential key to leave the security area. This way, the security of the whole system would be irrecoverably compromised. The aim of our work was to search for flexible and reconfigurable hardware architectures, which can provide high security of confidential keys during their generation, storage and exchange while implementing common symmetric key cryptographic modes and protocols. In the first part of the manuscript, we introduce the bases of applied cryptography and of reconfigurable computing that are necessary for better understanding of the work. Second, we present threats to security of confidential keys when stored and processed within an embedded system. To counteract these threats, novel design rules increasing robustness of cryptographic processors and coprocessors against software attacks are presented. The rules suggest separating registers dedicated to key storage from those dedicated to data storage: we propose to partition the system into the data, cipher and key zone and to isolate the zones from each other at protocol, system, architectural and physical levels. Next, we present a novel HCrypt crypto-processor complying with the separation rules and thus ensuring secure key management. Besides instructions dedicated to secure key management, some additional instructions are dedicated to easy realization of block cipher modes and cryptographic protocols in general. In the next part of the manuscript, we show that the proposed separation principles can be extended also to a processor-coprocessor architecture. We propose a secure crypto-coprocessor, which can be used in conjunction with any general-purpose processor. To demonstrate its flexibility, the crypto-coprocessor is interconnected with the NIOS II, MicroBlaze and Cortex M1 soft-core processors. In the following part of the work, we examine the resistance of the HCrypt cryptoprocessor to differential power analysis (DPA) attacks. Following this analysis, we modify the architecture of the HCrypt processor in order to simplify its protection against side channel attacks (SCA) and fault injection attacks (FIA). We show that by rearranging blocks of the HCrypt processor at macroarchitecture level, the new HCrypt2 processor becomes natively more robust to DPA and FIA. Next, we study possibilities of dynamically reconfiguring selected parts of the processor - crypto-coprocessor architecture. The dynamic reconfiguration feature can be very useful when the cipher algorithm or its implementation must be changed in response to appearance of some vulnerability. Finally, the last part of the manuscript is dedicated to thorough testing and optimizations of both versions of the HCrypt crypto-processor. Architectures of crypto-processors and crypto-coprocessors are often vulnerable to software attacks targeting the disclosure of encryption keys. The thesis introduces separation rules enabling crypto-processor/coprocessors to support secure key management. Separation rules are implemented on novel HCrypt crypto-processor resistant to software attacks targetting the disclosure of encryption keys Secure crypto-processor Secure crypto-coprocessor Secure key management Separation rules HCrypt Secure reconfiguration FPGA
69	Implementa??o e an?lise de desempenho dos protocolos de criptografia neural e Diffie-Hellman em sistemas RFID utilizando uma plataforma embarcada Firmino Filho, Jos? Mac?do 16 December 2009 (has links) Made available in DSpace on 2014-12-17T14:55:40Z (GMT). No. of bitstreams: 1 JoseMF.pdf: 585000 bytes, checksum: d743090da952a3d8b178ffb4048abd4b (MD5) Previous issue date: 2009-12-16 / Coordena??o de Aperfei?oamento de Pessoal de N?vel Superior / RFID (Radio Frequency Identification) identifies object by using the radio frequency which is a non-contact automatic identification technique. This technology has shown its powerful practical value and potential in the field of manufacturing, retailing, logistics and hospital automation. Unfortunately, the key problem that impacts the application of RFID system is the security of the information. Recently, researchers have demonstrated solutions to security threats in RFID technology. Among these solutions are several key management protocols. This master dissertations presents a performance evaluation of Neural Cryptography and Diffie-Hellman protocols in RFID systems. For this, we measure the processing time inherent in these protocols. The tests was developed on FPGA (Field-Programmable Gate Array) platform with Nios IIr embedded processor. The research methodology is based on the aggregation of knowledge to development of new RFID systems through a comparative analysis between these two protocols. The main contributions of this work are: performance evaluation of protocols (Diffie-Hellman encryption and Neural) on embedded platform and a survey on RFID security threats. According to the results the Diffie-Hellman key agreement protocol is more suitable for RFID systems / Identifica??o por r?dio freq??ncia, tamb?m chamada de RFID (Radio Frequency Identification), representa uma tecnologia de transmiss?o de dados sem fio. Estes dados s?o relacionados principalmente a c?digos de identifica??o. A tecnologia RFID vem apresentando um grande potencial de utiliza??o em setores da automa??o industrial, residencial e hospitalar. No entanto, estas aplica??es podem resultar em riscos a seguran?a e privacidade dos usu?rios. Recentemente, pesquisadores v?m apresentando poss?veis solu??es as amea?as de seguran?a da tecnologia. Entre estas solu??es est?o os protocolos de distribui??o de chaves criptogr?ficas. O presente trabalho tem como objetivo realizar uma avalia??o de desempenho dos protocolos de Criptografia Neural e Diffie-Hellman na gera??o de chaves em sistemas RFID. Para isso, iremos mensurar o tempo de processamento destes protocolos. Para os testes foi desenvolvido uma plataforma em FPGA (Field-Programmable Gate Array) com o processador embarcado Nios IIr. Sobre esta plataforma foram utilizados os protocolos de Criptografia Neural e Diffie-Hellman no processo de gera??o de chaves criptogr?ficas. A metodologia de pesquisa baseia-se na agrega??o de conhecimento ao desenvolvimento de novos sistemas RFID atrav?s de uma an?lise comparativa entre esses dois protocolos de seguran?a da informa??o. As principais contribui??es deste trabalho s?o: avalia??o de desempenho dos protocolos (Diffie- Hellman e Criptografia Neural) em uma plataforma embarcada e um levantamento bibliogr?fico de pesquisas relacionadas ? seguran?a da informa??o em sistemas RFID. Nos resultados obtidos foi poss?vel observar que o protocolo de Diffie-Hellman ? mais apropriado para sistemas RFID Seguran?a e Privacidade em Sistemas RFID Criptografia Neural Diffie-Hellman Gerenciamento de Chaves Security and Privacy for RFID Systems Neural Cryptography iffie-Hellman Key Management Protocol CNPQ::ENGENHARIAS::ENGENHARIA ELETRICA
70	GDPR: Securing Personal Data in Compliance with new EU-Regulations Bitar, Hadi, Jakobsson, Björn January 2017 (has links) New privacy regulations bring new challenges to organizations that are handling and processing personal data regarding persons within the EU. These challenges come mainly in the form of policies and procedures but also with some opportunities to use technology often used in other sectors to solve problems. In this thesis, we look at the new General Data Protection Regulation (GDPR) in the EU that comes into full effect in May of 2018, we analyze what some of the requirements of the regulation means for the industry of processing personal data, and we look at the possible solution of using hardware security modules (HSMs) to reach compliance with the regulation. We also conduct an empirical study using the Delphi method to ask security professionals what they think the most important aspects of securing personal data, and put that data in relation to the identified compliance requirements of the GDPR to see what organizations should focus on in their quest for compliance with the new regulation. We found that a successful implementation of HSMs based on industry standards and best practices address four of the 35 identified GDPR compliance requirements, mainly the aspects concerning compliance with anonymization through encryption, and access control. We also deduced that the most important aspect of securing personal data according to the experts of the Delphi study is access control followed by data inventory and classification. GDPR General Data Protection Regulation Data Protection Personal Data EU European Union Encryption Key Management Hardware Security Module HSM Delphi Study Compliance Computer and Information Sciences Data- och informationsvetenskap

Search results