• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 9
  • 3
  • 3
  • Tagged with
  • 16
  • 10
  • 9
  • 6
  • 4
  • 4
  • 4
  • 4
  • 4
  • 4
  • 4
  • 3
  • 3
  • 3
  • 3
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

A Comparison of OpenVPN and WireGuard on Android

Johansson, Vincent January 2024 (has links)
This paper investigates methods to secure communication between employee devices and the company network, namely virtual private networks (VPN), specifically for mobile devices using the Android operating system. Two widely used open-source protocols are compared for use in remote work, OpenVPN and Wire-Guard, to determine which has the more secure and efficient encryption method, and how these affect their performance. Three performance tests were done; a bandwidth test, a latency test, and a file transfer test to simulate a task employees would encounter during remote work. The tests were done by hosting the VPN servers using Linux containers, and a OnePlus 11 as the Android device.OpenVPN outperformed WireGuard with an average bandwidth of 131 Mbps compared to 124 Mbps using a WiFi connection, while WireGuard gave better results during the latency test, having an average latency of 25.86 ms compared to 28.62 ms using a WiFi connection. Despite OpenVPN showing better bandwidth results, WireGuard was significantly faster during the file transfer tests, performing the tasks in two-thirds of the time it took using OpenVPN. Based on the results from the file transfer test and having similar encryption strength as OpenVPN, WireGuard is concluded to be the preferred choice for remote work.
2

Multipath transport for virtual private networks

Lukaszewski, Daniel 03 1900 (has links)
Approved for public release; distribution is unlimited / Virtual Private Networks (VPNs) are designed to use the Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) to establish secure communication tunnels over public Internet. Multipath TCP (MPTCP) extends TCP to allow data to be delivered over multiple network paths simultaneously. This thesis first builds a testbed and investigates the potential of using MPTCP tunnels to increase the goodput of VPN communications and support seamless mobility. Based on the empirical results and an analysis of the MPTCP design in Linux kernels, we further introduce a full-multipath kernel, implementing a basic Multipath UDP (MPUDP) protocol into an existing Linux MPTCP kernel.We demonstrate the MPUDP protocol provides performance improvements over single path UDP tunnels and in some cases MPTCP tunnels. The MPUDP kernel should be further developed to include more efficient scheduling algorithms and path managers to allow better performance and mobility benefits seen with MPTCP. / Outstanding Thesis / Lieutenant, United States Navy
3

Automation för att skapa klientkonfigurationer : för OpenVPN med PiVPN.

Luks, Jesper January 2020 (has links)
Våren år 2020 spred sig viruset COVID-19 över hela världen. Detta ledde till att behovet att arbeta hemifrån ökade. Ett verktyg för att utföra sitt arbete hemifrån kan vara en VPN-anslutning. Med VPN-anslutningen är det möjligt att hemifrån ansluta till arbetsplatsens lokala nätverk och komma åt de resurser som finns där. Detta arbete beskriver kortfattat om VPN-teknologin OpenVPN och hur det använder certifikat för autentisering av klient och server. Det har även utvecklats ett skript som skapar klientkonfigurationer. Dessa konfigurationsfiler gör det möjligt att ansluta till en OpenVPN-server. Ett av de verktyg som används för att skapa en konfigurationsfil i detta arbete är PiVPN. PiVPN utvecklas och underhålls av användare på GitHub. Informationen som skriptet använder sig av för att skapa konfigurationsfiler kommer från en CSV-fil. Tester visar att det utvecklade skriptet är snabbare och mer effektivt än nuvarande tillgängliga metoder. Då det valda skriptspråket inte är anpassat för bearbetning av filinnehåll borde det kanske ha varit ett annat.
4

Implementing a Zero Trust Environmentfor an Existing On-premises Cloud Solution / Implementering av en Zero Trust miljö för en existerande påplats molnlösning

Pero, Victor, Ekman, Linus January 2023 (has links)
This thesis project aimed to design and implement a secure system for handling and safeguarding personal data. The purpose of the work is to prevent unauthorized actors from gaining access to systems and data. The proposed solution is a Zero Trust architecture which emphasizes strong security measures by design and strict access controls. The system must provide minimal access for users and should be integrated with the existing cloud-based infrastructure. The result is a system that leverages Keycloak for identity management and authentication services, GitLab to provide a code hosting solution, GPG for commit signing, and OpenVPN for network access. Through the utilization of Gitlab, Keycloak and OpenVPN the system achieved a comprehensive design for data protection, user authentication and network security. This report also highlights alternative methods, future enhancements and potential improvements to the completed system. / Målet med denna rapport är att designa och implementera ett säkert system för hantering och skydd av personlig data. Syftet med arbetet är att förhindra obehöriga att få tillgång till system och data. Den föreslagna lösningen är en Zero Trustarkitektur som betonar skärpta säkerhetsåtgärder genom design och strikta åtkomstkontroller. Systemet måste ge minimal åtkomst för användare som brukar det och integreras med den befintliga molnbaserade infrastrukturen. Resultatet är ett system som använder Keycloak för hantering av identiteter och autentisering, GitLab för att tillhandahålla ett kodarkiv där användare kan ladda upp sin kod, GPG för att signera commits, och OpenVPN för nätverksåtkomst. Genom användning av GitLab, Keycloak och OpenVPN uppnådde systemet en omfattande design för dataskydd, användarautentisering och nätverkssäkerhet. Denna rapport nämner också alternativa metoder, framtida och potentiella förbättringar av det färdiga systemet.
5

Evaluation of WireGuard and OpenVPN VPN solutions

Sabbagh, Mohammed, Anbarje, Ahmad January 2020 (has links)
This project evaluates two types of VPN solutions–WireGuard and OpenVPN.The evaluation is done by four different experiments to measure the maximum throughputof each of the VPN solutions, and a theoretical study on the encryption techniquesthat each VPN solution use. Experiments were conducted using a network performancemeasurement tool called IPerf. By applying static parameters that control themeasurements, such as transferring regular and zip file types, measuring throughputwhen the compression is enabled on the VPN channel and when it is disabled, also,applying measurements with the conditions of the same parameters but with differentoperating systems when using both VPN solutions.one of the measurement results shows that the throughput is about 93 Mbps forWireGuard comparing it with 56 Mbps and 59Mbps for OpenVPN when sendingregular and compressed files respectively.In conclusion, throughput can vary slightly depending on the measurement tooland the version of the software used. Also, the buffer of the measurement tool hasan important role when measuring the throughput, it gives different throughput andpacket loss results which depends on the size of that buffer. Moreover, According to atheoretical study, throughput can also vary depending on the speed of the encryptionalgorithm used. Both VPN solutions use many encryption algorithms, such as AESin OpenVPN, while WireGuard uses ChaCha20 with Poly1305.
6

Security integration in IP video surveillance systems

Paratsikidou, Natalia January 2014 (has links)
Video surveillance systems are a rapidly growing industry. As with most systems, this technology presents both opportunities and threats. The wide adoption of video surveillance systems by various businesses and individuals has raised some vital security issues.  Appropriately addressing these security issues is of great importance for video surveillance systems, as these systems may capture sensitive personal data and may attract numerous attacks. As of today nearly all devices have become networked (or are on their way to being connected to networks), hence eavesdropping is a common attack which can exploit a breach of a system’s security and result in data disclosure to unauthorised parties, video stream alterations, interference, and reduction of a system’s performance. Moreover, it is important that video surveillance systems are standardized by appropriate standardization organizations in order to assure high quality of the security services that utilize these systems and to facilitate interoperability. In this master thesis project rules and regulations concerning personal data protection were studied in order to define the requirements of the proposed robust and high quality security scheme that is to be integrated into video surveillance systems. This security scheme provides United States Federal Information (FIPS)* compliant security services by securing the communication channel between the system’s devices. The authentication of the system’s devices is established by using certificates and key exchanges. The proposed security scheme has been scrutinized in order to analyze its performance (and efficiency) in terms of overhead, increased jitter, and one-way delay variations.<p> Our implementation of the proposed security scheme utilized OpenVPN to provide privacy, integrity and authentication to the video streaming captured by Veracity’s clients and stored in Veracity’s proprietary NAS device (COLDSTORE). Utilization of OpenSSL FIPS Object module develops our security scheme in a FIPS compliant solution. For testing purposes, we created different test scenarios and collected data about the total delivery time of a video file, delivered from the IPCamera/NVR/DVR devices to the COLDSTORE device, the network overhead and lastly the one-way delay between the two endpoints. Another area of interest that we focus on is how to deploy certificates to new, existing, and replacement devices; and how this deployment may affect the system’s security design. In addition, we investigate the problems arising when a secured video stream needs to be played back via another device outside of our system’s network.The results of the thesis will be used as an input for product development activities by the company that hosted this thesis project. / Videoövervakningssystem är en växande industri. Precis som med de flesta systemen, har denna teknologi både möjligheter och risker. Den stora utspridningen av videoövervarkningssystemen har lett till essentiella säkerhetsrisker. Det ligger en stor vikt i att hantera säkerhetsrisker för videoövervakningssystem i och med att dessa system kan eventuellt fånga upp personlig data och därav attrahera attacker. Idag har nästan alla enheter blivit nätverksanslutna (eller är påväg att bli), vilket har lett till att avlyssning har blivit en vanlig attack. En avlyssnare kan exploatera en säkerhetsrisk och resultera i informationsläckor till obehöriga, videomanipulering, störningar, och reducerad prestanda i systemet. Det viktigt att videoövervakningssystem är standardiserade av lämpliga standardiseringsorganisationer för att säkra en hög kvalité i säkerhetstjänsterna som använder sig av dessa system och för att försäkra sig om kompatibilitet.<p> I den här examensarbetet studerade man regler och förordningar som har att göra med säkrandet av personlig data, för att kunna definiera kraven för det föreslagna robusta och högkvalitativa säkerhetsarkitekturen som skall integreras med videoövervakningssystemen.  Säkerhetsarkitekturen erbjuder United States Federal Information (FIPS)* kompatibla säkerhetstjänster genom att säkra kommunikationskanalen mellan systemets enheter.  Autentiseringen av systemets enheter sker genom att använda certifikat och nyckelutbyten.  Det föreslagna säkerhetsarkitekturen har granskats för att analysera dess prestanda vad gäller ineffektiviteter, ökade störningar och fördröjningar i envägs variationer. Vår genomförandet av den föreslagna systemet utnyttjas OpenVPN att tillhandahålla sekretess, integritet och autentisering till strömmande video fångades av Veracity kunder och lagras i Veracity egenutvecklade NAS-enhet (COLDSTORE). Utnyttjande av OpenSSL FIPS Objekt modulen utvecklar vår trygghet i ett FIPS-kompatibel lösning. För teständamål, skapade vi olika testscenarier och insamlade data om den totala leveranstiden för en videofil, som levereras från IPCamera / NVR / DVR-enheter till fryshus enhet, nätverket overhead och slutligen den enkelriktad fördröjning mellan de två ändpunkterna. Ett annat område av intresse som vi fokuserar på är certifikat för nya, existerande och ersättningsenheter; och hur det kan påverka systemets säkerhetsarkitektur. Utöver detta undersöker vi problemen som uppstår när en säkrad videoström behöver spelas upp i en enhet utanför systemets nätverk. Insatsen gjord i det här examensarbetet kommer användas som grund för produktutvecklingen av företaget där examensarbetet gjordes.
7

Performance evaluation of VPN solutions in multi-region kubernetes cluster

Yedla, Bharani Kumar January 2023 (has links)
Containerization is widely recognized as a form of lightweight virtualization in the cloud. Due to its reliability, maturity, and rich capabilities, kubernetes has established itself as the de-facto standard for deployments and maintenance of containers. The availability of a kubernetes cluster for a cloud-native application would depend on the availability of the zone or region where the nodes are running. In general, the kubernetes cluster is deployed in a single shared network, but for higher availability, the nodes of the kubernetes cluster can be deployed in multiple regions. Deploying a multi-region kubernetes cluster aids in providing high availability for the service, allowing the data to be located closer to users, even when they are dispersed globally. However, with greater benefits come greater challenges, and networking in multi-region kubernetes clusters has proven to be a complex issue. Usually, kubernetes in a multi-region environment can be achieved by using tunneling across the worker nodes that are located in multiple regions and by using the VPN protocols as an overlay network. In this thesis, I investigated the performance of different VPN solutions in a multi-region kubernetes cluster and examine how these VPN solutions support kubernetes deployment. A literature review is conducted to identify the most common factors influencing VPN performance and to gather information on the differences between VPN solutions. I compared the response times of the multi-region Kubernetes cluster deployed with VPN solutions to the response times of the single shared region Kubernetes cluster also deployed with VPN solutions. This comparison allowed me to evaluate the performance of the VPN solution in a multi-region Kubernetes cluster. The aim of this thesis is to present the most influential factors, an overview of proposed VPN solutions, and performance comparisons of different VPN solutions in a multi-region kubernetes cluster.
8

Exploring Alternative Routes Using Multipath TCP

Brennan, Stephen 30 August 2017 (has links)
No description available.
9

Analyzing the Impact of Cloud Infrastructure on VPN Performance: A Comparison of Microsoft Azure and Amazon Web Services

Wallin, Filip, Putrus, Marwin January 2024 (has links)
In recent years, the interest and utilization of VPNs and cloud computing have surged, which has led to the development of Cloud VPNs. Cloud VPNs are often used to give employers access to company resources over a secured and trusted network, but individuals can also use them. Cloud computing offers numerous advantages, including cost efficiency, scalability, security, and reliability. Companies and individuals widely use it to streamline operations, reduce expenditures, and leverage technologies without the need to maintain on-premise infrastructure. Cloud-based solutions impose specific requirements on technologies designed to operate in the cloud, which include security, efficient resource management, and high network availability and performance. In this thesis, we will analyze and evaluate the network performance impact that Amazon Web Services (AWS) and Microsoft Azure, two of the market-leading cloud platforms, have on the VPN services OpenVPN and WireGuard while considering associated operational costs and user complexity. The network performance impact is evaluated through measuring the throughput, latency, jitter, and packet loss. We have performed experiments divided into three setups, each simulating different traffic patterns, and VPN usage scenarios. Throughout these experiments, we observed and documented the user complexity related to setup, installation, and configuration processes. Our findings indicate that Azure has the best overall network throughput across all setups, fewer retransmissions, and fewer packet losses. Conversely, AWS exhibits lower latency and jitter. Additionally, our assessment of operational costs and user complexity reveals that Azure offers lower associated costs but a higher user complexity. Furthermore, our experiments identified that WireGuard, when paired with Azure, offers the best VPN solution.
10

Vilken mjukvarubaserad fjärranslutningslösning är passande för ett mindre företag?

Hurtig, Andreas, Gisslar, Thomas, Karlsson, Alexander January 2009 (has links)
<p> </p><p>Syftet med denna undersökning är att ta reda på vilken mjukvarubaserad fjärranslutningslösning som passar för ett mindre företag, då de har mindre ekonomiska tillgångar än ett större företag behöver de vara mer noggranna med sina produktval. Arbetet är utfört med litteraturstudier och en enkätundersökning till ett tiotal mindre företag, samt en laborationsmiljö där tester av de olika fjärranslutningslösningarnas egenskaper har utförts.</p><p>Område valdes då ämnet fjärranslutning knappt behandlads under utbildningstiden, och fördjupar sig därför inom området.</p><p>Resultatet visar vad mindre företag anser vara de viktigaste egenskaperna med en fjärranslutningslösning. Även de värden som uppkom vid tester i laborationsmiljön kommer att presenteras i resultatet. De samlade resultaten kommer sedan visa på vilken mjukvarubaserad lösning som passar bäst för ett mindre företag.</p><p> </p> / <p><p>The purpose of this survey is to figure out which software based remote access solution that fits a smaller company, hence they have less economy assets than a larger company they need to be more thorough with their products of choice. The work is performed with literature studies and a survey of a dozen smaller companies, and also a laboratory environment where properties of the different remote access solutions are performed.</p><p>This area was chosen because the subject of remote access scarcely was treated during our education, and become engrossed in this area.</p><p>The result shows what the companies consider to be the most important properties with a remote access and also the products results from the tests. Also the values that occurred during testing in a laboratory environment will be presented in the results. The combined results will then show which software-based solution that is best suited for a small company.</p></p>

Page generated in 0.0439 seconds