Global ETD Search

81	Design systems in the Public Key Infrastructure area : Usability, ethics, and impact Lucchetta, Jessica January 2022 (has links) This research was conducted in the field of public key infrastructures (PKI). This sector is highly confidential and deals with managing security through encryption. The products in this area are technical: the user interface and user experience aspects are not prioritized and they are usually ignored or downplayed. Neglecting these aspects can lead to different ethical risks not only to the company but also to its customers. In the field of public key infrastructures, design is, therefore, a matter of ethical concern. The purpose of this research is to analyse what are the ethical risks and principles that should be taken into consideration when creating a design system for public key infrastructure products. To find an answer, the study was divided into 3 phases. A preliminary analysis was carried out to identify possible ethical principles, subsequently, two rounds of interviews were conducted with 8 employees of a leading PKI company. The scope of the interviews was to establish the relevance of these principles and identify the associated risks. The results suggest that the design system should take into account 6 ethical principles: transparency, inclusiveness and accessibility, autonomy, security and privacy, accountability and resilience. The principle of transparency can be applied to the design system through a clear user interface and simpler workflows while inclusiveness and accessibility can be tackled by considering even non-technical audits and people with disabilities during the design process. To make the user more autonomous, it is important to act on the workflow in order to reduce the use of external documentation and the possibility of managing automation in a simple way. Security and privacy are the foundations of PKI products and therefore user interface and experience should not in any way limit these principles, but rather facilitate the procedures necessary to make products safe. The tracking of the users’ actions is crucial in this field, however, the design should make the review of the activities easy and clearly convey the concept to tracked users. Finally, resilience can find application in the design, even if partially, and try to block malicious product uses. / Denna forskning utfördes inom området för public key infrastructures (PKI). Denna sektor är mycket konfidentiell och har att göra med hanteringen av säkerhet genom kryptering. Produkterna inom detta område är tekniska: användargränssnittet och användarupplevelseaspekterna prioriteras inte och de ignoreras eller förringas vanligtvis. Att se bort från dessa aspekter kan leda till olika etiska risker inte bara för företaget utan även för dess kunder. Inom området för public key infrastructure är design därför en fråga av etisk angelägenhet. Syftet med denna forskning är att analysera vilka etiska risker och principer som bör beaktas när man skapar ett designsystem för public key infrastructure. För att hitta ett svar delades studien upp i 3 faser. En preliminär analys genomfördes för att identifiera möjliga etiska principer, därefter genomfördes två omgångar av intervjuer med 8 anställda på ett ledande PKI-företag. Intervjuernas omfattning var att fastställa relevansen av dessa principer och identifiera de associerade riskerna. Resultaten tyder på att designsystemet bör ta hänsyn till 6 etiska principer: transparens, inkludering och tillgänglighet, autonomi, säkerhet och integritet, ansvarighet och motståndskraft. Principen om transparens kan appliceras på designsystemet genom ett tydligt användargränssnitt och enklare arbetsflöden samtidigt som inkludering och tillgänglighet kan hanteras genom att beakta även icke-tekniska revisioner och personer med funktionshinder under designprocessen. För att göra användaren mer självständig är det viktigt att vara verksam på arbetsflödet för att minska användningen av extern dokumentation och möjligheten att hantera automatisering på ett enkelt sätt. Säkerhet och integritet är grunden för PKI-produkter och därför bör användargränssnitt och erfarenhet inte på något sätt begränsa dessa principer, utan snarare underlätta de procedurer som krävs för att göra produkter säkra. Spårningen av användarnas handlingar är avgörande inom detta område, dock bör designen göra granskningen av aktiviteterna enkel och tydligt förmedla konceptet till spårade användare. Slutligen kan resistens hitta tillämpning i designen, även om den enbart är partiell, och försöka blockera skadlig produktanvändning. Design system Ethical risks Public key infrastructure Design system Etiska risker Public key infrastructure Computer and Information Sciences Data- och informationsvetenskap
82	VLSI implementation of a Montgomery modular multiplier / Wang, Xin. January 1900 (has links) Thesis (M.App.Sc.) - Carleton University, 2006. / Includes bibliographical references (p. 80-82). Also available in electronic format on the Internet.
83	En undersökning om end-to-end kryptering av SMS med hjälp av PKCS #1 Danielsson, Mikael January 2020 (has links) In today’s society, especially after everything that was reported by Edward Snowden when he, during 2013, showed how USA’s NSA worked with global surveillance, there is a great need to keep communication secure. Se- cure both in such a way that the contents in messages are protected from unwanted parties as well as in such a way that messages’ authenticity can be verified. It’s just as important to know who one is communicating with as it is to know that no unauthorized person can read material not meant for them. We see more and more solutions like for instance Let’s Encrypt that offer free encryption for web traffic but when it actually comes to SMS traffic there aren’t as many effective options available. The purpose of this work is to develop a system to examine how one most effectively could treat SMS in a secure and authenticated fashion. The goal is to, contrary to many other solutions, not be dependent upon a third party but rather utilize the existing SMS protocol and to make sure that the con- tents is encrypted by use of public key cryptography. This leads to it being enough to use the application to be able to communicate securely as there would be no central server that could be closed down or in other ways af- fected to lessen the security of the communication. We also get a system that is much less dependent on mobile data and will thus become more flexible in areas where this can be costly or hard to reach. Beyond this a system for verification of external keys will be explored. Even if it, in case the user chooses to use it, will need access to mobile data, it could be a useful tool for authentication of communication with parties with whom one has not been in contact with before since they can publish their public key and then refer to it within the message. An example use case for this would be a gov- ernment needing to publish information to its citizens; then this key can be published on their web site so that anyone easily could verify it (the goal is to have this be done automatically during message retrieval). / I dagens samhälle, särskilt efter bland annat allt som rapporterades av Ed- ward Snowden när han under 2013 påvisade hur USAs NSA jobbade med global övervakning, är det av stor vikt av att kommunikation bör hållas säker. Säker både på så sätt att innehållet i meddelanden skyddas från oön- skade personer och på så sätt att meddelandens autenticitet kan styrkas. Det är minst lika viktigt att veta vem man kommunicerar med som att veta att ingen obehörig kan läsa material som inte är ämnat för dem. Vi ser fler och fler lösningar som till exempel Let’s Encrypt som erbjuder gratis kryptering av webbtrafik men när det gäller just SMS-trafik finns inte lika många och effektiva lösningar. Syftet med det här arbetet är att utveckla ett system för att undersöka hur man på bästa sätt skulle kunna behandla SMS på ett säkert och autentis- erat sätt. Målet är att, till skillnad mot många andra lösningar, inte vara beroende av en tredje part utan istället nyttja det befintliga SMS-protokollet men se till att innehållet är krypterat med hjälp av public key cryptography. Detta leder till att det räcker att använda applikationen för att kunna kom- municera säkert, det finns ingen central server som skulle kunna stängas ner eller på andra sätt påverkas för att försämra kommunikationens säker- het. Vi får också ett system som är mycket mindre beroende av mobildata och blir därför mer flexibelt i områden där dessa kan vara kostsamma eller svåråtkomliga. Utöver detta kommer ett system för extern autentisering av nycklar undersökas. Även om detta, om avsändaren väljer att utnyttja det, kommer att kräva tillgång till mobil datatrafik så skulle det vara ett nyttigt verktyg för att kunna autentisera kommunikation med personer som man aldrig tidigare varit kontakt med då dessa i så fall kan publicera sin nyckel online och sedan hänvisa till den i meddelandet. Exempel på användning för detta är om en myndighet behöver gå ut med information till medbor- garna; då kan denna nyckel publiceras på dess webbsida så att alla enkelt kan kontrollera den (målet är i så fall att detta skall ske automatiskt under hämtning av ett meddelande). Android Encryption SMS Public Key Cryptography Key management Authentication Android Kryptering SMS Public Key Kryptografi Nyckelhantering Autentisering Computer Sciences Datavetenskap (datalogi)
84	PKI/PMI AND SMART TOKENS IN HEALTHCARE INFORMATION SYSTEMS Liu, Hailong, Qi, Wenhua, Zhang, Qishan, Wu, Jinpei 10 1900 (has links) International Telemetering Conference Proceedings / October 20-23, 2003 / Riviera Hotel and Convention Center, Las Vegas, Nevada / While healthcare industry is striving to achieve e-health systems for improvements in healthcare quality, cost, and access, privacy and security about medical records should be considered carefully. This paper makes a deep study of Public Key Infrastructures (PKIs) and Privilege Management Infrastructures (PMIs) and how they can secure e-health systems. To access resources, e.g. patient records, both authentication and authorization are needed, so public key certificates and attribute certificates are both required to protect healthcare information. From a typical medical scenario, we see not only static but also dynamic permissions are required. Dynamic authorization maybe the most complex problem in e-health systems. security PKI PMI public key certificate attribute certificate smart token e-health digital signature
85	Telemetry Data Sharing Using S/MIME Kalibjian, Jeffrey R. 10 1900 (has links) International Telemetering Conference Proceedings / October 27-30, 1997 / Riviera Hotel and Convention Center, Las Vegas, Nevada / Last year the design and implementation of a secure World Wide Web based data sharing tool which could enable geographically remote contractor teams to access flight and test telemetry data securely over the Internet was presented [1]. Key technologies facilitating this capability were the Hypertext Transfer Protocol (HTTP) and the Secure Sockets Layer (SSL) capable web browsers and web servers. This year the applicability of the Secure Multipurpose Internet Mail Extension (S/MIME) specification is being evaluated for the transport of telemetry data via secure E-mail. secure data sharing E-mail S/MIME MIME public key cryptography standards (PKCS)
86	Accountable Security Architectures for Protecting Telemetry Data Kalibjian, Jeffrey R. 10 1900 (has links) International Telemetering Conference Proceedings / October 22-25, 2001 / Riviera Hotel and Convention Center, Las Vegas, Nevada / Today there are many security solutions available which can facilitate both protection and sharing of telemetry data. While the technologies behind these solutions are maturing [1] [2] [3], most products lack a consistent and coherent paradigm for enforcing who is able to access the secured data, what is done with it, and insuring it can be recovered if the person who secured it is disabled. Computer Security Event Auditing Security Policy Public Key Infrastructure (PKI) Key Recovery Access Control
87	Secure IP Multicasting with Encryption Key Management Maharjan, Nadim, Moten, Daryl 10 1900 (has links) ITC/USA 2011 Conference Proceedings / The Forty-Seventh Annual International Telemetering Conference and Technical Exhibition / October 24-27, 2011 / Bally's Las Vegas, Las Vegas, Nevada / This paper presents the design for secure IP multicasting in an iNet environment using public key cryptography. Morgan State University has been conducting research to improve the telemetry network by improving network performance, implementing IP (Internet Protocol) multicasting and providing a stronger security system for the iNet environment. The present study describes how IP multicasting could be implemented to provide more secure communication in the iNet environment by reducing traffic and optimizing network performance. The multicast of data is closely tied to the key management center for secure applications. This paper develops a means of delivering keys between two or more parties showing a relationship between the multicast network and the Key Management Center (KMC). The KMC is an element of the system which distributes and manages session keys among multicast members. A public key encryption method is used to address the distribution of session keys in the multicast network. The paper will present a system level design of multicast and key management with dual encryption of session keys for the iNet system. IP Multicasting Public-key Cryptosystem Key Management Center Security Public Certificates iNET
88	Efektyvios šifravimo bei skaitmeninio parašo sistemos / Efficient encryption and digital signature schemes Valkaitis, Mindaugas 04 July 2014 (has links) Šio darbo tikslas – apžvelgti šiuo metu naudojamas klasikines viešojo rakto šifravimo ir skaitmeninio parašo sistemas bei naujos kartos Signcryption kriptosistemą ir atlikti dedikuotos pasirašymo ir šifravimo kriptosistemos efektyvumo palyginimą su pasirašymo arba šifravimo kriptosistemų kompozicija bei pasiūlyti praktinio pritaikymą naujos kartos Signcryption kriptosistemai. Darbe apžvelgtos šios kriptosistemos: 1. RSA (Rivest, Shamir, Adleman) – klasikinė viešojo rakto pasirašymo arba šifravimo kriptosistema, kurios saugumas paremtas didelių skaičių faktorizacijos uždavinio sprendimo sudėtingumu, 2. ElGamalio – klasikinė viešojo rakto pasirašymo arba šifravimo kriptosistema, kurios saugumas paremtas diskretaus logaritmo problemos sprendimo sudėtingumu, 3. Signcryption – naujos kartos viešojo rakto pasirašymo ir šifravimo kriptosistema, realizuota modifikuotos ElGamalio skaitmeninio parašo schemos pagrindu. Minėtos kriptosistemos apžvelgtos teoriškai, sukurta praktinė jų realizacija ir apžvelgti rezultatai bei palygintas jų efektyvumas, kuris apibrėžiamas dviem parametrais: 1. Pranešimo pasirašymo, šifravimo, dešifravimo ir parašo patikrinimo operacijų trukmė, 2. Perduodamos perteklinės informacijos kiekis – pranešimo ilgio padidėjimas atlikus pasirašymo ir šifravimo operacijas. Taip pat apžvelgtos kriptosistemų realizacijoje naudotos papildomos funkcijos bei algoritmai, tokie kaip AES blokiniai šifrai, SHA maišos funkcijų šeima, HMAC kontrolinis parašas bei pasiūlyti du... [toliau žr. visą tekstą] / This submission called “Efficient encryption and digital signature schemes” consists of three parts. I. In Part I theoretical analysis of popular public key cryptosystems RSA (Rivest, Shamir, Adleman) with security based on the large integer factorization problem and ElGamal with security based on the discrete logarithm problem, along with new cryptographic primitive termed as "signcryption" proposed by Y. Zheng which simultaneously fulfills both the functions of digital signature and public key encryption in a logically single step, and with a cost significantly smaller than that required by "signature followed by encryption" using popular public key cryptosystem composition is done. For the completeness of analysis description of supplemental algorithms and functions such as AES block cipher, SHA hash functions, HMAC keyed hash function is present. II. In Part II the results of the practical implementation done in Python programming language are analyzed. Effectiveness is described by two factors: 1. Total computation time of signing – encryption – decryption – verification operations; 2. Communication overhead – signed and encrypted message length increase compared to the original plaintext. III. In Part III two effective Signcryption implementation algorithms are proposed: secret sharing without threshold and (k, n) threshold schemes. Results of analysis prove Signcryption being secure and extremely effective signature and encryption cryptosystem. It has very low... [to full text] Public Key Cryptography Digital Signature RSA ElGamal Signcryption Secret Sharing (k N) Threshold Sharing
89	SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions Kovan, Gerry January 2005 (has links) Internet commerce continues to grow rapidly. Over 60% of US households use the internet to shop online. A secure payment protocol is required to support this rapid growth. A new payment protocol was recently invented at IBM. We refer to the protocol as SPP or Secure Payment Protocol. This thesis presents a protocol analysis of SPP. It is essential that a thorough security analysis be done on any new payment protocol so that we can better understand its security properties. We first develop a method for analyzing payment protocols. This method includes a list of desirable security features and a list of proofs that should be satisfied. We then present the results of the analysis. These results validate that the protocol does contain many security features and properties. They also help understand the security properties and identify areas where the protocol can be further secured. This led us to extend the design of the protocol to enhance its security. This thesis also presents a prototype implementation of SPP. Three software components were implemented. They are the Electronic Wallet component, the merchant software component and the Trusted Third Party component. The architecture and technologies that are required for implementation are discussed. The prototype is then used in performance measurement experiments. Results on system performance as a function of key size are presented. Finally, this thesis presents an extension of SPP to support a two buyer scenario. In this scenario one buyer makes an order while another buyer makes the payment. This scenario enables additional commerce services. Computer Science Secure Payment Protocol Internet Commerce Public Key Cryptography SSL Digital Signatures
90	Design and development of a web-based DOD PKI common access card (CAC) instruction tool / Design and development of a web-based Department of Defense Public Key Infrastructure common access card (CAC) instruction tool Athanasopoulos, Vasileios D. 03 1900 (has links) Approved for public release; distribution is unlimited / Public key cryptography and the infrastructure that has been designed to successfully implement it: Public Key Infrastructure (PKI) is a very promising computer security technology. As a significant enhancement to this infrastructure, the DoD is now issuing smart card tokens, in the form of the Common Access Card (CAC), to its service members. This card is a relatively complex cryptographic device that contains its user's private keys, digital certificates, and other personal/administrative information. Service personnel are being issued these cards with little or no training regarding what they are or how they function. Such an omission detracts from the infrastructure's overall security. This thesis presents an introductory-level description of public key cryptography and its supporting infrastructure (PKI). The thesis then goes on to develop a web-based training tool that could provide all DoD CAC holders with the rudimentary knowledge of how their CAC fits into the broader infrastructure. The training tool will require no instructor, and will present a validation test to each user. DoD commands could utilize this tool to provide basic CAC training to their members. Public key cryptography United States Cryptography Web-based instruction Computer security Technology

Search results