1 |
The Impact of the Common Data Security Architecture (CDSA) on Telemetry Post Processing ArchitecturesKalibjian, Jeffrey R. 10 1900 (has links)
International Telemetering Conference Proceedings / October 25-28, 1999 / Riviera Hotel and Convention Center, Las Vegas, Nevada / It is an increasing requirement that commercial satellite telemetry data product be protected from unauthorized access during transmission to ground stations. While the technology (cryptography) to secure telemetry data product is well known, the software infrastructure to support such security is costly, and very customized. Further, many software packages have difficulty interoperating. The Common Data Security Architecture [1] [2] [3] (originally proposed by the Intel Corporation, and now adopted by the Open Group), is a set of common cryptographic [4] and public key infrastructure (PKI) application programming interfaces (APIs) which will facilitate better cryptographic interoperability as well as making cryptographic resources more readily available in telemetry post processing environments.
|
2 |
RESEARCH OF SECURITY HARDWARE IN PKI SYSTEMWenhua, Qi, Qishan, Zhang, Hailong, Liu 10 1900 (has links)
International Telemetering Conference Proceedings / October 20-23, 2003 / Riviera Hotel and Convention Center, Las Vegas, Nevada / Security hardware based on asymmetric algorithm is the key component of Public Key Infrastructure (PKI), which decides the safety and performance of system. Security device in server or client have some common functions. We designed the client token and cryptographic server to improve the performance of PKI, and got obvious effect.
|
3 |
Accountable Security Architectures for Protecting Telemetry DataKalibjian, Jeffrey R. 10 1900 (has links)
International Telemetering Conference Proceedings / October 22-25, 2001 / Riviera Hotel and Convention Center, Las Vegas, Nevada / Today there are many security solutions available which can facilitate both protection and sharing of
telemetry data. While the technologies behind these solutions are maturing [1] [2] [3], most products
lack a consistent and coherent paradigm for enforcing who is able to access the secured data, what is
done with it, and insuring it can be recovered if the person who secured it is disabled.
|
4 |
Přístupy k auditu infrastruktury veřejných klíčů / Public Key Infrastructure audit approachesPěnka, Michal January 2010 (has links)
The aim of this work is to introduce fundamental concepts of public key infrastructure. Basic requirements for communication and related problems are presented. The solution of these problems can be found in cryptography. Different types of cyphers and infrastructures based on assymetric cryptography are described. The infrastructure types involve hierarchical system of certificate authorities and the web of trust. Furthermore, there is a list and description of cryptography software which can be used in the field of public key infrastructre. The main topic of this thesis is the audit of public key infrastructure. Audit can be supported by several available standards, e.g. WebTrust for Certificate Authorities, ETSI TS 101 456, ETSI TS 102 042 and ISO 21188:2006. This paper systematically describes these standards and using statistical methods compares and evaluates their complexity.
|
5 |
LF-PKI: Practical, Secure, and High-Performance Design and Implementation of a Lite Flexible PKI / LF-PKI: Praktisk, säker och Högpresterande design och Implementering av Lite Flexible PKIXu, Yongzhe January 2022 (has links)
Today’s Web Public Key Infrastructure (PKI) builds on a homogeneous trust model. All Certificate Authorities (CAs) are equally trusted once they are marked as trusted CAs on the client side. As a result, the security of the Web PKI depends on the weakest CA. Trust heterogeneity and flexibility can be introduced in today’s Web PKI to mitigate the problem. Each client could have different levels of trust in each trusted CA, according to the properties of each CA, such as the location, reputation and scale of the CA. As a result, the loss caused by the compromise of a less trusted CA will be relieved. In this work, we study Flexible-PKI (F-PKI), which is an enhancement of Web PKI, and propose Lite Flexible-PKI (LF-PKI) to address the limitations of F-PKI. LF-PKI is designed to securely and efficiently manage domain policies and enable trust heterogeneity on the client side. The domain owner can issue domain policies for their domains, and the client will have a complete view of the domain policies issued for a specific domain. Based on the collection of domain policies from LF-PKI, trust heterogeneity can be achieved on the client side. Each client will choose the domain policies based on the trust levels of the CA. On the basis of the LF-PKI design, a high-performance implementation of LF-PKI was developed, optimized, and analyzed. The optimized implementation can provide the LF-PKI services for worldwide domains on a single server with moderate hardware. / Dagens Web Public Key Infrastructure (PKI) bygger på en homogen förtroendemodell. Alla certifikatutfärdare (CA) är lika betrodda när de är markerade som betrodda certifikatutfärdare på klientsidan. Som ett resultat beror säkerheten för webb-PKI på den svagaste CA. Förtroendeheterogenitet och flexibilitet kan införas i dagens webb-PKI för att mildra problemet. Varje klient kan ha olika nivåer av förtroende för varje betrodd certifikatutfärdare, beroende på egenskaperna hos varje certifikatutfärdare, såsom certifikatutfärdarens plats, rykte och omfattning. Som ett resultat kommer förlusten som orsakats av kompromissen av en mindre pålitlig CA att avhjälpas. I detta arbete studerar vi Flexible-PKI (F-PKI), som är en förbättring av webb-PKI, och föreslår Lite Flexible-PKI (LF-PKI) för att ta itu med begränsningarna hos F-PKI. LF-PKI är utformad för att säkert och effektivt hantera domänpolicyer och möjliggöra förtroendeheterogenitet på klientsidan. Domänägaren kan utfärda domänpolicyer för sina domäner, och klienten kommer att ha en fullständig bild av domänpolicyerna som utfärdats för en specifik domän. Baserat på insamlingen av domänpolicyer från LF-PKI kan förtroendeheterogenitet uppnås på klientsidan. Varje klient kommer att välja domänpolicyer baserat på förtroendenivåerna för CA. På basis av LF-PKI-designen utvecklades, optimerades och analyserades en högpresterande implementering av LF-PKI. Den optimerade implementeringen kan tillhandahålla LF-PKI-tjänster för världsomspännande domäner på en enda server med måttlig hårdvara.
|
6 |
Use Of Pki For Process AuthorizationTaskazan, Feyza 01 January 2004 (has links) (PDF)
Enterprises require an information security solution that provides privacy, integrity, authentication and access controls for processes. License management systems are developed to be a solution for process authorization in different platforms. However, security threats on processes cannot be controlled with existing license management mechanisms. The need is a complete system that is independent from implementation, platform, and application. In this thesis, we design a complete system for process authorization based on Public Key Infrastructure (PKI) technology.
|
7 |
Uma arquitetura para autenticação de dispositivos móveis através de uma infra-estrutura de chave pública. / An architecture for authentication of mobile devices through a public key infrastructure.CAMINHA, Jean. 20 August 2018 (has links)
Submitted by Johnny Rodrigues (johnnyrodrigues@ufcg.edu.br) on 2018-08-20T20:19:30Z
No. of bitstreams: 1
JEAN CAMINHA - DISSERTAÇÃO PPGEE 2006..pdf: 1518338 bytes, checksum: e7ba2faff350c19009f55c5eec73fc4a (MD5) / Made available in DSpace on 2018-08-20T20:19:30Z (GMT). No. of bitstreams: 1
JEAN CAMINHA - DISSERTAÇÃO PPGEE 2006..pdf: 1518338 bytes, checksum: e7ba2faff350c19009f55c5eec73fc4a (MD5)
Previous issue date: 2006-12-22 / A identificação de objetos que participam de uma arquitetura de processamento
de dados é uma preocupação relevante para a segurança das informações e fator
decisivo para a utilização de serviços que utilizam dados sensíveis. Este trabalho propõe
uma arquitetura para a autenticação de dispositivos móveis utilizando a Infra-estrutura
de Chave Pública (PKI) e o Protocolo de Iniciação de Sessões (SIP) de modo a
minimizar as limitações de armazenamento e processamento destes aparelhos. / The identification of objects that participates of architecture of data processing is
a concern for information security and decisive factor for services that need manipulate
sensible data. This work considers architecture for mobile devices authentication
through in a Public Key Infrastructure and the Session Initiation Protocol (SIP) as a way
to minimize storage and processing limitations of those devices.
|
8 |
政府採購入口網站功能架構與關鍵成功因素之研究 / A Study of the functional architecture and Key Success Factors for the Government Electronic Procurement Portal Website陳冠竹 Unknown Date (has links)
政府入口網站含蓋了眾多提供公共服務的網站,讓民眾或企業進行相關業務的辦理、資訊的查詢以及進行交易等行為。全國或是全球需要使用到政府服務,例如政府採購等之使用者皆是政府入口網站之服務對象。因此政府網站在資料流量含量方面較之於一般商業網站更為可觀,亦包含了電子商務性質。在此狀況下,政府角色亦已逐漸從管制調適為服務。就政府體策略或執行計畫而言,實施知識管理除可使行政單位的工作效率提昇,行政流程時間縮短,更可避免重覆錯誤及誤判訊息之可能。
本研究主要以行政院公共工程委員會目前所推行之『政府採購電子化』計畫為研究對象,冀於對未來五年能達到政府採購作業全面電子化提出建議。本研究之目標係分析研擬「政府電子採購入口網站」之關鍵成功因素,從而由「政府採購電子化」計畫現行系統歸納出具綜效之整合型「政府電子採購入口網站」功能架構,其工作內容如下:
1. 歸納、分析現行各系統及政府採購法推動之問題。
2. 瞭解國內政府入口網站之推動情形,分析企業資訊入口網站解決方案現況。
3. 利用分析層級程序法(Analytic Hierarchy Process,簡稱AHP)歸納出三分類專家,包括工程會內部專家、公部門專家、產業界及學界專家所認為的「政府電子採購入口網站」之關鍵成功因素,同時也分析資訊職務與非資訊職務專家觀點之相異點。
4. 根據歸納出來之關鍵成功因素與內部需求,提出具建設性之「政府電子採購入口網站」功能架構雛形,建議工程會推動「政府採購入口網站」提供之功能依據。
本研究AHP法研究結果如下:
1. 本研究中之各類專家一般認為內在因素比外在環境因素之權重大。
2. 第三層關鍵成功因素包括知識管理機制之健全化、政策及法制配合度、使用者服務機制、資訊系統與營運。整體而言,工程會內部專家與產業界及學界專家兩類專家較重視政策及法制配合度構面因素,而公部門專家比較重視資訊系統與營運構面因素。資訊職務專家較重視政策及法制配合度構面因素,非資訊職務專家比較重視資訊系統與營運構面因素。
3. 整體最底層關鍵成功因素排名前七項分別為高階長官的參與和支持並訂定明確的目標、即時配合實際狀況,修正、鬆綁法規、充裕的資源配合、提昇法令約束力之效力、提供快速回應問題之機制、介面具親和力、操作流程循序簡單、提供高度的可靠性與穩定性。
本研究最後逐一對專家深入訪談、工程會需求訪談、企業資訊入口網站解決方案及關鍵成功因素AHP之分析等結果提出結論與建議。 / An e-Government Portal should integrates numerous websites that offer public service, and provides individuals or enterprises with a platform for trafficking, searching information, and conducting transactions. Thus, all the users, that need to access government service and government procurement information, are potential customers of the e-Government Portal website. Hence, the e-Government Portal website, with e-Commerce quality, has more enormous data flow and database contents in comparison with simple e-Commerce sites. Last but not least, the role of e-Government Portal website is turned gradually into a service provider from its simple transition role of inspection.
From government's strategic aspect, actions regarding knowledge management can not only improve the efficiency and streamline the administrative procedures, but also avoid the crisis of repeating failures and misleadings of messages.
The object of this research is the Electronic Procurement Plan, which was established and promoted by the Public Construction Commission (PCC) of The Executive Yuan, R.O.C. The goal of the Electronic Procurement Plan is to accomplish the electronic commerce of the government procurement entirely in five years. This study aims to find out the critical success factors (CSF) for the Government Electronic Procurement Portal Website, and to carry out a functional architecture for the synergic Government Electronic Procurement Portal Website via the following working packages :
1. to analyze and formulate the problems of promoting the electronic government procurement system and the government procurement law.
2. to discuss the ongoing domestic promotion programs of the e-Government Portal websites and analyze the status quo cases of the Enterprise Information Portal (EIP) solution.
3. to analyze and compare the critical success factors of the Government Electronic Procurement Portal Website of various expert viewpoints through Analytic Hierarchy Process (AHP) method. The experts come from the PCC internal public servants, public servants from other government agencies as well as industrialists and scholars. On the other hand, the different viewpoints between the IT background experts and non-IT background experts are also compared.
4. to summarize constitutive functional architecture for the Government Electronic Procurement Portal Website according to the resulted CSF and the PCC internal requirements.
The results of AHP analysis can be stated as following:
1. The internal factors outweigh external factors.
2. The third-level of factors of AHP architecture includes the solidity of knowledge management, the compatibility of policies and laws, the user service mechanism and the information systems and operations. Generally, the PCC internal public servants, industrialists and scholars pay more attention to the compatibility of policies and laws than the other public servants that put a lot of emphasis on the information systems and operations. The IT background experts value the compatibility of policies and laws, whereas the non-IT background experts emphasize the information systems and operations.
3. The top seven priority factors of the rock-bottom level factors include the involvements and endorsements of the top executives and establish the clear goals, the instantaneous emendation and relaxation of the laws, the compatibility of abundant resource, the effectiveness of promoting the law's constraint force, friendly interface and easily sequential operation flow and high reliability and stability.
At last, this research leads to the conclusions and suggestions in regard to in-depth experts interviews,PCC internal requirement investigations, EIP solutions and the AHP CSF analysis.
|
Page generated in 0.3174 seconds