Security in Distributed Embedded Systems

Tewatia, Rohit

January 2008

<p>Communication in a sensor network needs guaranteed reception of data without fail and providing security to it. The authenticity and confidentiality of the data has to be ensured as sensors have limited hardware resources as well as the bandwidth. This thesis addresses the security aspects in wireless sensor networks. The main task of the project is to identify the critical security parameters for these distributed embedded systems. The sensors have extremely limited resources: small amount of memory, low computation capability and poor bandwidth. For example, a sensor platform can have 8KB of flash memory, a 4MHz 8-bit Atmel processor, and a 900MHz radio interface. Various security threats posed to these small wireless sensor networks has been made and solutions proposed. Secure communication between these communicating partners is to be achieved using cryptography.</p>

Sensor Networks

Motes, Security

Security Issue of BGP in complex Peering and Transit Networks

Khalid, Muhammad Adnan, Nazir, Qamar

January 2009

<p>Border Gateway Protocol (BGP) is a critical routing protocol of the internet, used to</p><p>exchange routing information between autonomous systems (ASes). BGP is highly</p><p>vulnerable to many attacks that can cause routing disturbance on the internet. This</p><p>paper describes BGP attacks, misconfigurations, causes of misconfigurations, impact</p><p>of these attacks and misconfigurations in BGP and counter measures. Also we</p><p>analyze new security architectures for BGP, comparison of these security protocols</p><p>and their deployment issues. At the end we propose new security solution that is</p><p>Defensive Routing Policy (DRP) to prevent BGP from malicious attacks and</p><p>misconfigurations. DRP is operationally deployable and very effective to solve BGP</p><p>problems.</p>

Border Gateway Protocol Security

Network Security Analysis

Hassan, Aamir, Mohammad, Fida

January 2010

<p>Security  is  the second step after  that a successful network has been deployed. There are many  types  of  attacks  that  could  potentially  harm  the  network  and  an  administrator should  carefully  document  and  plan  the  weak  areas,  where  the  network  could  be compromised. Attackers use special tools and techniques to find out all the possible ways of defeating the network security.  This  thesis  addresses  all  the  possible  tools  and  techniques  that  attackers  use  to compromise the network. The purpose for exploring these tools will help an administrator to find the security holes before an attacker can. All of these tools in this thesis are only for the forensic purpose. Securing routers and switches in the best possible way is another goal. We in this part try to identify important ways of securing these devices, along with their limitations, and then determine the best possible way. The solution will be checked with network vulnerable  tools  to get  the  results.  It  is  important  to note  that most  of  the attention  in  network  security  is  given  to  the  router,  but  far  less  attention  is  given  to securing a switch. This  thesis will also address some more ways of securing a switch, if there is no router in the network. </p> / The opponent for the thesis was Yan Wang and the presentation time was 60 minutes.

Network Security Analysis

Data Security Enhancement for Web Applications Using Cryptographic Back-end Store

Lin, Wenghui

01 January 2009

Conventional storage technologies do not always give sufficient guarantees of security for critical information. Databases and file servers are regularly compromised, with consequential theft of identities and unauthorized use of sensitive information. Some cryptographic technologies increase the security guarantees, but rely on a key, and key secrecy and maintenance are difficult problems. Meanwhile, there is an accelerating trend of moving data from local storage to Internet storage. As a result, automatic security of critical information without the need for key management promises to be an important technology for Web Applications. This thesis presents such solution for Internet data storage that uses a secret sharing scheme. The shared secrets are packaged as JSON objects and delivered to various endpoints using HTTP semantics. A shopping website is developed to demonstrate the solution.

Web Applications; Storage; Security

The characteristics of user-generated passwords /

Sawyer, Darren A.

January 1990

Thesis (M.S. in Information Systems)--Naval Postgraduate School, March 1990. / Thesis Advisor(s): Zviran, Moshe ; Haga, William J. "March 1990." Description based on signature page as viewed on October 21, 2009. DTIC identifier(s): Access control, passwords, computer security, identification verification. Author(s) subject terms: Passwords, computer security, user-generated passwords, informaiton system security. Includes bibliographical references (p. 98-99). Also available online.

Data protection. Computer security.

The implementation of the policy of comprehensive social security assistance

Tong, Sui-yip.

January 2006

Thesis (M. P. A.)--University of Hong Kong, 2006. / Title proper from title frame. Also available in printed format.

Welfare fraud Social security

Managing IT Security In Organizations : A look at Physical and Administrative Controls

Asmah, Gilbert Yaw, Baruwa, Adebola Abdulrafiu

January 2005

Introduction Information technology security or computing system security is one of the most impor-tant issues that businesses all over the world strive to deal with. However, the world has now changed and in essential ways. The desk-top computer and workstation have appeared and proliferated widely. The net effect of all this has been to expose the computer-based information system, i.e. its hardware, its software, its software processes, its databases, its communications to an environment over which no one—not end user, not network admin-istrator or system owner, not even government—has control. Purpose Since IT security has a very broad spectrum and encompasses a lot of issues, we want to focus our research by taking a critical look at how business organizations manage IT secu-rity with specific emphasis on administrative and physical controls. Methods When the authors of this paper approached the topic to be studied it soon became evident that the most relevant and interesting task was not merely to investigate how business and non business organizations manage their IT security, but in fact try to understand what lies behind them. The purpose of this paper demands a deeper insight of how organizations address the issue of computer security; the authors wanted to gain a deeper understanding of how security issues have been addressed or being tackled by the organizations. Thus, the qualitative method was most suitable for this study. Conclusion Based on the chosen approach, the result of this study has shown that both business and non-business organizations located in Jönköping recognize the importance of IT security, and are willing to protect their systems from threats such as unauthorized access, theft, fire, power outage and other threats to ensure the smooth running of their systems at all times.

Computer System Security

IT security

Security Planning

Security policy.

Business studies

Företagsekonomi

Stunted Growth: Institutional Challenges to the Department of Homeland Security's Maturation

Fronczak, Dana James

23 April 2013

Scholars have proposed numerous explanations as to why the Department of Homeland Security has struggled to mature as an organization and effectively conduct its core mission. We propose an alternative viewpoint that the department lacks key legal authorities and necessitates key organizational transfer in order to rationalize its portfolio. We examine these points through review of legal authorities in select mission areas and through a resource analysis of activities conducted throughout the federal government to execute the homeland security mission. The analysis leads to specific recommendations for transfers and authorities and suggestions as to how the political environment might coalesce around engendering these changes. / McAnulty College and Graduate School of Liberal Arts; / Graduate Center for Social and Public Policy / MA; / Thesis;

DHS, Homeland Security, Management

The Role of U.S. Infrastructure Investment in Strategic Asset Allocation

Cahill, Michael A

01 January 2013

This paper investigates the role of U.S. infrastructure investments in a multi-asset portfolio, by using monthly return data for eight different asset classes from the period December 2002 to March 2013. Applying mean variance, as well as mean-downside risk, optimization models, I show that U.S. infrastructure plays an important role in delivering better risk/return trade-offs than more traditional portfolios. Infrastructure proves to be most beneficial to moderate-risk portfolios where the standard deviation ranges from 2% to 6% and the maximum allocation to infrastructure is 65.49%. Additionally, I show that infrastructure is more attractive to investors who are averse to variance, rather than downside risk.

Portfolio and Security Analysis

THREE ESSAYS ON SOCIAL SECURITY WITH MYOPIC AGENTS

WEN, XUE

03 May 2012

Questa tesi si compone di tre capitoli. Nel primo capitolo, si presenta una rassegna della letteratura sui principali contributi teorici di modellazione per la progettazione della sicurezza sociale, assumendo gli individui come non-standard preferences. Ci concentriamo su tre approcci particolari: time inconsistent preferences, temptation preferences e myopia. Il secondo capitolo studia gli incentivi politici per la progettazione della politica di sicurezza sociale nelle democrazie competitive con le famiglie lungimiranti e miopi in un ambiente di probabilistic voting. In particolare, l'analisi si concentra sul trade-off tra le dimensioni e il grado di redistribuzione del sistema pensionistico. Il terzo capitolo introduce il comportamento miope di risparmio in un modello pensionistico a due paesi, in cui vengono confrontate le politiche pensionistiche non-cooperative e cooperative. Inoltre, questo capitolo analizza gli effetti di cooperazione per l'accumulo di capitale mondiale con la presenza di agenti miopi. / This dissertation consists of three chapters. In Chapter 1, I present a literature review on the main theoretical contributions modeling social security design assuming non-standard household preferences. We focus on three particular approaches: time inconsistent preferences, temptation preferences and myopia. Chapter 2 investigates the political incentives for the design of social security policy in competitive democracies with both far-sighted and myopic households in a probabilistic voting setting. In particular, the analysis focuses on the trade-off between the size and the redistribution degree of the equilibrium social security policy. Chapter 3 introduces myopic saving behavior in a two-country normative model of social security, in which non-cooperative and cooperative pension policies are compared. Moreover, this chapter analyzes the effects of cooperation to world capital accumulation with the presence of myopic agents.

equilibrium social; security policy;