Direct Online/Offline Digital Signature Schemes.

Yu, Ping

12 1900

Online/offline signature schemes are useful in many situations, and two such scenarios are considered in this dissertation: bursty server authentication and embedded device authentication. In this dissertation, new techniques for online/offline signing are introduced, those are applied in a variety of ways for creating online/offline signature schemes, and five different online/offline signature schemes that are proved secure under a variety of models and assumptions are proposed. Two of the proposed five schemes have the best offline or best online performance of any currently known technique, and are particularly well-suited for the scenarios that are considered in this dissertation. To determine if the proposed schemes provide the expected practical improvements, a series of experiments were conducted comparing the proposed schemes with each other and with other state-of-the-art schemes in this area, both on a desktop class computer, and under AVR Studio, a simulation platform for an 8-bit processor that is popular for embedded systems. Under AVR Studio, the proposed SGE scheme using a typical key size for the embedded device authentication scenario, can complete the offline phase in about 24 seconds and then produce a signature (the online phase) in 15 milliseconds, which is the best offline performance of any known signature scheme that has been proven secure in the standard model. In the tests on a desktop class computer, the proposed SGS scheme, which has the best online performance and is designed for the bursty server authentication scenario, generated 469,109 signatures per second, and the Schnorr scheme (the next best scheme in terms of online performance) generated only 223,548 signatures. The experimental results demonstrate that the SGE and SGS schemes are the most efficient techniques for embedded device authentication and bursty server authentication, respectively.

bursty server authentication

standard model

Online/offline digital signature schemes

embedded dvice authentication

Digital signatures.

Computer networks -- Access control.

Computer networks -- Security measures.

Hazard mitigation and disaster preparedness planning at American Coastal University: Seeking the disaster-resistant university.

Osburn, Toby W.

12 1900

This study employed a qualitative case study method to evaluate the efforts of one university to conduct hazard mitigation and disaster preparedness planning activities and used the Federal Emergency Management Agency framework and selected writings of sociologist and disaster researcher E.L. Quarantelli as models for evaluating the institution's approach. The institution studied was assigned a fictitious name and the identities of the study participants withheld in order to protect the integrity of the institution's planning efforts and its personnel. The study utilized a 92-item questionnaire, field interviews, and review and analysis of documentary materials provided by the institution for data collection purposes. Pattern-matching techniques were applied to identify themes and trends that emerged through the course of data collection. The results indicate the institution has developed an organizational culture that is broadly responsive to and engaged in disaster preparedness planning at multiple levels in a manner generally consistent with principles identified in select writings of Quarantelli. Results further indicate the institution has engaged in identifying hazard mitigation priorities but not in a manner consistent with that advocated by the Federal Emergency Management Agency in its publication entitled Building a Disaster-Resistant University.

disaster

higher education

Hazard mitigation

emergency management

Emergency management -- United States.

Contribuições e avaliações das arquiteturas para as VPNs convergentes com escalabilidade, segurança e qualidade de serviço / Contributions and assessments for converging VPN architectures with scalability, security and quality of service

Boava, Adão

18 August 2018

Orientador: Yuzo Iano / Tese (doutorado) - Universidade Estadual de Campinas, Faculdade de Engenharia Elétrica e de Computação / Made available in DSpace on 2018-08-18T15:52:00Z (GMT). No. of bitstreams: 1 Boava_Adao_D.pdf: 10725757 bytes, checksum: b362a8b8e87465a0da12692a4fe7633f (MD5) Previous issue date: 2011 / Resumo: Os próximos anos prometem ser os das tecnologias das redes de nova geração para as operadoras de telecomunicações, fornecedores de equipamentos e usuários, com ênfase na integração das redes móveis sem fio, como 3G e 4G, com as redes fixas tradicionais, integração essa chamada às vezes de convergência das redes. Como consequência da convergência, vive-se um momento em que várias operadoras de telecomunicações fixas e móveis começaram a oferecer alguns serviços básicos de banda larga e os fornecedores de equipamentos iniciaram o processo de homologação de tais serviços, sendo que basicamente o único serviço disponível pelas operadoras que utilizam as redes de banda larga móveis e fixa é o acesso à internet. Esta tese apresenta alternativas para integrar as redes fixas com as redes móveis das operadoras a fim de oferecer serviços de VPNs (Virtual Private Network) fixo - móveis para aplicações que exijam mobilidade, baixo custo, qualidade de serviço, conectividade e segurança com alta escalabilidade. Para oferecer a mobilidade, são apresentadas as principais soluções de acesso banda larga para a formação de MVPN (Mobile Virtual Private Network). Essas são analisadas e avaliadas a fim de mostrar suas deficiências para utilização em acessos das VPNs. A qualidade de serviço, conectividade, segurança e escalabilidade serão alcançadas com a implementação do protocolo MPLS (Multi-Protocol Label Switching) no núcleo da rede. A implementação do MPLS no núcleo da rede consolida o transporte para as diversas tecnologias de acesso sem fio e com fio, reduzindo os custos operacionais das operadoras e tornando a redes mais escaláveis e confiáveis, preparando, assim, a operadora para as redes de acesso de quarta geração (4G). A partir dos requisitos das aplicações que irão trafegar na VPN, são propostas novas contribuições para as VPNs fixo - móveis para que estas atendam a esses requisitos com alta escalabilidade, mobilidade, segurança, conectividade e qualidade de serviço para o usuário e a operadora. Para validar as novas contribuições propostas, foi implementado um ambiente de teste para avaliar a conectividade e isolamento das VPNs e a qualidade de serviço. Duas propostas para resolver o problema de escalabilidade das VPNs são apresentadas, uma baseada em lista de controle de acesso ACL (Access Control List) e outra baseada em firewall. Também é apresentada uma proposta de IPSec (IP Security Protocol) sobre MPLS para resolver o problema de erros de configuração quando cometidos pelas operadoras de telecom / Abstract: The following years will be dominated by next generation network technology for telecommunication providers, equipment suppliers and users who emphasize the integration of mobile wireless networks such as 3G and 4G with traditional fixed networks - an integration often dubbed as network convergence. As a consequence of convergence, it is possible to observe that various fixed and mobile telecommunication providers are beginning to offer basic broadband services and equipment suppliers have initiated corresponding homologation processes, in which the only service made available by providers that utilize mobile and fixed broadband networks is internet access. This thesis presents alternatives to integrate the fixed and mobile network of providers so as to offer MVPN (Mobile Virtual Private Network) and fixed services for application that require mobility, low cost, quality of service, connectivity and security with high scalability. The main solutions for broadband access for MVPN formation are presented to offer mobility. These solutions are analyzed and assessed in order to show their deficiencies for the utilization in VPN accessing. Quality of service, connectivity, security and scalability will be reached with the implementation of MPLS (Multi-Protocol Label Switching) in the core network. The implementation of MPLS in the core network consolidates transportation for several wireless and fixed access technologies, reducing the operational costs of providers, making networks more scalable and trustworthy, thereby preparing the provider for fourth generation (4G) access networks. Based on the requirements of the applications that will travel in the VPN, new contributions are proposed for fixed-mobile VPNs so that it meets these requirements with high scalability, mobility, security, connectivity and quality of service, both for the user and the provider. To validate the proposed contributions a test environment was implemented to evaluate the connectivity and isolation of the VPNs and the quality of service. Two proposals to solve the VPN scalability problems are presented, one based on ACL (Access Control List) and the other based on firewall. An IPSec (IP Security Protocol) on MPLS proposal is also presented in order to solve configuration errors made by telecommunication providers / Doutorado / Telecomunicações e Telemática / Doutor em Engenharia Elétrica

Comunicação movel

Redes de comunicação

Sistemas de comunicação sem fio

Mobile communication

Communication networks

Wireless communication systems

Computer networks - Security measures

Criptografia visual : método de alinhamento automático de parcelas utilizando dispositivos móveis / Visual cryptography : automatic alignment method using mobile devices

Pietz, Franz, 1983-

12 November 2014

Orientador: Julio Cesar López Hernández / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-27T12:14:05Z (GMT). No. of bitstreams: 1 Pietz_Franz_M.pdf: 27442530 bytes, checksum: 1648252389eb63cf26ca0525be124bda (MD5) Previous issue date: 2014 / Resumo: A criptografia visual é um método de compartilhamento de segredos proposto por Naor em Shamir no artigo ''Criptografia Visual'' de 1994. Nele, uma imagem secreta é dividida em um conjunto de parcelas, sendo necessário sobrepor um número mínimo de parcelas para decodificarmos o segredo visualmente, sem nenhum tipo de dispositivo ou cálculo criptográfico; e analisando as parcelas isoladamente, não é possível recuperar nenhuma informação sobre a imagem secreta original. O esquema é considerado seguro e pode ser comparado com as cifras de one-time-pad, também chamadas de cifras perfeitas, devido à dificuldade do atacante obter o segredo ou parte dele. Existem propostas para a utilização de criptografia visual em protocolos de autenticação, como autenticação de transações bancárias e verificação de legitimidade de produtos. Entretanto, esse método possui problemas como definição do segredo recuperado, baixo contraste e desvios de alinhamento, que é o problema mais sensível. Nossa proposta mostra como utilizar um dispositivo móvel, como smartphone ou tablet, para realizar o alinhamento automático de parcelas e auxiliar o usuário no processo de recuperação de segredos encriptados utilizando criptografia visual. Para isso, utilizamos a câmera do dispositivo móvel para torná-lo uma ''transparência'' e técnicas de análise de imagens para localizar uma parcela exibida em um monitor ou impressa na embalagem de um produto, e sobrepô-la com uma parcela presente no dispositivo móvel, permitindo a visualização do segredo recuperado na tela do dispositivo. A utilização de um dispositivo móvel traz vantagens imediatas, como facilidade para a entrega de parcelas no momento da transação, sem necessidade de guardar informação previamente / Abstract: Visual cryptography is a secret sharing method proposed by Naor and Shamir in the paper ''Visual Cryptography'', in 1994. It split a secret image into a set of shares, so that we need to stack a minimum number of shares to visually decode the secret image without the help of hardware or computation, and analyzing the shares alone is not possible to obtain any information about the secret image. The scheme is considered safe and can be compared to the one-time-pad cyphers, also called perfect cyphers, due to the difficulty of an attacker to obtain the secret or part of it. There are proposals to use visual cryptography in authentication protocols, such as in bank transactions and product's legitimacy verification. But these methods have problems with recovered secret's definition, low contrast and misalignment of the shares, which is the most sensitive. Our proposal shows how to use a mobile device, such as smartphone or tablet, to perform automatic alignment of the shares and to assist a user to recover a secret encrypted using visual cryptography. For this, we use the device camera to turn it into a ''transparency'' and image analysis techniques to locate a share that can be displayed on a monitor or printed on the packaging of a product, and overlay it with a second share present on the mobile device, allowing the visualization of the recovered secret on the device's display. Using a mobile device brings immediate advantages, such as easy delivery of shares at the transaction's time, without having to store information in advance / Mestrado / Ciência da Computação / Mestre em Ciência da Computação

Criptografia visual

Computação móvel

Criptografia de dados (Computação)

Visual cryptography

Mobile computing

Data encryption (Computer science)

Projeto, construção e teste de protótipo de maca para transporte de crianças de um até dez anos de idades / Design, construction and test of prototype of gurney for transport of children from one until ten years old

Tavares, Alan Ferreira Pinheiro, 1989-

27 August 2018

Orientador: Antonio Celso Fonseca de Arruda / Dissertação (mestrado) - Universidade Estadual de Campinas, Faculdade de Engenharia Mecânica / Made available in DSpace on 2018-08-27T21:51:49Z (GMT). No. of bitstreams: 1 Tavares_AlanFerreiraPinheiro_M.pdf: 45828556 bytes, checksum: df420c63706176638cd3d63b5f5ba1c0 (MD5) Previous issue date: 2015 / Resumo: No transporte, por ambulâncias, as crianças estão expostas a riscos fatais ao serem transportadas em macas de adultos as quais não atendem a antropometria infantil. A situação é agravada ao considerar o fato das ambulâncias se locomoverem em altas velocidades e necessitarem frequentemente reduzi-las de modo abrupto. Neste cenário, buscou-se projetar, construir e testar um protótipo de maca com um sistema de retenção eficaz para transportes emergenciais de crianças. O diferencial do projeto em relação às outras macas infantis, existentes no mercado internacional, está na versatilidade de realizar transportes tanto em ambulâncias quanto em áreas de resgate de difícil acesso veicular. O projeto de maca infantil possibilita atender uma ampla gama de pacientes de pequeno porte desde crianças na faixa etária de 1 (um) ano até 10 (dez) anos de idade. Trata-se de uma maca desenvolvida para rápido manuseio e armazenagem por ser dobrável e de fácil instalação sobre qualquer maca de adulto normatizada pela ABNT. O principal fator de segurança está vinculado ao sistema de retenção regulável, com facilidade de rápida fixação e remoção da criança. Foram realizados testes de impacto, com velocidade aproximada de 18 (dezoito) km/h, utilizando a maca de adulto e a maca infantil. O manequim com massa de 22 kg, representativo de uma criança de 6 (seis) anos de idade, foi instalado nas posições sentado e deitado. Os dados coletados, via um programa computacional Kinovea adequado para análise de biomecânica, permitiram estimar o deslocamento do manequim com grande precisão. Utilizou-se um aplicativo instalado em um celular com sistema operacional Android para registrar as desacelerações ocorridas no momento do impacto. A maca infantil apresentou uma retenção significativamente superior à obtida com a maca de adulto, tanto no deslocamento da cabeça quanto do tronco do manequim. Na posição deitado, o manequim chegou a ser ejetado para fora da maca, o que nunca ocorreu utilizando a maca infantil. Os testes realizados com o protótipo da maca validaram o projeto e a solução construtiva que estão vinculados a uma patente a ser depositada no Brasil / Abstract: In transportation, for ambulances, children are exposed to fatal risks by transported in adult gurneys that are not adapted to child anthropometry. The situation is escalated when considering the fact that the ambulances move up in high speeds and with frequently need to reduce abruptly velocity. In this field, we tried to design, build and test a prototype gurney with an effective restraint system for emergency transport children. The differential of the project regards to other children gurneys that exist in the international market; its versatility to perform both transport in ambulances and possible land rescue. Child gurney enables a wide range of small patients from children with one (1) until ten (10) years old, designed for fast handling and storage by be foldable and easy to install on any adult gurney standardized by ABNT. The main safety factor is linked to the adjustable retention system with facility for rapid attachment and the child's removal. Impact tests were performed, with an approximate speed of 18 (twenty) km / h, using the adult gurney and child gurney. The dummy with mass 22 kg, representing a child with 6 (six) years old, was installed in sitting and lying positions. Data collected via a computer program Kinovea suitable for biomechanical analysis, allowed to estimate displacement of the dummy with great precision. It was used a smartphone based on Android operational system to register decelerations occurred on impact. Child gurney had a higher retention regarding to adult gurney both the displacement of the head when the dummy torso restraint. In two teste with lying position, the dummy was ejected out of the gurney, fact that had never happened with child gurney. Tests conducted with the prototype gurney validated the project and the constructive solution that are bind to a patent to will be implanted in Brazil / Mestrado / Materiais e Processos de Fabricação / Mestre em Engenharia Mecânica

Transportes - Medidas de segurança

Hospitais - Mobiliário e equipamento

Crianças - Hospitais

Transport - Security measures

Child restraint devices

Children - Hospitals

Designing secure, JAVA based online registration systems to meet peak load performance targets

Chen, Tang-Li

01 January 2004

This project "Designing Secure, Java Based Online Registration Systems to Meet Peak Load Performance Targets" is a simulation of a Web-based exposition management system plus a performance testing procedure to examine this web application.

Web site development

Java (Computer program language)

Computer security -- Case studies

Application software -- Development

Online databases

Software Engineering

Návrh zavedení bezpečnostních opatření ve společnosti vyvíjející software / Proposal for the Implementation of Security Measures in the Software Development Company

Štěpánek, Daniel

January 2017

Master's thesis focuses on proposal for the implementation of security measures in the software development company. Theoretical section defines chosen information security terms. Analytical section deals with analysis and assessment of current security situation in the company. Solution proposal contains risk analysis, proposal of security measures for risk treatment and economic evaluation.

Akvizice služby pro zabezpečení emailové komunikace dle ISMS / Acquisition of email communication security service according to ISMS

Foltýn, Adam

January 2018

The diploma thesis focuses on a proposal of acquisition of email communication security service according to ISMS for a company which provides trading services on financial markets. The thesis is divided into three parts. In the theoretical part, necessary terms and theoretical essentials are explained in order to ensure understanding of the following parts of the thesis. The following analytical part describes the company's current security status of information. As a solution in the final part of the thesis, partial risk analyses are conducted. Based on these, suitable options for email communication security measures are proposed as well as their the economical evaluation.

Návrh zavedení ISMS ve firmě / Proposal for the ISMS Implementation in the Company

Trunkát, Jan

January 2015

The master´s thesis is aimed at Proposal for the information security management system implementation in the company. It introduces with basic concepts of information security and provides general procedures for information security management system. As part of the work was carried out a risk analysis company and proposed measures to reduce risk. Work is mainly drawn from the series of standards ISO/IEC 27000.

Návrh ISMS v průmyslovém prostředí / Design of ISMS in Industrial Environment

Kuchařík, Lukáš

January 2016

The master’s thesis is aimed at the proposal of network infrastructure and introduction of the managerial system for the safety of information in the industrial environment. At the beginning the work is focused on theoretical knowledge concerning the safety of information wherein it describes basic concepts and common procedures of the managerial system of the safety of information. Further, the work deals with risk analysis in which the measures for reduction in hazard are suggested. The proposal for a new network infrastructure is finally carried out. The work draws the information from CSN standards ISO/IEC, series 27000.