Global ETD Search

1	SDP And VPN For Remote Access : A Comparative Study And Performance Evaluation Sintaro, Abel Tariku, Komolafe, Yemi Emmanuel January 2021 (has links) Remote access is a way of providing access to networks from outside the premises of the network. Virtual Private Network (VPN) is one solution used to provide remote access. Software-Defined Perimeter (SDP) is another solution that is capable of providing access to resources from a remote location. These two technologies use different security models yet provide comparable remote access functionalities. This thesis project investigates the basic components, architecture, and security services of SDP and IPSec VPN. Additionally, a performance evaluation is conducted on SDPand VPN on their connection setup time and network throughput. Our result shows that both SDP and VPN provide secure access, however, SDP has additional features that make it a more secure solution. This thesis project is written in the hopes that it can help enterprises with or without a VPN solution already in place to consider SDP as an alternative solution and learn SDP in comparison with VPN. Zero-Trust security model Perimeter-based security model Software- defined perimeter IPSec VPN performance evaluation comparative study Computer Systems Datorsystem Communication Systems Kommunikationssystem
2	A user centric security model for tamper-resistant devices Akram, Raja January 2012 (has links) In this thesis, we propose a ubiquitous and interoperable device based on the smart card architecture to meet the challenges of privacy, trust, and security for traditional and emerging technologies like personal computers, smart phones and tablets. Such a device is referred as User Centric Tamper-Resistant Device (UCTD). To support the smart card architecture for the UCTD initiative, we propose the delegation of smart card ownership from a stringent centralised authority (i.e. the card issuer) to users. This delegation mandated the review of existing smart card mechanisms and their adequate modifications/improvements. Since the inception of smart card technology, the most prevalent ownership model in the smart card industry has been the Issuer Centric Smart Card Ownership Model (ICOM). The ICOM has no doubt played a pivotal role in the proliferation of the technology into various segments of modern life. However, it has been a barrier to the convergence of different services on a smart card. In addition, it might be considered as a hurdle to the adaption of smart card technology into a general-purpose security device. To avoid these issues, we propose citizen ownership of smart cards, referred as the User Centric Smart Card Ownership Model (UCOM). Contrary to the ICOM, it gives the power of decision to install or delete an application on a smart card to its user. The ownership of corresponding applications remains with their respective application providers along with the choice to lease their application to a card or not. In addition, based on the UCOM framework, we also proposed the Coopetitive Architecture for Smart Cards (CASC) that merges the centralised control of card issuers with the provision of application choice to the card user. In the core of the thesis, we analyse the suitability of the existing smart card architectures for the UCOM. This leads to the proposal of three major contributions spanning the smart card architecture, the application management framework, and the execution environment. Furthermore, we propose protocols for the application installation mechanism and the application sharing mechanism (i.e. smart card firewall). In addition to this, we propose a framework for backing-up, migrating, and restoring the smart card contents. Finally, we provide the test implementation results of the proposed protocols along with their performance measures. The protocols are then compared in terms of features and performance with existing smart cards and internet protocols. In order to provide a more detailed analysis of proposed protocols and for the sake of completeness, we performed mechanical formal analysis using the CasperFDR. 006.246
3	Kompiuterių tinklų saugos modelių sudarymas / Design of Computer Network Security Ališauskaitė, Vaida 28 January 2008 (has links) Magistriniame darbe išanalizuoti įvairios paskirties saugos modeliai. Pagal gautus rezultatus sudarytas apibendrintas informacijos saugos praradimo riziką įvertitnantis kompiuterių tinklų saugos modelis. Sukurta grėsmę keliančius įvykius aptinkanti sistema. / The master's work analysis different types of security models. It also proposes a new computer network security reference model, which includes risk management process. A suspicious network events detection system is designed to make network monitoring easier. Informatics Kompiuterių tinklai Saugos sistemos Saugos modelis Computer network Security systems Security model
4	Reliacinių duomenų bazių saugumo modelio tyrimas / The research on security model of relational databases Brobliauskas, Žilvinas 28 August 2009 (has links) Žilvino Brobliausko magistro studijų baigiamajame darbe atliekamas daugiašalio reliacinių duomenų bazių saugumo modelio teorinis tyrimas: suformuluojami pagrindiniai reikalavimai, keliami tokio tipo modeliui; pasiūlomas modelis, leidžiantis vykdyti paiešką ir taikyti sumos, bei vidurkio agregatines funkcijas neiššifruojant skaitinių duomenų RDBVS pusėje; nurodomi pateikto modelio privalumai ir trūkumai. Pateikiama demonstracinė programa, realizuojanti pasiūlytą modelį. / The multilateral security model of relational databases is analyzed in master thesis of Žilvinas Brobliauskas. The results of research includes: the formulated requirements for multilateral security model of relational databases, proposed model, which allows range queries and aggregation functions over encrypted data without decrypting them at RDBMS level, and determined advantages and disadvantages of it. The program which realizes proposed model is given as proof of concept. Informatics Reliacinės duomenų bazės Saugumas Daugiašalis saugumo modelis Relational databases Security Multilateral security model
5	Techniques for Detection of Malicious Packet Drops in Networks Desai, Vikram R 01 January 2012 (has links) (PDF) The introduction of programmability and dynamic protocol deployment in routers, there would be an increase in the potential vulnerabilities and attacks . The next- generation Internet promises to provide a fundamental shift in the underlying architecture to support dynamic deployment of network protocols. In this thesis, we consider the problem of detecting malicious packet drops in routers. Specifically, we focus on an attack scenario, where a router selectively drops packets destined for another node. Detecting such an attack is challenging since it requires differentiating malicious packet drops from congestion-based packet losses. We propose a controller- based malicious packet detection technique that effectively detects malicious routers using delayed sampling technique and verification of the evidence. The verification involves periodically determining congestion losses in the network and comparing the forwarding behaviors of the adjoining routers to affirm the state of a router in the network. We provide a performance analysis of the detection accuracy and quantify the communication overhead of our system. Our results show that our technique provides accurate detection with low performance overhead. Internet Packet Drop Distributed Detection Controller Security Security Model Digital Communications and Networking
6	A Security Analysis of Smartphones Verma, Ishita 08 1900 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / This work analyzes and discusses the current security environment of today's (and future) smartphones, and proposes a security model which will reduce smartphone vulnerabilities, preserving privacy, integrity and availability of smartphone native applications to authorized parties. For this purpose, we begin with an overlook of current smartphone security standards, and explore the threats, vulnerabilities and attacks on them, that have been uncovered so far with existing popular smartphones. We also look ahead at the future uses of the smartphones, and the security threats that these newer applications would introduce. We use this knowledge to construct a mathematical model, which gives way to policies that should be followed to secure the smartphone under the model. We finally discuss existing and proposed security mechanisms that can be incorporated in the smartphone architecture to meet the set policies, and thus the set security standards. security model mechanisms security policies Smartphones -- Security measures Mobile computing -- Security measures Data protection
7	Proposta de uma metodologia de medição e priorização de segurança de acesso para aplicações WEB. / Proposal of a methodology for measuring and prioritization access security for WEB applications. Colombo, Regina Maria Thienne 26 March 2014 (has links) Em um mundo tecnológico e globalmente interconectado, em que indivíduos e organizações executam transações na web com frequência, a questão da segurança de software é imprescindível, ela é necessária em diversos nichos: segurança das redes de computadores, dos computadores e dos softwares. A implantação de um sistema de segurança que abrange todos os aspectos é extensa e complexa, ao mesmo tempo em que a exploração de vulnerabilidades e ataques é exponencialmente crescente. Por causa da natureza do software e de sua disponibilidade na web, a garantia de segurança nunca será total, porém é possível planejar, implementar, medir e avaliar o sistema de segurança e finalmente melhorá-la. Atualmente, o conhecimento específico em segurança é detalhado e fragmentado em seus diversos nichos, a visão entre os especialistas de segurança é sempre muito ligada ao ambiente interno da computação. A medição de atributos de segurança é um meio de conhecer e acompanhar o estado da segurança de um software. Esta pesquisa tem como objetivo apresentar uma abordagem top-down para medição da segurança de acesso de aplicações web. A partir de um conjunto de propriedades de segurança reconhecidas mundialmente, porém propriedades estas intangíveis, é proposta uma metodologia de medição e priorização de atributos de segurança para conhecer o nível de segurança de aplicações web e tomar as ações necessárias para sua melhoria. Define-se um modelo de referência para segurança de acesso e o método processo de análise hierárquica apoia a obtenção de atributos mensuráveis e visualização do estado da segurança de acesso de uma aplicação web. / In a technological world and globally interconnected, in which individuals and organizations perform transactions on the web often, the issue of software security is essential, it is needed in several niches: security of computer networks, computers and software. The implementation of a security system that covers all aspects is extensive and complex, while the exploitation of vulnerabilities and attacks are increasing exponentially. Because of the nature of software and its availability on the web, ensure security will never be complete, but it is possible to plan, implement, measure and evaluate the security system and ultimately improve it. Currently, the specific knowledge in security is detailed and fragmented into its various niches; the view among security experts is always connected to the internal environment of computing. The measurement of security attributes is a way to know and monitor the state of software security. This research aims to present a top-down approach for measuring the access security of web applications. From a set of security properties globally recognized, however these intangible properties, I propose a measurement methodology and prioritization of security attributes to meet the security level of web applications and take necessary actions for improvement. It is defined a reference model for access security and a method of analytic hierarchy process to support the achievement of measurable attributes and status of the access security of a web application. Access security model AHP AHP Aplicação WEB Medição de segurança Modelo de segurança de acesso Security measurement Segurança de software Software security WEB application
8	Proposta de uma metodologia de medição e priorização de segurança de acesso para aplicações WEB. / Proposal of a methodology for measuring and prioritization access security for WEB applications. Regina Maria Thienne Colombo 26 March 2014 (has links) Em um mundo tecnológico e globalmente interconectado, em que indivíduos e organizações executam transações na web com frequência, a questão da segurança de software é imprescindível, ela é necessária em diversos nichos: segurança das redes de computadores, dos computadores e dos softwares. A implantação de um sistema de segurança que abrange todos os aspectos é extensa e complexa, ao mesmo tempo em que a exploração de vulnerabilidades e ataques é exponencialmente crescente. Por causa da natureza do software e de sua disponibilidade na web, a garantia de segurança nunca será total, porém é possível planejar, implementar, medir e avaliar o sistema de segurança e finalmente melhorá-la. Atualmente, o conhecimento específico em segurança é detalhado e fragmentado em seus diversos nichos, a visão entre os especialistas de segurança é sempre muito ligada ao ambiente interno da computação. A medição de atributos de segurança é um meio de conhecer e acompanhar o estado da segurança de um software. Esta pesquisa tem como objetivo apresentar uma abordagem top-down para medição da segurança de acesso de aplicações web. A partir de um conjunto de propriedades de segurança reconhecidas mundialmente, porém propriedades estas intangíveis, é proposta uma metodologia de medição e priorização de atributos de segurança para conhecer o nível de segurança de aplicações web e tomar as ações necessárias para sua melhoria. Define-se um modelo de referência para segurança de acesso e o método processo de análise hierárquica apoia a obtenção de atributos mensuráveis e visualização do estado da segurança de acesso de uma aplicação web. / In a technological world and globally interconnected, in which individuals and organizations perform transactions on the web often, the issue of software security is essential, it is needed in several niches: security of computer networks, computers and software. The implementation of a security system that covers all aspects is extensive and complex, while the exploitation of vulnerabilities and attacks are increasing exponentially. Because of the nature of software and its availability on the web, ensure security will never be complete, but it is possible to plan, implement, measure and evaluate the security system and ultimately improve it. Currently, the specific knowledge in security is detailed and fragmented into its various niches; the view among security experts is always connected to the internal environment of computing. The measurement of security attributes is a way to know and monitor the state of software security. This research aims to present a top-down approach for measuring the access security of web applications. From a set of security properties globally recognized, however these intangible properties, I propose a measurement methodology and prioritization of security attributes to meet the security level of web applications and take necessary actions for improvement. It is defined a reference model for access security and a method of analytic hierarchy process to support the achievement of measurable attributes and status of the access security of a web application. AHP Aplicação WEB Medição de segurança Modelo de segurança de acesso Segurança de software Access security model AHP Security measurement Software security WEB application
9	Towards ensuring scalability, interoperability and efficient access control in a triple-domain grid-based environment Nureni Ayofe, Azeez January 2012 (has links) Philosophiae Doctor - PhD / The high rate of grid computing adoption, both in academe and industry, has posed challenges regarding efficient access control, interoperability and scalability. Although several methods have been proposed to address these grid computing challenges, none has proven to be completely efficient and dependable. To tackle these challenges, a novel access control architecture framework, a triple-domain grid-based environment, modelled on role based access control, was developed. The architecture’s framework assumes three domains, each domain with an independent Local Security Monitoring Unit and a Central Security Monitoring Unit that monitors security for the entire grid.The architecture was evaluated and implemented using the G3S, grid security services simulator, meta-query language as “cross-domain” queries and Java Runtime Environment 1.7.0.5 for implementing the workflows that define the model’s task. The simulation results show that the developed architecture is reliable and efficient if measured against the observed parameters and entities. This proposed framework for access control also proved to be interoperable and scalable within the parameters tested. Grid computing Computational grid Sensitive information Authorization Authentication Interoperability Scalability Security model Triple domain grid based environment
10	The Chain-Link Fence Model: A Framework for Creating Security Procedures Houghton, Robert F. 01 May 2013 (has links) A long standing problem in information technology security is how to help reduce the security footprint. Many specific proposals exist to address specific problems in information technology security. Most information technology solutions need to be repeatable throughout the course of an information systems lifecycle. The Chain-Link Fence Model is a new model for creating and implementing information technology procedures. This model was validated by two different methods: the first being interviews with experts in the field of information technology and the second being four distinct case studies demonstrating the creation and implementation of information technology procedures. (169 pages) Computer Security Framework Creation IS Security Security Framework Security Model Security Procedures Business Information Security Management Information Systems

Search results