Global ETD Search

11	Skjult IP-kommunikasjon basert på Domain Name System (DNS) / Covert channels in Domain Name System (DNS) Karstensen, Lasse January 2010 (has links) I denne rapporten undersøkes det om det er mulig å detektere IP-over-DNS -trafikk gjennom en navnetjener automatisk. Bakgrunn for oppgavevalget var et utsagn av Nussbaum m.fl. som sa at eneste mulighet en systemadministrator hadde for å begrense IP-over-DNS generelt var båndbreddebegrensninger av klienter. Dette er undersøkt i laboratoriet, og alle kjente måter for å gjøre IP-over-DNS er prøvd ut eksperimentelt.Rapporten gir to hovedbidrag: 1) det argumenteres for at det er mulig å detektere IP-over-DNS -trafikk automatisk og uten særlig mange falske alarmer, samt 2) gruppering av båndbreddeforbruk per mottakerdomene ser ut til å være den beste teknikken for å gjøre dette. Arbeidet er gjort eksperimentelt og iterativt, og kildekode som implementerer samtlige utprøvde teknikker er vedlagt. ntnudaim:5439 SIE7 kommunikasjonsteknologi Nett og tjenester
12	Increasing Identity Governance when using OpenID : Hosting an OpenID Identity Provider on a smartphone Stien, Eirik January 2011 (has links) In the area of identity management OpenID is an identity system allowing users to log in to OpenID-enabled web sites by proving ownership of an OpenID Identifier by authenticating with its controlling OpenID Identity Provider. A user can choose to host an OpenID Identity Provider herself or trust in existing third-party providers such as Google. Technical skill is required for the former, leaving it unavailable for the average user.This thesis simplifies the matter by implementing an OpenID Identity Provider as a smartphone application, making use of the traditional server-like features inherent in such devices. New possiblities for authenticating the user arise as she is enabled to physically interact with the OpenID Identity Provider, which in the traditional scheme is performed through the web browser. As a result from these new possiblities, phishing attacks are claimed to be avoided and identity attributes are exempted from being controlled and possibly exploited by any third-party.One of several technical challenges include enabling the smartphone to receive inbound connections as this is required by the OpenID Authentication protocol, but restricted by telecom operators by default. Functionality must be in place to backup identity repositories stored on the smartphone in order not to lose possession of the established OpenID identities if the device becomes lost or damaged. Lastly, focus is given to make the solution easily applicable for even the novice consumer. ntnudaim:6123 MTKOM kommunikasjonsteknologi Nett og tjenester
13	Privacy Policies for Location-Aware Social Network Services Hjulstad, Ingrid January 2011 (has links) The combination of location-awareness and social networks has introduced systems containing an increased amount of protection-worthy personal information, creating the need for improved privacy control from a user point of view.End-user privacy requirements were derived from identified end-user privacy preferences. These requirements were used to evaluate current Location-Aware Social Network Services' (LASNSs') end-user privacy control as well as help develop relevant enhancements.These requirements allows users to be able to control (if they wish) which of the objects related to them are accessed by whom, in what way and under which conditions. Two enhancement ideas which together helps fulfill this requirement have been presented. The few LASNSs offering the user access control rule specification only provides a small list of pre-defined subjects (e.g. "Friends", "Everyone"). This list is too limited for specification of many fine-grained privacy preferences. With a more extensive implementation of Role Based Access Control (RBAC) in LASNSs, with the user as the system administrator of roles, users will be able to create roles (e.g "colleague", "close friend", "family"), assign them to their connections, and specify these roles as subjects in access control rules. The user will also be allowed to specify conditions, under which subject(s)/role(s) can access an object. These conditions can be based on system attributes of the object owner (e.g location), the subject requesting access (e.g age) or external attributes (e.g time). A suitable user-friendly access control user interface has been proposed, showing how this can be presented in an effective and understandable way to the user. A few example user privacy preferences, each one representing one of the identified end-user privacy control requirements have been translated from data sent to the system through the proposed interface, into formal languages like Datalog and XACML.Current end-user privacy control can be improved, by making more fine-grained access control rule specification possible, through the proposed enhancements, suitable both from an end-user perspective and from a developer's point of view. ntnudaim:6112 MTKOM kommunikasjonsteknologi Nett og tjenester
14	Privacy services for mobile devices Bø, Solvår, Pedersen, Stian Rene January 2011 (has links) Recent studies have shown that privacy on mobile devices is not properly ensured. Due to a heavy increase of smartphones in the market, in addition to a variety of third-party applications, a demand for improved solutions concerning privacy has arisen. Our objective is to extend users' ability to control applications' access to resources at run-time. We investigate whether such a solution is adequate or not, in order to properly maintain privacy. We propose a design that provides a higher degree of control by allowing users to set preferences that determines what personal information to share. Previous efforts only give users a binary choice on whether to fake personal information or not. We offer a more flexible solution that allows users to set preferences with a higher degree of granularity. We implement selected parts from our design, in order to evaluate whether this solution serves as a utility or not. Further evaluation is a necessity in order to fully accept or reject the idea. However, our initial results are promising. ntnudaim:5955 MTKOM kommunikasjonsteknologi Nett og tjenester
15	Advanced Electronic Signature Azizi, Fazel Ahmad January 2011 (has links) DiFi, Altinn and Lånekassen will implement a national digital signature to sign document submissions and mutual agreements. It is anticipated that a pilot will be launched in 2012.A digital signature is very different to a hand signature, for instance how to establish what you actually sign. Moreover, the verification of a digital signature requires a correct and valid public key, whereas a handwritten signature is physically produced by a person.The candidate of this project will try to understand the signature applications of Altinn and Lånekassen, then analyze the proposed digital signature architecture and standards to be used in the DiFi pilot and assess the utility and security of this solution compared to the existing Altinn "login signature".Furthermore, the candidate will try to identify one or more parts of the architecture that can be given an alternative solution, and state the arguments that support that this will be an improvement. If time allows, experimental results in software that support the claims may be carried out. ntnudaim:6232 MTKOM kommunikasjonsteknologi Nett og tjenester
16	End-User service composition framework and application Kulstad, Rune Bleken January 2012 (has links) In todays public market Mobile phones has become a part of everyday life. The introduc-tion of Smart Phones has created a new market for services and applications for the Smart Phones. Many of these users would benefit of customizing their own services to fulfil their needs. This can be achieved with end-user service composition. End-user service composition enables the user to compose their own services from already existing components to provide val-ue added services. In this Master Thesis a service composition tool consisting of the two applica-tions Easy Composer and EasyDroid is presented. The idea of the tool is that ordinary people without technical background will be able to quickly compose their own services in a simple manner. The existing tool has been in development for a while, but still lack some sufficient quality in terms of usability and utility for ordinary people to make use of it. Utility means what the tool can be utilized to, and usability means the user-friendliness and usefulness. In this Mas-ter Thesis a new system has been made for the service composition tool. The Easy Composer application has been discarded and new web based GUI has replaced its functionality. In addi-tion, the EasyDroid application has been remade and a new server side has been developed. Fur-thermore, the communication between the different parts has been improved. The usability and utility of the previous system has been considerably improved in the new system. In other words the existing functionality has been made more user friendly and new functionality has been added to the tool. The goal is that the service composition tool would have the sufficient quality and novelty for ordinary users to embrace it. ntnudaim:7489 MTKOM kommunikasjonsteknologi Tjenester og systemutvikling
17	Composition of New Features into a Wireless Nurse Call System Morey I Pasqual, Antoni January 2011 (has links) Healthcare needs are evolving constantly, some of these needs are already being covered by current technology but some are still not. This thesis offers a critical review of former work relating to ICT and hospitals, evaluating the hospital needs from a communication point of view and examining the most relevant alternatives to provide wireless communication in healthcare. An analysis of the nurse call system currently in use at St. Olavs Hospital (Trondheim, Norway) is also provided along several viable alternatives to reengineer it.The aforementioned system has been fully characterized and modeled from scratch using UML 2.3 and the resulting reengineered version has been discussed in detail. Two new features that could enhance the users satisfaction with the system have been identified (assistance call and lunch break) and implemented into it in a way that minimizes the modifications made to the system, in order to facilitate a possible implementation on the existing system at St. Olavs Hospital.One issue that remains to be solved are the delays: all the wireless communication options reviewed have them (from 20 seconds to 2 minutes, depending on the technology), which makes them unsuitable for emergency situations where time is of the essence. Although that doesnt mean that they are useless, it simply means that an alternate communication method is necessary for those situations, which can be used to complement the wireless system by adding a level of redundancy to it. ntnudaim:5828 SIE7 kommunikasjonsteknologi Nett og tjenester
18	End-to-End Data Protection of SMS Messages Øztarman, Jo Mehmet Sollihagen January 2011 (has links) Short Message Service (SMS) has become a very commonly used service. It does not only work as a substitute for voice telephony, but is also used for automated services. Some of these service are related to security issues like SMS banking, or one time passwords, even though SMS messages can be spoofed or eavesdropped.We propose a design where we add security to SMS by making an easily configurable module that utilizes a fast cryptographic scheme called Elliptic Curve Signcryption. To prove our concept, we implement an SMS client for Android smart phones that utilizes our security module and serves end-to-end data protection of SMS messages with the same security level as Top Secret content. ntnudaim:6188 MTKOM kommunikasjonsteknologi Nett og tjenester
19	Decoding GSM Glendrange, Magnus, Hove, Kristian, Hvideberg, Espen January 2010 (has links) We have participated in the creation of almost two terabytes of tables aimed at cracking A5/1, the most common ciphering algorithm used in GSM. Given 114-bit of known plaintext, we are able to recover the session key with a hit rate of 19%. The tables are expected to be unique as they provide the best coverage yet known to the authors, and they are the first step in a real-world passive attack against GSM. An initial investigation and analysis into the air interface of GSM were performed, from both a theoretical and practical point of view. These examinations would be essential in order to utilize the generated tables in a practical attack.Additionally, a rogue GSM network was built and deployed without enabling ciphering and frequency hopping. This active attack was purely based on open-source software and hardware, implying that real GSM networks could be spoofed with resources available to the general public. ntnudaim:5478 SIE7 kommunikasjonsteknologi Nett og tjenester Telematikk
20	Cloud Storage Vault Haver, Eirik, Melvold, Eivind, Ruud, Pål January 2011 (has links) Today, major IT-companies, such as Microsoft, Amazon and Google, are offering online storage services to their customers. This is a favourable solution -- as opposed to regular storage -- in terms of low costs, reliability, scalability and capacity. However, important security features such as data privacy and integrity are often absent.To address these issues, a cryptographic architecture is proposed that ensures the confidentiality and integrity of the data stored by users, independent of the trust of the provider. This includes secure sharing of private data among users of the same service.The underlying cryptographic architecture is based on existing open source systems and cryptographic primitives. The architecture was implemented as a reusable general library in Java. An Android client was created, and several performance tests were conducted. The proof of concept system shows that it is possible to implement the proposed scheme, and that the cryptographic operations does not significantly affect the user experience on an Android device. Possible weaknesses of the scheme are identified.We present a scheme for secure storage and sharing of files on an untrusted server, and argue for its validity. To support streaming functionality, the scheme could be extended with hash trees to validate small parts of a file at the time. ntnudaim:6023 MTKOM kommunikasjonsteknologi Nett og tjenester Informasjonssikkerhet

Search results