Current Search:  Computer networks -- Access control (x)

View All Items

  • CSV Spreadsheet
(1 - 9 of 9)
Password-authenticated two-party key exchange with long-term security
Title
Password-authenticated two-party key exchange with long-term security.
Creator
Gao, WeiZheng., Charles E. Schmidt College of Science, Department of Mathematical Sciences
Abstract/Description
In the design of two-party key exchange it is common to rely on a Die-Hellman type hardness assumption in connection with elliptic curves. Unlike the case of nite elds, breaking multiple instances of the underlying hardness assumption is here considered substantially more expensive than breaking a single instance. Prominent protocols such as SPEKE [12] or J-PAKE [8, 9, 10] do not exploit this, and here we propose a password-authenticated key establishment where the security builds on the...
Show moreIn the design of two-party key exchange it is common to rely on a Die-Hellman type hardness assumption in connection with elliptic curves. Unlike the case of nite elds, breaking multiple instances of the underlying hardness assumption is here considered substantially more expensive than breaking a single instance. Prominent protocols such as SPEKE [12] or J-PAKE [8, 9, 10] do not exploit this, and here we propose a password-authenticated key establishment where the security builds on the intractability of solving a specied number of instances v of the underlying computational problem. Such a design strategy seems particularly interesting when aiming at long-term security guarantees for a protocol, where expensive special purpose equipment might become available to an adversary. In this thesis, we give one protocol for the special case when v = 1 in the random oracle model, then we provide the generalized protocol in the random oracle model and a variant of the generalized protocol in the standard model for v being a polynomial of the security parameter `.
Show less
Date Issued
2012
PURL
http://purl.flvc.org/FAU/3342105
Subject Headings
Data encryption (Computer science), Computer networks (Security measures), Software protection, Computers, Access control, Passwords
Format
Document (PDF)
Resource-sensitive intrusion detection models for network traffic
Title
Resource-sensitive intrusion detection models for network traffic.
Creator
Abushadi, Mohamed E., Florida Atlantic University, Khoshgoftaar, Taghi M.
Abstract/Description
Network security is an important subject in today's extensively interconnected computer world. The industry, academic institutions, small and large businesses and even residences are now greatly at risk from the increasing onslaught of computer attacks. Such malicious efforts cause damage ranging from mere violation of confidentiality and issues of privacy up to actual financial loss if business operations are compromised, or even further, loss of human lives in the case of mission-critical...
Show moreNetwork security is an important subject in today's extensively interconnected computer world. The industry, academic institutions, small and large businesses and even residences are now greatly at risk from the increasing onslaught of computer attacks. Such malicious efforts cause damage ranging from mere violation of confidentiality and issues of privacy up to actual financial loss if business operations are compromised, or even further, loss of human lives in the case of mission-critical networked computer applications. Intrusion Detection Systems (IDS) have been used along with the help of data mining modeling efforts to detect intruders, yet with the limitation of organizational resources it is unreasonable to inspect every network alarm raised by the IDS. Modified Expected Cost of Misclassification ( MECM) is a model selection measure that is resource-aware and cost-sensitive at the same time, and has proven to be effective for the identification of the best resource-based intrusion detection model.
Show less
Date Issued
2003
PURL
http://purl.flvc.org/fcla/dt/13054
Subject Headings
Computer networks--Security measures--Automation, Computers--Access control, Data mining, Computer security
Format
Document (PDF)
Techniques for combining binary classifiers: A comparative study in network intrusion detection systems
Title
Techniques for combining binary classifiers: A comparative study in network intrusion detection systems.
Creator
Lin, Hua., Florida Atlantic University, Khoshgoftaar, Taghi M., College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
Abstract/Description
We discuss a set of indirect combining techniques for addressing multi-category classification problems that have been used in many domains, but not for intrusion detection systems. In contrast to the indirect combining techniques, direct techniques generally extend associated binary classifiers to handle multi-category classification problems. An indirect combining technique decomposes the original multi-category problem into, based on some criteria, multiple binary-category problems. We...
Show moreWe discuss a set of indirect combining techniques for addressing multi-category classification problems that have been used in many domains, but not for intrusion detection systems. In contrast to the indirect combining techniques, direct techniques generally extend associated binary classifiers to handle multi-category classification problems. An indirect combining technique decomposes the original multi-category problem into, based on some criteria, multiple binary-category problems. We investigated two different approaches for building the binary classifiers. The results of the binary classifiers are then merged using a combining technique---three different combining techniques were studied. We implement some of the indirect combining techniques proposed in recent literature, and apply them to a case study of the DARPA KDD-1999 network intrusion detection project. The results demonstrate the usefulness of using indirect combining techniques for the multi-category classification problem of intrusion detection systems.
Show less
Date Issued
2004
PURL
http://purl.flvc.org/fcla/dt/13111
Subject Headings
Computer networks--Security measures, Computer security, Computers--Access control, Electronic countermeasures, Fuzzy systems
Format
Document (PDF)
Web services cryptographic patterns
Title
Web services cryptographic patterns.
Creator
Hashizume, Keiko., College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
Abstract/Description
Data security has been identified as one of the most important concerns where sensitive messages are exchanged over the network. In web service architecture, multiple distributed applications communicate with each other over the network by sending XML messages. How can we protect these sensitive messages? Some web services standards have emerged to tackle this problem. The XML Encryption standard defines the process of encrypting and decrypting all of an XML message, part of an XML message,...
Show moreData security has been identified as one of the most important concerns where sensitive messages are exchanged over the network. In web service architecture, multiple distributed applications communicate with each other over the network by sending XML messages. How can we protect these sensitive messages? Some web services standards have emerged to tackle this problem. The XML Encryption standard defines the process of encrypting and decrypting all of an XML message, part of an XML message, or even an external resource. Like XML Encryption, the XML Signature standard specifies how to digitally sign an entire XML message, part of an XML message, or an external object. WS-Security defines how to embed security tokens, XML encryption, and XML signature into XML documents. It does not define new security mechanisms, but leverages existing security technologies such as encryption and digital signature.
Show less
Date Issued
2009
PURL
http://purl.flvc.org/FAU/216413
Subject Headings
Computer networks, Access control, Data encryption (Computer science), XML (Document markup language), Digital signatures, Computer network architectures
Format
Document (PDF)
study of Internet-based control of processes
Title
A study of Internet-based control of processes.
Creator
Popescu, Cristian., Florida Atlantic University, Zhuang, Hanqi, Wang, Yuan, College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
Abstract/Description
In certain applications, one needs to control physical plants that operate in hazardous conditions. In such situations, it is necessary to acquire access to the controller from a different (remote) location through data communication networks, in order to interconnect the remote location and the controller. The use of such network linking between the plant and the controller may introduce network delays, which would affect adversely the performance of the process control. The main theoretical...
Show moreIn certain applications, one needs to control physical plants that operate in hazardous conditions. In such situations, it is necessary to acquire access to the controller from a different (remote) location through data communication networks, in order to interconnect the remote location and the controller. The use of such network linking between the plant and the controller may introduce network delays, which would affect adversely the performance of the process control. The main theoretical contribution of this thesis is to answer the following question: How large can a network delay be tolerated such that the delayed closed-loop system is locally asymptotically stable? An explicit time-independent bound for the delay is derived. In addition, various practical realizations for the remote control tasks are presented, utilizing a set of predefined classes for serial communication, data-acquisition modules and stream-based sockets. Due to the presence of a network, implementing an efficient control scheme is a not trivial problem. Hence, two practical frameworks for Internet-based control are illustrated in this thesis. Related implementation issues are addressed in detail. Examples and case studies are provided to demonstrate the effectiveness of the proposal approach.
Show less
Date Issued
2003
PURL
http://purl.flvc.org/fcla/dt/13073
Subject Headings
Time delay systems, Process control, Computer networks--Remote access, World Wide Web
Format
Document (PDF)
Controlling access to physical locations
Title
Controlling access to physical locations.
Creator
Desouza-Doucet, Ana C., Florida Atlantic University, Fernandez, Eduardo B.
Abstract/Description
The need to secure and control access to rooms in premises has shifted from allowing some people to enter a room to giving permission to specific persons to access a room and recording who entered the room and the time they spent in it. With such need for higher security in mind, we design an access control system for controlling physical access of people to locations or to specific units in these locations. Our study gives emphasis to the organization of physical locations, including nested...
Show moreThe need to secure and control access to rooms in premises has shifted from allowing some people to enter a room to giving permission to specific persons to access a room and recording who entered the room and the time they spent in it. With such need for higher security in mind, we design an access control system for controlling physical access of people to locations or to specific units in these locations. Our study gives emphasis to the organization of physical locations, including nested rooms, and the approach used to assign permission to people to access such locations. We also define some security policies to be used in such model as well as appropriate user interfaces. Finally, we develop two patterns based on our model.
Show less
Date Issued
2006
PURL
http://purl.flvc.org/fcla/dt/13328
Subject Headings
Software architecture, Computer networks--Access control, Computer security, Object-oriented programming (Computer science), Smart cards--Security measures
Format
Document (PDF)
A Study on Partially Homomorphic Encryption Schemes
Title
A Study on Partially Homomorphic Encryption Schemes.
Creator
Mithila, Shifat P., Karabina, Koray, Florida Atlantic University, Charles E. Schmidt College of Science, Department of Mathematical Sciences
Abstract/Description
High processing time and implementation complexity of the fully homomorphic encryption schemes intrigued cryptographers to extend partially homomorphic encryption schemes to allow homomorphic computation for larger classes of polynomials. In this thesis, we study several public key and partially homomorphic schemes and discuss a recent technique for boosting linearly homomorphic encryption schemes. Further, we implement this boosting technique on CGS linearly homomorphic encryption scheme to...
Show moreHigh processing time and implementation complexity of the fully homomorphic encryption schemes intrigued cryptographers to extend partially homomorphic encryption schemes to allow homomorphic computation for larger classes of polynomials. In this thesis, we study several public key and partially homomorphic schemes and discuss a recent technique for boosting linearly homomorphic encryption schemes. Further, we implement this boosting technique on CGS linearly homomorphic encryption scheme to allow one single multiplication as well as arbitrary number of additions on encrypted plaintexts. We provide MAGMA source codes for the implementation of the CGS scheme along with the boosted CGS scheme.
Show less
Date Issued
2017
PURL
http://purl.flvc.org/fau/fd/FA00004840, http://purl.flvc.org/fau/fd/FA00004840
Subject Headings
Computer networks--Security measures., Computer security., Computers--Access control--Code words., Cyberinfrastructure., Computer network architectures., Cryptography., Number theory--Data processing.
Format
Document (PDF)
method for adding multimedia knowledge for improving intrusion detection systems
Title
A method for adding multimedia knowledge for improving intrusion detection systems.
Creator
Baillargeon, Pierre Elliott., Florida Atlantic University, Marques, Oge
Abstract/Description
Intrusion Detection Systems (IDS) are security tools which monitor systems and networks for malicious activity. In saturated network links the amount of data present for analysis can overwhelm them, resulting in potentially undetected attacks. Many of these network links contain significant amounts of multimedia traffic which may seem to contribute to the problem, however our work suggests otherwise. This thesis proposes a novel method to classify and analyze multimedia traffic in an effort...
Show moreIntrusion Detection Systems (IDS) are security tools which monitor systems and networks for malicious activity. In saturated network links the amount of data present for analysis can overwhelm them, resulting in potentially undetected attacks. Many of these network links contain significant amounts of multimedia traffic which may seem to contribute to the problem, however our work suggests otherwise. This thesis proposes a novel method to classify and analyze multimedia traffic in an effort to maximize the efficiency of IDS. By embedding multimedia-specific knowledge into IDS, trusted multimedia contents can be identified and allowed to bypass the detection engine, thereby allowing IDS to focus its limited resources on other traffic. The proposed framework also enables IDS to detect multimedia-specific exploits which would otherwise pass under the radar. Results of our experiments confirm our claims and show substantial CPU savings in both streaming and non-streaming scenarios.
Show less
Date Issued
2005
PURL
http://purl.flvc.org/fcla/dt/13242
Subject Headings
Computer networks--Security measures, Computers--Access control, Electronic countermeasures, Digital watermarking, Multimedia systems--Security measures
Format
Document (PDF)
Modeling access control of medical information
Title
Modeling access control of medical information.
Creator
Sorgente, Tami W., Florida Atlantic University, Fernandez, Eduardo B., College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
Abstract/Description
Medical information is very private and sensitive. With the digitization of medical data, it is becoming accessible through distributed systems, including the Internet. Access to all this information and appropriate exchange of data makes the job of health providers more effective, however, the number of people that can potentially access this information increases by orders of magnitude. Private health information is not well protected. We present guidelines for security models for medical...
Show moreMedical information is very private and sensitive. With the digitization of medical data, it is becoming accessible through distributed systems, including the Internet. Access to all this information and appropriate exchange of data makes the job of health providers more effective, however, the number of people that can potentially access this information increases by orders of magnitude. Private health information is not well protected. We present guidelines for security models for medical information systems. First, we model the structure of the medical information in the form of object-oriented patterns. Second, we study models and patterns in use today and compare them to our patterns. Next we define requirements necessary for controlling access, and describe the common policies and restrictions of security models for medical applications. We present some of the medical record access control restrictions directly in a conceptual model of the medical information.
Show less
Date Issued
2004
PURL
http://purl.flvc.org/fcla/dt/13163
Subject Headings
Medical records--Access control, Privacy, Right of, Freedom of information, Medical records--Data processing, Medicine--Research--Moral and ethical aspects, Confidential communications, Medical ethics, Information storage and retrieval systems--Medical care, Medical informatics, Computer security, Medicine--Computer networks
Format
Document (PDF)