Current Search:  Data protection (x)

View All Items

  • CSV Spreadsheet
(1 - 8 of 8)
Microprocessor design for non-discretionary multilevel security
Title
Microprocessor design for non-discretionary multilevel security.
Creator
Clifton, Daniel B., Florida Atlantic University, Fernandez, Eduardo B.
Abstract/Description
Microprocessor design for data security is examined with regard to both methodology and implementation. The examination begins with seven commercial 32-bit microprocessors which are evaluated against a set of previously published requirements for secure hardware. Then, the methodology and implementation of data secure microprocessor design is presented using an original design. The presentation includes a description of the security policy implemented, a model of secure operation, and a...
Show moreMicroprocessor design for data security is examined with regard to both methodology and implementation. The examination begins with seven commercial 32-bit microprocessors which are evaluated against a set of previously published requirements for secure hardware. Then, the methodology and implementation of data secure microprocessor design is presented using an original design. The presentation includes a description of the security policy implemented, a model of secure operation, and a detailed description of the design. The security-related overhead of the new design is compared to that of two commercial microprocessors. The design is then validated with a formal proof. Finally, the design is shown to protect against several generic attacks.
Show less
Date Issued
1988
PURL
http://purl.flvc.org/fcla/dt/14443
Subject Headings
Microprocessors, Data protection
Format
Document (PDF)
Data protection and management solutions to desktop clients: Integration with enterprise tools
Title
Data protection and management solutions to desktop clients: Integration with enterprise tools.
Creator
Jayavarapu, VenkataChalam S., Florida Atlantic University, Mahgoub, Imad, Goldflam, Mike
Abstract/Description
Today's Personal Computers (PC) do more work and hence hold more important and meaningful data than before. This demands the necessity of better PC data protection services. In this concern we surveyed three major PC data protection tools, namely, Seagate Corporation's Client-Exec, Computer Associates Cheyenne Backup, Xpoint Technologies Uptime and analyzed them in terms of Restore Time and Total Cost of Ownership. Though these standalone tools are good in terms of PC data protection, IT...
Show moreToday's Personal Computers (PC) do more work and hence hold more important and meaningful data than before. This demands the necessity of better PC data protection services. In this concern we surveyed three major PC data protection tools, namely, Seagate Corporation's Client-Exec, Computer Associates Cheyenne Backup, Xpoint Technologies Uptime and analyzed them in terms of Restore Time and Total Cost of Ownership. Though these standalone tools are good in terms of PC data protection, IT managers still prefer Enterprise tools because they offer better services in terms of usability, manageability and platform independency. Combining the two tools will benefit each other. Hence we developed a solution to this problem by integrating these two types of tools. Integration of third party products with System Management Server (SMS) extended its services. But in order to make this integration generic, independent of the Enterprise tool, Web Based Enterprise Management integration strategy is adopted. Integration with Adstar Distributed Storage Manager (ADSM) extended services of the third party product. Integration of third party products with SMS and ADSM combined the benefits of the two and WBEM integration showed that this is the future direction.
Show less
Date Issued
1999
PURL
http://purl.flvc.org/fcla/dt/15692
Subject Headings
Data protection, Microcomputers--Access control
Format
Document (PDF)
Cryptography in the presence of key-dependent messages
Title
Cryptography in the presence of key-dependent messages.
Creator
Gonzalez, Madeline., Charles E. Schmidt College of Science, Department of Mathematical Sciences
Abstract/Description
The aim of this work is to investigate a security model in which we allow an adversary to have access to functions of the secret key. In recent years, significant progress has been made in understanding the security of encryption schemes in the presence of key-dependent plaintexts or messages (known as KDM). Here, we motivate and explore the security of a setting, where an adversary against a message authentication code (MAC) or signature scheme can access signatures on key-dependent messages...
Show moreThe aim of this work is to investigate a security model in which we allow an adversary to have access to functions of the secret key. In recent years, significant progress has been made in understanding the security of encryption schemes in the presence of key-dependent plaintexts or messages (known as KDM). Here, we motivate and explore the security of a setting, where an adversary against a message authentication code (MAC) or signature scheme can access signatures on key-dependent messages. We propose a way to formalize the security of message authentication schemes in the presence of key-dependent MACs (KD-EUF) and of signature schemes in the presence of key-dependent signatures (KDS). An attack on a message recognition protocol involving a MAC is presented. It turns out that the situation is quite different from key-dependent encryption: To achieve KD-EUF-security or KDS-security under non-adaptive chosen message attacks, the use of a stateful signing algorithm is inevitable even in the random oracle model. After discussing the connection between key-dependent signing and forward security, we describe a compiler which lifts any EUF-CMA secure one-time signature scheme to a forward secure signature scheme offering KDS-CMA security. Then, we discuss how aggregate signatures can be used to combine the signatures in the certificate chain used in the compiler. A natural question arises about how to combine the security definitions of KDM and KDS to come up with a signcryption scheme that is secure. We also offer a connection with Leakage-Resilient Signatures, which take into account side-channel attacks. Lastly, we present some open problems for future research.
Show less
Date Issued
2009
PURL
http://purl.flvc.org/FAU/2182087
Subject Headings
Cryptography, Data processing, Digital signatures, Computer security, Data encryption (Computer science), Software protection
Format
Document (PDF)
APPLICATION OF BLOCKCHAIN NETWORK FOR THE USE OF INFORMATION SHARING
Title
APPLICATION OF BLOCKCHAIN NETWORK FOR THE USE OF INFORMATION SHARING.
Creator
Zamir, Linir, Liu, Feng-Hao, Florida Atlantic University, College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
Abstract/Description
The Blockchain concept was originally developed to provide security in the Bitcoin cryptocurrency network, where trust is achieved through the provision of an agreed-upon and immutable record of transactions between parties. The use of a Blockchain as a secure, publicly distributed ledger is applicable to fields beyond finance, and is an emerging area of research across many other fields in the industry. This thesis considers the feasibility of using a Blockchain to facilitate secured...
Show moreThe Blockchain concept was originally developed to provide security in the Bitcoin cryptocurrency network, where trust is achieved through the provision of an agreed-upon and immutable record of transactions between parties. The use of a Blockchain as a secure, publicly distributed ledger is applicable to fields beyond finance, and is an emerging area of research across many other fields in the industry. This thesis considers the feasibility of using a Blockchain to facilitate secured information sharing between parties, where a lack of trust and absence of central control are common characteristics. Implementation of a Blockchain Information Sharing system will be designed on an existing Blockchain network with as a communicative party members sharing secured information. The benefits and risks associated with using a public Blockchain for information sharing will also be discussed.
Show less
Date Issued
2019
PURL
http://purl.flvc.org/fau/fd/FA00013351
Subject Headings
Blockchains (Databases), Blockchains (Databases)--Industrial applications, Data encryption (Computer science), Personal data protection, Bitcoin
Format
Document (PDF)
Adaptive two-level watermarking for binary document images
Title
Adaptive two-level watermarking for binary document images.
Creator
Muharemagic, Edin., Florida Atlantic University, Furht, Borko, College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
Abstract/Description
In our society, large volumes of documents are exchanged on a daily basis. Since documents can easily be scanned, modified and reproduced without any loss in quality, unauthorized use and modification of documents is of major concern. An authentication watermark embedded into a document as an invisible, fragile mark can be used to detect illegal document modification. However, the authentication watermark can only be used to determine whether documents have been tampered with, and additional...
Show moreIn our society, large volumes of documents are exchanged on a daily basis. Since documents can easily be scanned, modified and reproduced without any loss in quality, unauthorized use and modification of documents is of major concern. An authentication watermark embedded into a document as an invisible, fragile mark can be used to detect illegal document modification. However, the authentication watermark can only be used to determine whether documents have been tampered with, and additional protection may be needed to prevent unauthorized use and distribution of those documents. A solution to this problem is a two-level, multipurpose watermark. The first level watermark is an authentication mark used to detect document tampering, while the second level watermark is a robust mark, which identifies the legitimate owner and/or user of specific document. This dissertation introduces a new adaptive two-level multipurpose watermarking scheme suitable for binary document images, such as scanned text, figures, engineering and road maps, architectural drawings, music scores, and handwritten text and sketches. This watermarking scheme uses uniform quantization and overlapped embedding to add two watermarks, one robust and the other fragile, into a binary document image. The two embedded watermarks serve different purposes. The robust watermark carries document owner or document user identification, and the fragile watermark confirms document authenticity and helps detect document tampering. Both watermarks can be extracted without accessing the original document image. The proposed watermarking scheme adaptively selects an image partitioning block size to optimize the embedding capacity, the image permutation key to minimize watermark detection error, and the size of local neighborhood in which modification candidate pixels are scored to minimize visible distortion of watermarked documents. Modification candidate pixels are scored using a novel, objective metric called the Structural Neighborhood Distortion Measure (SNDM). Experimental results confirm that this watermarking scheme, which embeds watermarks by modifying image pixels based on their SNDM scores, creates smaller visible document distortion than watermarking schemes which base watermark embedding on any other published pixel scoring method. Document tampering is detected successfully and the robust watermark can be detected even after document tampering renders the fragile watermark undetectable.
Show less
Date Issued
2004
PURL
http://purl.flvc.org/fau/fd/FADT12113
Subject Headings
Data encryption (Computer science), Computer security, Digital watermarking, Data protection, Image processing--Digital techniques, Watermarks
Format
Document (PDF)
SELECTED APPLICATIONS OF MPC
Title
SELECTED APPLICATIONS OF MPC.
Creator
Ghaseminejad, Mohammad Raeini, Liu, Feng-Hao, Nojoumian, Mehrdad, Florida Atlantic University, Department of Computer and Electrical Engineering and Computer Science, College of Engineering and Computer Science
Abstract/Description
Secure multiparty computation (secure MPC) is a computational paradigm that enables a group of parties to evaluate a public function on their private data without revealing the data (i.e., by preserving the privacy of their data). This computational approach, sometimes also referred to as secure function evaluation (SFE) and privacy-preserving computation, has attracted significant attention in the last couple of decades. It has been studied in different application domains, including in...
Show moreSecure multiparty computation (secure MPC) is a computational paradigm that enables a group of parties to evaluate a public function on their private data without revealing the data (i.e., by preserving the privacy of their data). This computational approach, sometimes also referred to as secure function evaluation (SFE) and privacy-preserving computation, has attracted significant attention in the last couple of decades. It has been studied in different application domains, including in privacy-preserving data mining and machine learning, secure signal processing, secure genome analysis, sealed-bid auctions, etc. There are different approaches for realizing secure MPC. Some commonly used approaches include secret sharing schemes, Yao's garbled circuits, and homomorphic encryption techniques. The main focus of this dissertation is to further investigate secure multiparty computation as an appealing area of research and to study its applications in different domains. We specifically focus on secure multiparty computation based on secret sharing and fully homomorphic encryption (FHE) schemes. We review the important theoretical foundations of these approaches and provide some novel applications for each of them. For the fully homomorphic encryption (FHE) part, we mainly focus on FHE schemes based on the LWE problem [142] or RLWE problem [109]. Particularly, we provide a C++ implementation for the ring variant of a third generation FHE scheme called the approximate eigenvector method (a.k.a., the GSW scheme) [67]. We then propose some novel approaches for homomorphic evaluation of common functionalities based on the implemented (R)LWE [142] and [109] and RGSW [38,58] schemes. We specifically present some constructions for homomorphic computation of pseudorandom functions (PRFs). For secure computation based on secret sharing [150], we provide some novel protocols for secure trust evaluation (STE). Our proposed STE techniques [137] enable the parties in trust and reputation systems (TRS) to securely assess their trust values in each other while they keep their input trust values private. It is worth mentioning that trust and reputation are social mechanisms which can be considered as soft security measures that complement hard security measures (e.g., cryptographic and secure multiparty computation techniques) [138, 171].
Show less
Date Issued
2022
PURL
http://purl.flvc.org/fau/fd/FA00014018
Subject Headings
Data encryption (Computer science), Computers, privacy and data protection, Computer security
Format
Document (PDF)
Password-authenticated two-party key exchange with long-term security
Title
Password-authenticated two-party key exchange with long-term security.
Creator
Gao, WeiZheng., Charles E. Schmidt College of Science, Department of Mathematical Sciences
Abstract/Description
In the design of two-party key exchange it is common to rely on a Die-Hellman type hardness assumption in connection with elliptic curves. Unlike the case of nite elds, breaking multiple instances of the underlying hardness assumption is here considered substantially more expensive than breaking a single instance. Prominent protocols such as SPEKE [12] or J-PAKE [8, 9, 10] do not exploit this, and here we propose a password-authenticated key establishment where the security builds on the...
Show moreIn the design of two-party key exchange it is common to rely on a Die-Hellman type hardness assumption in connection with elliptic curves. Unlike the case of nite elds, breaking multiple instances of the underlying hardness assumption is here considered substantially more expensive than breaking a single instance. Prominent protocols such as SPEKE [12] or J-PAKE [8, 9, 10] do not exploit this, and here we propose a password-authenticated key establishment where the security builds on the intractability of solving a specied number of instances v of the underlying computational problem. Such a design strategy seems particularly interesting when aiming at long-term security guarantees for a protocol, where expensive special purpose equipment might become available to an adversary. In this thesis, we give one protocol for the special case when v = 1 in the random oracle model, then we provide the generalized protocol in the random oracle model and a variant of the generalized protocol in the standard model for v being a polynomial of the security parameter `.
Show less
Date Issued
2012
PURL
http://purl.flvc.org/FAU/3342105
Subject Headings
Data encryption (Computer science), Computer networks (Security measures), Software protection, Computers, Access control, Passwords
Format
Document (PDF)
Machine learning algorithms for the analysis and detection of network attacks
Title
Machine learning algorithms for the analysis and detection of network attacks.
Creator
Najafabadi, Maryam Mousaarab, Khoshgoftaar, Taghi M., Florida Atlantic University, College of Engineering and Computer Science, Department of Computer and Electrical Engineering and Computer Science
Abstract/Description
The Internet and computer networks have become an important part of our organizations and everyday life. With the increase in our dependence on computers and communication networks, malicious activities have become increasingly prevalent. Network attacks are an important problem in today’s communication environments. The network traffic must be monitored and analyzed to detect malicious activities and attacks to ensure reliable functionality of the networks and security of users’ information....
Show moreThe Internet and computer networks have become an important part of our organizations and everyday life. With the increase in our dependence on computers and communication networks, malicious activities have become increasingly prevalent. Network attacks are an important problem in today’s communication environments. The network traffic must be monitored and analyzed to detect malicious activities and attacks to ensure reliable functionality of the networks and security of users’ information. Recently, machine learning techniques have been applied toward the detection of network attacks. Machine learning models are able to extract similarities and patterns in the network traffic. Unlike signature based methods, there is no need for manual analyses to extract attack patterns. Applying machine learning algorithms can automatically build predictive models for the detection of network attacks. This dissertation reports an empirical analysis of the usage of machine learning methods for the detection of network attacks. For this purpose, we study the detection of three common attacks in computer networks: SSH brute force, Man In The Middle (MITM) and application layer Distributed Denial of Service (DDoS) attacks. Using outdated and non-representative benchmark data, such as the DARPA dataset, in the intrusion detection domain, has caused a practical gap between building detection models and their actual deployment in a real computer network. To alleviate this limitation, we collect representative network data from a real production network for each attack type. Our analysis of each attack includes a detailed study of the usage of machine learning methods for its detection. This includes the motivation behind the proposed machine learning based detection approach, the data collection process, feature engineering, building predictive models and evaluating their performance. We also investigate the application of feature selection in building detection models for network attacks. Overall, this dissertation presents a thorough analysis on how machine learning techniques can be used to detect network attacks. We not only study a broad range of network attacks, but also study the application of different machine learning methods including classification, anomaly detection and feature selection for their detection at the host level and the network level.
Show less
Date Issued
2017
PURL
http://purl.flvc.org/fau/fd/FA00004882, http://purl.flvc.org/fau/fd/FA00004882
Subject Headings
Machine learning., Computer security., Data protection., Computer networks--Security measures.
Format
Document (PDF)