Engineering Commons^™

Paris: A Parallel Rsa-Prime Inspection Tool, Joseph R. White

Master's Theses

Modern-day computer security relies heavily on cryptography as a means to protect the data that we have become increasingly reliant on. As the Internet becomes more ubiquitous, methods of security must be better than ever. Validation tools can be leveraged to help increase our confidence and accountability for methods we employ to secure our systems.

Security validation, however, can be difficult and time-consuming. As our computational ability increases, calculations that were once considered “hard” due to length of computation, can now be done in minutes. We are constantly increasing the size of our keys and attempting to make computations harder …

Categorization Of Security Design Patterns, Jeremiah Y. Dangler

Electronic Theses and Dissertations

Strategies for software development often slight security-related considerations, due to the difficulty of developing realizable requirements, identifying and applying appropriate techniques, and teaching secure design. This work describes a three-part strategy for addressing these concerns. Part 1 provides detailed questions, derived from a two-level characterization of system security based on work by Chung et. al., to elicit precise requirements. Part 2 uses a novel framework for relating this characterization to previously published strategies, or patterns, for secure software development. Included case studies suggest the framework's effectiveness, involving the application of three patterns for secure design (Limited View, Role-Based Access Control, …

A Multi-Parameter Functional Side Channel Analysis Method For Hardware Trojan Detection In Untrusted Fpga Bitstreams, Christopher William Bell

USF Tampa Graduate Theses and Dissertations

Hardware Trojan Horses (HTHs or Trojans) are malicious design modifications intended to cause the design to function incorrectly. Globalization of the IC development industry has created new opportunities for rogue agents to compromise a design in such a way. Offshore foundries cannot always be trusted, and the use of trusted foundries is not always practical or economical. There is a pressing need for a method to reliably detect these Trojans, to prevent compromised designs from being put into production.

This thesis proposes a multi-parameter analysis method that is capable of reliably detecting function-altering and performance-degrading Trojans in FPGA bitstreams. It …

Assessing Network Security Through Automated Attack Graph Based Multi-Level Penetration Testing, Ahmed Mohamed Hassan

Archived Theses and Dissertations

Assessing network security can be done in many different ways like applying penetration testing against target network. Penetration testing follows actual steps like reconnaissance, scanning, exploit and logical access to compromised hosts. When attacker compromises a machine, he uses it as a pivot for attacking other machines and getting access to them. An attacker continues in this process till he explores the entire target network or till he reaches his endeavor. This shows that attacks are not a single step but, to reach attackers' goal, the attacker has to go through multiple steps. Many of the available exploitation tools depend …

Scalable Capability-Based Authorization For High-Performance Parallel File Systems, Nicholas Mills

All Theses

As the size and scale of supercomputers continues to increase at an
exponential rate the number of users on a given supercomputer will
only grow larger. A larger number of users on a supercomputer places a
greater importance on the strength of information security. Nowhere is
this requirement for security more apparent than the file system, as
users expect their data to be protected from accidental or deliberate
modification.
In spite of the ever-increasing demand for more secure file system
access the majority of parallel file systems do not implement a robust
security protocol for fear it will negatively impact …

A Secure On-Line Credit Card Transaction Method Based On Kerberos Authentication Protocol, Jung Eun Kim

UNLV Theses, Dissertations, Professional Papers, and Capstones

Nowadays, electronic payment system is an essential part of modern business. Credit cards or debit cards have been widely used for on-site or remote transactions, greatly reducing the need for inconvenient cash transactions. However, there have been a huge number of incidents of credit card frauds over the Internet due to the security weakness of electronic payment system. A number of solutions have been proposed in the past to prevent this problem, but most of them were inconvenient and did not satisfy the needs of cardholders and merchants at the same time.

In this thesis, we present a new secure …

Privacy-Preserving Attribute-Based Access Control In A Grid, Sang Mork Park

Browse all Theses and Dissertations

A Grid community is composed of diverse stake holders, such as data resource providers, computing resource providers, service providers, and the users of the resources and services. In traditional security systems for Grids, most of the authentication and authorization mechanisms are based on the user's identity or the user's classification information. If the authorization mechanism is based on the user's identity, fine-grained access control policies can be implemented but the scalability of the security system would be limited. If the authorization mechanism is based on the user's classification, the scalability can be improved but the fine-grained access control policies may …

Kerberos Phone Secure Messenger, Nabeel Al-Saber

Theses

Security is becoming vital in today's open insecure Internet. While popular Internet enabled mobile devices are spreading widely, the security of such platforms is not maturely addressed. This research extends the popular Kerberos authentication protocol to run on mobile phones and builds a novel Kerberos Secure Phone Messenger (KSPM) on top of the protocol. Moreover, the Kerberos network authentication protocol provides user authentication and message privacy with the convenience of secret key cryptography. Such an advantage in mobile phones helps reduce the computational burden and power consumption if compared with public key cryptography. KSPM achieves high standards in terms of …

Matrix Decomposition For Data Disclosure Control And Data Mining Applications, Jie Wang

University of Kentucky Doctoral Dissertations

Access to huge amounts of various data with private information brings out a dual demand for preservation of data privacy and correctness of knowledge discovery, which are two apparently contradictory tasks. Low-rank approximations generated by matrix decompositions are a fundamental element in this dissertation for the privacy preserving data mining (PPDM) applications. Two categories of PPDM are studied: data value hiding (DVH) and data pattern hiding (DPH). A matrix-decomposition-based framework is designed to incorporate matrix decomposition techniques into data preprocessing to distort original data sets. With respect to the challenge in the DVH, how to protect sensitive/confidential attribute values without …

Non-Repudiation Secure File Transfer Protocol (Nrsftp), Jerry Chen

Theses

Non Repudiation Secure File Transfer Protocol (NRSFTP) is designed to resolve three main concerns for today's electronic file transfer methodology. The three main concerns are Non-Repudiation, Secure, and Non-Real Time file transfer. Non-repudiation is to assure the receiver that the sender of the document is not an imposter. Secure document transfer is to assure the sender that only the intended receiver will be able to read the document. Non-real-time file transfer is to provide convenient and low cost transportability of the encrypted data from one party to another. With the above three concerns addressed, the NRSFTP protocol can be widely …

Jess – A Java Security Scanner For Eclipse, Russell Spitler

Honors Theses

Secure software is the responsibility of every developer. In order to help a developer with this responsibility there are many automated source code security auditors. These tools perform a variety of functions, from finding calls to insecure functions to poorly generated random numbers. These programs have existed for years and perform the security audit with varying degrees of success.

Largely missing in the world of programming is such a security auditor for the Java programming language. Currently, Fortify Software produces the only Java source code security auditor; this is a commercially available package.

This void is what inspired JeSS, Java …

Ip Traceback With Deterministic Packet Marking Dpm, Andrey Belenky

Dissertations

In this dissertation, a novel approach to Internet Protocol (IP) Traceback - Deterministic Packet Marking (DPM) is presented. The proposed approach is scalable, simple to implement, and introduces no bandwidth and practically no processing overhead on the network equipment. It is capable of tracing thousands of simultaneous attackers during a Distributed Denial of Service (DDoS) attack. Given sufficient deployment on the Internet, DPM is capable of tracing back to the slaves for DDoS attacks which involve reflectors. Most of the processing is done at the victim. The traceback process can be performed post-mortem, which allows for tracing the attacks that …

Building A Secure Intranet, Fred J. Berryman

Theses

This thesis will explain the vulnerabilities of computers in a networking environment and demonstrate proper procedures for building a secure Intranet.

The Internet is built around the concept of open communication. Data is shared around the globe just as easily as it is from one office or cubical to the next. Corporations are skeptical about putting company data on such a public transport mechanism as the Internet, but the tools used on the Internet are exciting and everyone wants to use them. Out of a desire for the best of both worlds, the Intranet was born.

An intranet that has …