Physical Sciences and Mathematics Commons^™

Secure And Efficient Delegation Of A Single And Multiple Exponentiations To A Single Malicious Server, Matluba Khodjaeva

Dissertations, Theses, and Capstone Projects

Group exponentiation is an important operation used in many cryptographic protocols, specifically public-key cryptosystems such as RSA, Diffie Hellman, ElGamal, etc. To expand the applicability of group exponentiation to computationally weaker devices, procedures were established by which to delegate this operation from a computationally weaker client to a computationally stronger server. However, solving this problem with a single, possibly malicious, server, has remained open since a formal cryptographic model was introduced by Hohenberger and Lysyanskaya in 2005. Several later attempts either failed to achieve privacy or only achieved constant security probability.

In this dissertation, we study and solve this problem …

Enforcing Database Security On Cloud Using A Trusted Third Party Based Model, Victor Fuentes Tello

Graduate Theses and Dissertations

Cloud computing offers a considerable number of advantages to clients and organizations that use several capabilities to store sensitive data, interact with applications, or use technology infrastructure to perform daily activities. The development of new models in cloud computing brings with it a series of elements that must be considered by companies, particularly when the sensitive data needs to be protected. There are some concerns related to security that need to be taken into consideration when a service provider manage and store the data in a location outside the company. In this research, a model that uses a trusted third …

Malware Analysis And Privacy Policy Enforcement Techniques For Android Applications, Aisha Ibrahim Ali-Gombe

University of New Orleans Theses and Dissertations

The rapid increase in mobile malware and deployment of over-privileged applications over the years has been of great concern to the security community. Encroaching on user’s privacy, mobile applications (apps) increasingly exploit various sensitive data on mobile devices. The information gathered by these applications is sufficient to uniquely and accurately profile users and can cause tremendous personal and financial damage.

On Android specifically, the security and privacy holes in the operating system and framework code has created a whole new dynamic for malware and privacy exploitation. This research work seeks to develop novel analysis techniques that monitor Android applications for …

Practical Attacks On Cryptographically End-To-End Verifiable Internet Voting Systems, Nicholas Chang-Fong

Electronic Thesis and Dissertation Repository

Cryptographic end-to-end verifiable voting technologies concern themselves with the provision of a more trustworthy, transparent, and robust elections. To provide voting systems with more transparency and accountability throughout the process while preserving privacy which allows voters to express their true intent.

Helios Voting is one of these systems---an online platform where anyone can easily host their own cryptographically end-to-end verifiable election, aiming to bring verifiable voting to the masses. Helios does this by providing explicit cryptographic checks that an election was counted correctly, checks that any member of the public can independently verify. All of this while still protecting one …

Tradeoffs In Protocol Designs For Collaborative Authentication, Jacob Venne

USF Tampa Graduate Theses and Dissertations

Authentication is a crucial tool used in access control mechanisms to verify a user’s identity. Collaborative Authentication (co-authentication) is a newly proposed authentication scheme designed to improve on traditional token authentication. Co-authentication works by using multiple user devices as tokens to collaborate in a challenge and authenticate a user request on single device.

This thesis adds two contributions to the co-authentication project. First, a detailed survey of applications that are suitable for adopting co-authentication is presented. Second, an analysis of tradeoffs between varying protocol designs of co-authentication is performed to determine whether, and how, any designs are superior to other …

Contextualizing Secure Information System Design: A Socio-Technical Approach, Abdul Rahim Charif

CCE Theses and Dissertations

Secure Information Systems (SIS) design paradigms have evolved in generations to adapt to IS security needs. However, modern IS are still vulnerable and are far from secure. The development of an underlying IS cannot be reduced to “technological fixes” neither is the design of SIS. Technical security cannot ensure IS security. Generations of SIS design paradigms have evolved, all with their own sets of shortcomings. A SIS design paradigm must meet well-defined requirements, yet contemporary paradigms do not meet all these requirements. Current SIS design paradigms are not easily applicable to IS. They lack a comprehensive modeling support and ignore …

Exploring Security, Privacy, And Reliability Strategies To Enable The Adoption Of Iot, Daud Alyas Kamin

Walden Dissertations and Doctoral Studies

The Internet of things (IoT) is a technology that will enable machine-to-machine communication and eventually set the stage for self-driving cars, smart cities, and remote care for patients. However, some barriers that organizations face prevent them from the adoption of IoT. The purpose of this qualitative exploratory case study was to explore strategies that organization information technology (IT) leaders use for security, privacy, and reliability to enable the adoption of IoT devices. The study population included organization IT leaders who had knowledge or perceptions of security, privacy, and reliability strategies to adopt IoT at an organization in the eastern region …

How Attitude Toward The Behavior, Subjective Norm, And Perceived Behavioral Control Affects Information Security Behavior Intention, David Philip Johnson

Walden Dissertations and Doctoral Studies

The education sector is at high risk for information security (InfoSec) breaches and in need of improved security practices. Achieving data protections cannot be through technical means alone. Addressing the human behavior factor is required. Security education, training, and awareness (SETA) programs are an effective method of addressing human InfoSec behavior. Applying sociobehavioral theories to InfoSec research provides information to aid IT security program managers in developing improved SETA programs. The purpose of this correlational study was to examine through the theoretical lens of the theory of planned behavior (TPB) how attitude toward the behavior (ATT), subjective norm (SN), and …