Systems Architecture Commons^™

A Conceptual Decentralized Identity Solution For State Government, Martin Duclos

Theses and Dissertations

In recent years, state governments, exemplified by Mississippi, have significantly expanded their online service offerings to reduce costs and improve efficiency. However, this shift has led to challenges in managing digital identities effectively, with multiple fragmented solutions in use. This paper proposes a Self-Sovereign Identity (SSI) framework based on distributed ledger technology. SSI grants individuals control over their digital identities, enhancing privacy and security without relying on a centralized authority. The contributions of this research include increased efficiency, improved privacy and security, enhanced user satisfaction, and reduced costs in state government digital identity management. The paper provides background on digital …

Torsh: Obfuscating Consumer Internet-Of-Things Traffic With A Collaborative Smart-Home Router Network, Adam Vandenbussche

Dartmouth College Undergraduate Theses

When consumers install Internet-connected "smart devices" in their homes, metadata arising from the communications between these devices and their cloud-based service providers enables adversaries privy to this traffic to profile users, even when adequate encryption is used. Internet service providers (ISPs) are one potential adversary privy to users’ incom- ing and outgoing Internet traffic and either currently use this insight to assemble and sell consumer advertising profiles or may in the future do so. With existing defenses against such profiling falling short of meeting user preferences and abilities, there is a need for a novel solution that empowers consumers to …

Information Provenance For Mobile Health Data, Taylor A. Hardin

Dartmouth College Ph.D Dissertations

Mobile health (mHealth) apps and devices are increasingly popular for health research, clinical treatment and personal wellness, as they offer the ability to continuously monitor aspects of individuals' health as they go about their everyday activities. Many believe that combining the data produced by these mHealth apps and devices may give healthcare-related service providers and researchers a more holistic view of an individual's health, increase the quality of service, and reduce operating costs. For such mHealth data to be considered useful though, data consumers need to be assured that the authenticity and the integrity of the data has remained intact---especially …

Cybersecurity Methods For Grid-Connected Power Electronics, Stephen Joe Moquin

Graduate Theses and Dissertations

The present work shows a secure-by-design process, defense-in-depth method, and security techniques for a secure distributed energy resource. The distributed energy resource is a cybersecure, solar inverter and battery energy storage system prototype, collectively called the Cybersecure Power Router. Consideration is given to the use of the Smart Green Power Node for a foundation of the present work. Metrics for controller security are investigated to evaluate firmware security techniques. The prototype's ability to mitigate, respond to, and recover from firmware integrity degradation is examined. The prototype shows many working security techniques within the context of a grid-connected, distributed energy resource. …

Iot-Hass: A Framework For Protecting Smart Home Environment, Tarig Mudawi

Masters Theses & Doctoral Dissertations

While many solutions have been proposed for smart home security, the problem that no single solution fully protects the smart home environment still exists. In this research we propose a security framework to protect the smart home environment. The proposed framework includes three engines that complement each other to protect the smart home IoT devices. The first engine is an IDS/IPS module that monitors all traffic in the home network and then detects, alerts users, and/or blocks packets using anomaly-based detection. The second engine works as a device management module that scans and verifies IoT devices in the home network, …

The Performance Cost Of Security, Lucy R. Bowen

Master's Theses

Historically, performance has been the most important feature when optimizing computer hardware. Modern processors are so highly optimized that every cycle of computation time matters. However, this practice of optimizing for performance at all costs has been called into question by new microarchitectural attacks, e.g. Meltdown and Spectre. Microarchitectural attacks exploit the effects of microarchitectural components or optimizations in order to leak data to an attacker. These attacks have caused processor manufacturers to introduce performance impacting mitigations in both software and silicon.

To investigate the performance impact of the various mitigations, a test suite of forty-seven different tests was created. …

Context-Sensitive Auto-Sanitization For Php, Jared M. Smith, Richard J. Connor, David P. Cunningham, Kyle G. Bashour, Walter T. Work

Chancellor’s Honors Program Projects

No abstract provided.

Trust Based Privacy Policy Enforcement In Cloud Computing, Karthick Ramachandran

Electronic Thesis and Dissertation Repository

Cloud computing offers opportunities for organizations to reduce IT costs by using the computation and storage of a remote provider. Despite the benefits offered by cloud computing paradigm, organizations are still wary of delegating their computation and storage to a cloud service provider due to trust concerns. The trust issues with the cloud can be addressed by a combination of regulatory frameworks and supporting technologies. Privacy Enhancing Technologies (PET) and remote attestation provide the technologies for addressing the trust concerns. PET provides proactive measures through cryptography and selective dissemination of data to the client. Remote attestation mechanisms provides reactive measures …

Security Frameworks For Machine-To-Machine Devices And Networks, Michael Demblewski

CCE Theses and Dissertations

Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and …

Capturing And Analyzing Network Traffic From Common Mobile Devices For Security And Privacy, Billy Overton

Undergraduate Honors Theses

Mobile devices such as tablets and smartphones are becoming more common, and they are holding more information. This includes private information such as contacts, financial data, and passwords. At the same time these devices have network capability with access to the Internet being a prime feature. Little research has been done in observing the network traffic produced by these mobile devices. To determine if private information was being transmitted without user knowledge, the mobile capture lab and a set of procedures have been created to observe, capture and analyze the network traffic produced by mobile devices. The effectiveness of the …

Jess – A Java Security Scanner For Eclipse, Russell Spitler

Honors Theses

Secure software is the responsibility of every developer. In order to help a developer with this responsibility there are many automated source code security auditors. These tools perform a variety of functions, from finding calls to insecure functions to poorly generated random numbers. These programs have existed for years and perform the security audit with varying degrees of success.

Largely missing in the world of programming is such a security auditor for the Java programming language. Currently, Fortify Software produces the only Java source code security auditor; this is a commercially available package.

This void is what inspired JeSS, Java …