Página 1 dos resultados de 21 itens digitais encontrados em 0.005 segundos

Efficient and secure protocols for privacy-preserving set operations

Sang, Y.; Shen, H.
Fonte: Association for Computing Machinery, Inc. Publicador: Association for Computing Machinery, Inc.
Tipo: Artigo de Revista Científica
Publicado em //2009 Português
Relevância na Pesquisa
27.424766%
Many applications require performing set operations without publishing individual datesets. In this article, we address this problem for five fundamental set operations including set intersection, cardinality of set intersection, element reduction, overthreshold set-union, and subset relation. Our protocols are obtained in the universally composable security framework, in the assumption of the probabilistic polynomial time bounded adversary, which actively controls a fixed set of t parties and the assumption of an authenticated broadcast channel. Our constructions utilize building blocks of nonmalleable NonInteractive Zero-Knowledge (NIZK) arguments, which are based on a (t + 1,N)-threshold version (N is the number of parties in the protocol) of the boneh-goh-nissim (BGN) cryptosystem whose underlying group supports bilinear maps, in the assumption that the public key and shares of the secret key have been generated by a trusted dealer. The previous studies were all based on the stand-alone model with the same assumptions on the adversary, broadcast channel, and key generation. For the first four operations, we propose protocols that improve the previously known results by an O(N) factor in the computation and communication complexities. For the subset relation...

Web-based dissemination system for the Trusted Computing Exemlar [i.e. Exemplar] project

Kane, Douglas Robert.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
48.188535%
Open dissemination of the Trusted Computing Exemplar (TCX) project is needed. This dissemination must include methods to provide secure web access to project material, integrity verification of data, and group-based access controls. Because previously developed dissemination systems do not meet these requirements, a hybrid web-based dissemination system is necessary. The development of the TCX Dissemination System requirements involved the analysis of assumptions, threats, policies, and security objectives for the system and its environment based on the Common Criteria methodology. The requirements yielded a design specification that included a dissemination application that uses XML capabilities for redaction and preparation of releasable materials. This led to the creation of an initial implementation to satisfy a subset of the TCX dissemination requirements. Future work was identified for a subsequent implementation that fulfills additional project requirements. The complete implementation of the dissemination environment described in this thesis will provide a seamless dissemination interface for the TCX project. The Dissemination System provides an example of how controlled information can be organized and made available on the web. When combined with TCX project results...

A Mail File Administration Tool for a Multilevel High Assurance LAN

Rossetti, Richard Kip
Fonte: Monterey, California: Naval Postgraduate School. Publicador: Monterey, California: Naval Postgraduate School.
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
27.898708%
Department of Defense official communications often require special protections to prevent accidental disclosure to unauthorized personnel. A Multilevel High Assurance LAN provides a framework for secure electronic communications, and obviates the need for multiple single level networks. A high assurance trusted computing base (TCB), allows untrusted commercial off-the-shelf (COTS) software, such as an Internet Message Access Protocol (IMAP) server, to run untrusted while access to the file system is mediated by the TCB. Control of creation and deletion of hierarchical structured objects, such as those in the file system, is based on the ability to write to the directory containing the object. For a mail server, this directory structure corresponds to a mailbox hierarchy. The mailbox hierarchy must be designed to allow users to read, create, and send mail at multiple levels. The purpose of this research is to develop a trusted process that automatically creates the mailbox hierarchy for any system user. A Mail File Administration Tool for a Multilevel High Assurance LAN allows administrators to easily set up IMAP-compatible mailboxes for each user. The tool assists in the management of the file structure and enables account administration for multiple LAN users and group accounts at multiple security levels.

Trusted Computing Exemplar: Life Cycle Management Plan

Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.; Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.
Fonte: Monterey, California. Naval Postgraduate School; Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School; Monterey, California. Naval Postgraduate School
Tipo: Relatório
Português
Relevância na Pesquisa
37.424766%
Approved for pubic release; distribution is unlimited; Approved for pubic release; distribution is unlimited; This document describes the Life Cycle Management Plan for the development of a high assurance secure product. A high assurance product is one for which its users have a high level of confidence that its security policies will be enforced continuously and correctly. Such products are constructed so that they can be analyzed for these characteristics. Lifecycle activities ensure that the product reflects the intent to ensure that the product is trustworthy and that vigorous efforts have been made to ensure the absence of unspecified functionality, whether accidental or intentional. The overall purpose and guiding principle for this document is to provide a methodology that will result in the creation of a product that will have a high level of assurance.

Trusted Computing Exemplar: Confuguration Management Plan

Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.; Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório
Português
Relevância na Pesquisa
37.424766%
Approved for public release; distribution is unlimited; Approved for public release; distribution is unlimited; This document describes the Life Cycle Management Plan for the development of a high assurance secure product. A high assurance product is one for which its users have a high level of confidence that its security policies will be enforced continuously and correctly. Such products are constructed so that they can be analyzed for these characteristics. Lifecycle activities ensure that the product reflects the intent to ensure that the product is trustworthy and that vigorous efforts have been made to ensure the absence of unspecified functionality, whether accidental or intentional. The purpose of this document is, first, to describe the high-level procedures and policy for Configuration Management (CM), and, second to create a CM plan that aims to ensure the integrity of the configuration items, track changes to the configuration items, and ensure that only authorized changes are made to the configurations items.

Trusted Computing Exemplar: Configuration Management Procedures

Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.; Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório
Português
Relevância na Pesquisa
37.424766%
Approved for public release; distribution is unlimited; Approved for public release; distribution is unlimited; This document describes the Life Cycle Management Plan for the development of a high assurance secure product. A high assurance product is one for which its users have a high level of confidence that its security policies will be enforced continuously and correctly. Such products are constructed so that they can be analyzed for these characteristics. Lifecycle activities ensure that the product reflects the intent to ensure that the product is trustworthy and that vigorous efforts have been made to ensure the absence of unspecified functionality, whether accidental or intentional. The purpose of this document is to outline the procedures for the Configuration Management (CM) process. These procedures are meant to provide lower-level details necessary to implement the process laid out in the Configuration Management Plan and to ensure consistency in the exercise of the process. Additional procedures are provided to interface with CM-specific applications, as described in Appendix H.

Trusted Computing Exemplar: Personnel Security Plan

Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.; Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório
Português
Relevância na Pesquisa
37.424766%
Approved for public release; distribution is unlimited; Approved for public release; distribution is unlimited; This document describes the Life Cycle Management Plan for the development of a high assurance secure product. A high assurance product is one for which its users have a high level of confidence that its security policies will be enforced continuously and correctly. Such products are constructed so that they can be analyzed for these characteristics. Lifecycle activities ensure that the product reflects the intent to ensure that the product is trustworthy and that vigorous efforts have been made to ensure the absence of unspecified functionality, whether accidental or intentional. The purpose of this plan is to provide the personnel policy necessary to protect the confidentiality and integrity of a product during the development and maintenance phases of its life cycle. Integrity is the primary concern of this plan, though confidentiality is not disregarded.

Trusted Computing Exemplar: Physical Security Plan

Clark, Paul C.; Hopfner, Phil; Irvine, Cynthia E.; Nguyen, Thuy D.; Clark, Paul C.; Hopfner, Phil; Irvine, Cynthia E.; Nguyen, Thuy D.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório
Português
Relevância na Pesquisa
37.424766%
Approved for public release; distribution is unlimited; Approved for public release; distribution is unlimited; This document describes the Life Cycle Management Plan for the development of a high assurance secure product. A high assurance product is one for which its users have a high level of confidence that its security policies will be enforced continuously and correctly. Such products are constructed so that they can be analyzed for these characteristics. Lifecycle activities ensure that the product reflects the intent to ensure that the product is trustworthy and that vigorous efforts have been made to ensure the absence of unspecified functionality, whether accidental or intentional. The purpose of this plan is to provide the policy necessary to ensure the physical protection of the product during its entire life cycle. Product integrity is the primary concern, though confidentiality is not disregarded.

Trusted Computing Exemplar: Software Development Standards

Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.; Shifflett, David; Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.; Shifflett, David
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório
Português
Relevância na Pesquisa
37.424766%
Approved for public release; distribution is unlimited; Approved for public release; distribution is unlimited; This document describes the Life Cycle Management Plan for the development of a high assurance secure product. A high assurance product is one for which its users have a high level of confidence that its security policies will be enforced continuously and correctly. Such products are constructed so that they can be analyzed for these characteristics. Lifecycle activities ensure that the product reflects the intent to ensure that the product is trustworthy and that vigorous efforts have been made to ensure the absence of unspecified functionality, whether accidental or intentional. This document provides policy and process for developing and approving software-related Configuration items (CIs), giving more detail than was covered in the Life Cycle Management Plan (LCMP). This document does not replace the LCMP, it expands on the principles and processes the LCMP defined, and should not conflict with the LCMP in any way. Other documents will describe the standards for hardware development.

Trusted Computing Exemplar: Low-level Design Document Standards

Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.; Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório
Português
Relevância na Pesquisa
37.424766%
Approved for public release; distribution is unlimited; Approved for public release; distribution is unlimited; This document describes the Life Cycle Management Plan for the development of a high assurance secure product. A high assurance product is one for which its users have a high level of confidence that its security policies will be enforced continuously and correctly. Such products are constructed so that they can be analyzed for these characteristics. Lifecycle activities ensure that the product reflects the intent to ensure that the product is trustworthy and that vigorous efforts have been made to ensure the absence of unspecified functionality, whether accidental or intentional. This document provides the standard format for writing low-level design documents. Low-level design documents provide a detailed description of one or more modules. The level of detail should be sufficient such that two independent implementations will produce functionally equivalent modules.

Trusted Computing Exemplar: Quality Assurance Plan

Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.; Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório
Português
Relevância na Pesquisa
37.424766%
Approved for public release; distribution is unlimited; Approved for public release; distribution is unlimited; This document describes the Life Cycle Management Plan for the development of a high assurance secure product. A high assurance product is one for which its users have a high level of confidence that its security policies will be enforced continuously and correctly. Such products are constructed so that they can be analyzed for these characteristics. Lifecycle activities ensure that the product reflects the intent to ensure that the product is trustworthy and that vigorous efforts have been made to ensure the absence of unspecified functionality, whether accidental or intentional. In particular, this document expands and unifies the testing requirements that are stated in the Life Cycle Management Plan, the Configuration Management Plan, and the Software Development Standards. This Quality Assurance (QA) Plan emphasizes requirements, restrictions, standards, responsibilities, etc., for these required tests. Specifically excluded from this plan, however, are the formal and semi-formal work, code correspondence, and covert channel analysis. In addition, there will need to be independent re-testing and penetration testing performed. It is also recognized that quality means more than just source code testing (such as conformance to documentation standards...

Trusted Computing Exemplar: Trusted Distribution Plan - Preliminary Design

Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.; Clark, Paul C.; Irvine, Cynthia E.; Nguyen, Thuy D.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório
Português
Relevância na Pesquisa
37.898708%
Approved for public release; distribution is unlimited; Approved for public release; distribution is unlimited; This document describes the Life Cycle Management Plan for the development of a high assurance secure product. A high assurance product is one for which its users have a high level of confidence that its security policies will be enforced continuously and correctly. Such products are constructed so that they can be analyzed for these characteristics. Lifecycle activities ensure that the product reflects the intent to ensure that the product is trustworthy and that vigorous efforts have been made to ensure the absence of unspecified functionality, whether accidental or intentional. This document describes the policy and high-level processes for the distribution of the TCX product to external users. This document is driven by the TCX Life Cycle Management Plan (LCMP), the Configuration Management Plan, and the Quality Assurance Plan. This document provides the framework for the Integration Procedures and the Delivery Procedures identified in the LCMP. Some of the concepts described in this document were developed in a student’s Masters thesis. This is a preliminary design for product distribution; it has not been tested with a product actually distributed to end-users.

Estrategias de configuración de redes WLAN IEEE 802.11e EDCA

Serrano Yáñez-Mingot, Pablo
Fonte: Universidade Carlos III de Madrid Publicador: Universidade Carlos III de Madrid
Tipo: Tese de Doutorado Formato: application/pdf
Português
Relevância na Pesquisa
18.044231%
Las redes inalámbricas de área local (WLANs) se han convertido en una solución muy común para proporcionar acceso a Internet. El principal mecanismo usado a nivel MAC (Medium Access Control) para las WLANs es el definido por el estándar IEEE 802.11. Recientemente, el grupo de trabajo (Working Group) 802.11 ha aprobado un nuevo estándar, denominado 802.11e, que extiende dicho mecanismo para suministrar calidad de servicio (QoS). Este nuevo estándar se basa en una serie de parámetros a configurar, tema aún pendiente de ser resuelto pues si bien se proporcionan unos valores recomendados para dichos parámetros, estos valores son estáticos por lo que su idoneidad no está garantizada. La presente tesis aborda el diseño de estrategias de configuración que optimicen el uso del mecanismo EDCA del estándar 802.11e. A tal efecto, se distinguen dos escenarios WLAN bien diferentes, cada uno definiendo una diferente estrategia de configuración para los mencionados parámetros: En el primer escenario, denominado WLAN abierta, se supone un entorno abierto como, por ejemplo, un hot-spot. En dicho escenario no se puede confiar en la caracterización del tráfico y los requisitos de servicio que pudiesen proporcionar los usuarios...

Application of trusted computing to secure P2P networking; Trusted authetication protocol for self-organizing networks

Pintado Guijarro, Elisa; García Millán, Guillermo
Fonte: Universidade Carlos III de Madrid Publicador: Universidade Carlos III de Madrid
Tipo: info:eu-repo/semantics/bachelorThesis; info:eu-repo/semantics/masterThesis Formato: application/pdf
Português
Relevância na Pesquisa
89.64775%
Peer-to-peer (P2P) networking is based on a distributed application architecture that covers a diverse set of network types. In pure P2P overlays, every node in the network acts as a "servent", they act as a server and a client simultaneously. Highlighting the fact that there is a lack of any centralised control, acting all nodes as equals. This networks have become very popular in the form of file-sharing networks. It is based on the idea of sharing any type of resources between all nodes. Peers are both suppliers and consumers of resources. As nodes arrive, the total capacity of the system also increases. In contrast, in a traditional client-server architecture, clients share only their demands with the system, but not their resources. In this case, as more clients join the system, fewer resources are available to serve each client. The decentralized nature of P2P networks also increases robustness because if a part of the system fails, it will not stop the entire system from working. As mentioned in there is a need to provide robust access control, data integrity, confidentiality and accountability services. In order to prevent other nodes from impersonating or creating an arbitrary amount of bogus nodes, all distributed systems must have a unique...

Identity-based Trusted Authentication in Wireless Sensor Network

Yussoff, Yusnani Mohd; Hashim, Habibah; Baba, Mohd Dani
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 26/07/2012 Português
Relevância na Pesquisa
48.477974%
Secure communication mechanisms in Wireless Sensor Networks (WSNs) have been widely deployed to ensure confidentiality, authenticity and integrity of the nodes and data. Recently many WSNs applications rely on trusted communication to ensure large user acceptance. Indeed, the trusted relationship thus far can only be achieved through Trust Management System (TMS) or by adding external security chip on the WSN platform. In this study an alternative mechanism is proposed to accomplish trusted communication between sensors based on the principles defined by Trusted Computing Group (TCG). The results of other related study have also been analyzed to validate and support our findings. Finally the proposed trusted mechanism is evaluated for the potential application on resource constraint devices by quantifying their power consumption on selected major processes. The result proved the proposed scheme can establish trust in WSN with less computation and communication and most importantly eliminating the need for neighboring evaluation for TMS or relying on external security chip.; Comment: 10 pages, 5 figures, 4 tables; IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 3, No 2, May 2012 ISSN (Online): 1694-0814

Trusted Ticket Systems and Applications

Kuntze, Nicolai; Schmidt, Andreas U.
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 23/01/2007 Português
Relevância na Pesquisa
48.844863%
Trusted Computing is a security base technology that will perhaps be ubiquitous in a few years in personal computers and mobile devices alike. Despite its neutrality with respect to applications, it has raised some privacy concerns. We show that trusted computing can be applied for service access control in a manner protecting users' privacy. We construct a ticket system -- a concept which is at the heart of Identity Management -- relying solely on the capabilities of the trusted platform module and the standards specified by the Trusted Computing Group. Two examples show how it can be used for pseudonymous and protected service access.; Comment: Accepted full research paper at IFIP sec2007, Sandton, South Africa, 14-16 May 2007

Citizen Electronic Identities using TPM 2.0

Nyman, Thomas; Ekberg, Jan-Erik; Asokan, N.
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
38.146963%
Electronic Identification (eID) is becoming commonplace in several European countries. eID is typically used to authenticate to government e-services, but is also used for other services, such as public transit, e-banking, and physical security access control. Typical eID tokens take the form of physical smart cards, but successes in merging eID into phone operator SIM cards show that eID tokens integrated into a personal device can offer better usability compared to standalone tokens. At the same time, trusted hardware that enables secure storage and isolated processing of sensitive data have become commonplace both on PC platforms as well as mobile devices. Some time ago, the Trusted Computing Group (TCG) released the version 2.0 of the Trusted Platform Module (TPM) specification. We propose an eID architecture based on the new, rich authorization model introduced in the TCGs TPM 2.0. The goal of the design is to improve the overall security and usability compared to traditional smart card-based solutions. We also provide, to the best our knowledge, the first accessible description of the TPM 2.0 authorization model.; Comment: This work is based on an earlier work: Citizen Electronic Identities using TPM 2.0, to appear in the Proceedings of the 4th international workshop on Trustworthy embedded devices...

A threshold secure data sharing scheme for federated clouds

Venkataramana, K.; Padmavathamma, M.
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 12/09/2012 Português
Relevância na Pesquisa
27.866404%
Cloud computing allows users to view computing in a new direction, as it uses the existing technologies to provide better IT services at low-cost. To offer high QOS to customers according SLA, cloud services broker or cloud service provider uses individual cloud providers that work collaboratively to form a federation of clouds. It is required in applications like Real-time online interactive applications, weather research and forecasting etc., in which the data and applications are complex and distributed. In these applications secret data should be shared, so secure data sharing mechanism is required in Federated clouds to reduce the risk of data intrusion, the loss of service availability and to ensure data integrity. So In this paper we have proposed zero knowledge data sharing scheme where Trusted Cloud Authority (TCA) will control federated clouds for data sharing where the secret to be exchanged for computation is encrypted and retrieved by individual cloud at the end. Our scheme is based on the difficulty of solving the Discrete Logarithm problem (DLOG) in a finite abelian group of large prime order which is NP-Hard. So our proposed scheme provides data integrity in transit, data availability when one of host providers are not available during the computation.; Comment: 8 pages...

A secure key transfer protocol for group communication

Rao, R. Velumadhava; Selvamani, K.; Elakkiya, R.
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 12/12/2012 Português
Relevância na Pesquisa
37.806462%
Providing security for messages in group communication is more essential and critical nowadays. In group oriented applications such as Video conferencing and entertainment applications, it is necessary to secure the confidential data in such a way that intruders are not able to modify or transmit the data. Key transfer protocols fully rely on trusted Key Generation Center (KGC) to compute group key and to transport the group keys to all communication parties in a secured and secret manner. In this paper, an efficient key generation and key transfer protocol has been proposed where KGC can broadcast group key information to all group members in a secure way. Hence, only authorized group members will be able to retrieve the secret key and unauthorized members cannot retrieve the secret key. Hence, inorder to maintain the forward and backward secrecy, the group keys are updated whenever a new member joins or leaves the communication group. The proposed algorithm is more efficient and relies on NP class. In addition, the keys are distributed to the group users in a safe and secure way. Moreover, the key generated is also very strong since it uses cryptographic techniques which provide efficient computation.

Securing tuple space: secure ad hoc group communication using PKI

Morse, Kyle
Fonte: Rochester Instituto de Tecnologia Publicador: Rochester Instituto de Tecnologia
Tipo: Masters Project
Português
Relevância na Pesquisa
37.7655%
Secure group communication in an ad hoc network is a largely unexplored research area. Currently available key exchange protocols were not designed to be implemented in an ad hoc network where nodes sporadically enter and leave the group. This project explores establishing secure group communication in an ad hoc network through public key infrastructure. Public key infrastructure (PKI) provides a framework for establishing and authenticating secure communication between users. A trusted certificate authority (CA) generates an identifying token, or certificate, for an authorized user. The certificate contains the user's public key and other identifying information and is digitally signed by the CA to prevent forging. This public key may then be used to initiate secure communication with the user. This project uses the tuple space distributed computing paradigm for all ad hoc group communication. A tuple space is a store of tuples, or lists of objects, from which consumers may read tuples matching filter criteria and to which producers may post new tuples. An easily made physical analogy to this concept is that of an announcement board, where people may read flyers and post new ones. Professor Alan Kaminsky's TupleBoard API is an implementation of tuple space designed for developing ad hoc distributed applications in Java. This project extends this library by adding a public key framework enabling dynamic group key exchange...