242 resultados para Sybil attack


Relevância:

10.00% 10.00%

Publicador:

Resumo:

Today’s evolving networks are experiencing a large number of different attacks ranging from system break-ins, infection from automatic attack tools such as worms, viruses, trojan horses and denial of service (DoS). One important aspect of such attacks is that they are often indiscriminate and target Internet addresses without regard to whether they are bona fide allocated or not. Due to the absence of any advertised host services the traffic observed on unused IP addresses is by definition unsolicited and likely to be either opportunistic or malicious. The analysis of large repositories of such traffic can be used to extract useful information about both ongoing and new attack patterns and unearth unusual attack behaviors. However, such an analysis is difficult due to the size and nature of the collected traffic on unused address spaces. In this dissertation, we present a network traffic analysis technique which uses traffic collected from unused address spaces and relies on the statistical properties of the collected traffic, in order to accurately and quickly detect new and ongoing network anomalies. Detection of network anomalies is based on the concept that an anomalous activity usually transforms the network parameters in such a way that their statistical properties no longer remain constant, resulting in abrupt changes. In this dissertation, we use sequential analysis techniques to identify changes in the behavior of network traffic targeting unused address spaces to unveil both ongoing and new attack patterns. Specifically, we have developed a dynamic sliding window based non-parametric cumulative sum change detection techniques for identification of changes in network traffic. Furthermore we have introduced dynamic thresholds to detect changes in network traffic behavior and also detect when a particular change has ended. Experimental results are presented that demonstrate the operational effectiveness and efficiency of the proposed approach, using both synthetically generated datasets and real network traces collected from a dedicated block of unused IP addresses.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

This thesis is devoted to the study of linear relationships in symmetric block ciphers. A block cipher is designed so that the ciphertext is produced as a nonlinear function of the plaintext and secret master key. However, linear relationships within the cipher can still exist if the texts and components of the cipher are manipulated in a number of ways, as shown in this thesis. There are four main contributions of this thesis. The first contribution is the extension of the applicability of integral attacks from word-based to bitbased block ciphers. Integral attacks exploit the linear relationship between texts at intermediate stages of encryption. This relationship can be used to recover subkey bits in a key recovery attack. In principle, integral attacks can be applied to bit-based block ciphers. However, specific tools to define the attack on these ciphers are not available. This problem is addressed in this thesis by introducing a refined set of notations to describe the attack. The bit patternbased integral attack is successfully demonstrated on reduced-round variants of the block ciphers Noekeon, Present and Serpent. The second contribution is the discovery of a very small system of equations that describe the LEX-AES stream cipher. LEX-AES is based heavily on the 128-bit-key (16-byte) Advanced Encryption Standard (AES) block cipher. In one instance, the system contains 21 equations and 17 unknown bytes. This is very close to the upper limit for an exhaustive key search, which is 16 bytes. One only needs to acquire 36 bytes of keystream to generate the equations. Therefore, the security of this cipher depends on the difficulty of solving this small system of equations. The third contribution is the proposal of an alternative method to measure diffusion in the linear transformation of Substitution-Permutation-Network (SPN) block ciphers. Currently, the branch number is widely used for this purpose. It is useful for estimating the possible success of differential and linear attacks on a particular SPN cipher. However, the measure does not give information on the number of input bits that are left unchanged by the transformation when producing the output bits. The new measure introduced in this thesis is intended to complement the current branch number technique. The measure is based on fixed points and simple linear relationships between the input and output words of the linear transformation. The measure represents the average fraction of input words to a linear diffusion transformation that are not effectively changed by the transformation. This measure is applied to the block ciphers AES, ARIA, Serpent and Present. It is shown that except for Serpent, the linear transformations used in the block ciphers examined do not behave as expected for a random linear transformation. The fourth contribution is the identification of linear paths in the nonlinear round function of the SMS4 block cipher. The SMS4 block cipher is used as a standard in the Chinese Wireless LAN Wired Authentication and Privacy Infrastructure (WAPI) and hence, the round function should exhibit a high level of nonlinearity. However, the findings in this thesis on the existence of linear relationships show that this is not the case. It is shown that in some exceptional cases, the first four rounds of SMS4 are effectively linear. In these cases, the effective number of rounds for SMS4 is reduced by four, from 32 to 28. The findings raise questions about the security provided by SMS4, and might provide clues on the existence of a flaw in the design of the cipher.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

This research used the Queensland Police Service, Australia, as a major case study. Information on principles, techniques and processes used, and the reason for the recording, storing and release of audit information for evidentiary purposes is reported. It is shown that Law Enforcement Agencies have a two-fold interest in, and legal obligation pertaining to, audit trails. The first interest relates to the situation where audit trails are actually used by criminals in the commission of crime and the second to where audit trails are generated by the information systems used by the police themselves in support of the recording and investigation of crime. Eleven court cases involving Queensland Police Service audit trails used in evidence in Queensland courts were selected for further analysis. It is shown that, of the cases studied, none of the evidence presented was rejected or seriously challenged from a technical perspective. These results were further analysed and related to normal requirements for trusted maintenance of audit trail information in sensitive environments with discussion on the ability and/or willingness of courts to fully challenge, assess or value audit evidence presented. Managerial and technical frameworks for firstly what is considered as an environment where a computer system may be considered to be operating “properly” and, secondly, what aspects of education, training, qualifications, expertise and the like may be considered as appropriate for persons responsible within that environment, are both proposed. Analysis was undertaken to determine if audit and control of information in a high security environment, such as law enforcement, could be judged as having improved, or not, in the transition from manual to electronic processes. Information collection, control of processing and audit in manual processes used by the Queensland Police Service, Australia, in the period 1940 to 1980 was assessed against current electronic systems essentially introduced to policing in the decades of the 1980s and 1990s. Results show that electronic systems do provide for faster communications with centrally controlled and updated information readily available for use by large numbers of users who are connected across significant geographical locations. However, it is clearly evident that the price paid for this is a lack of ability and/or reluctance to provide improved audit and control processes. To compare the information systems audit and control arrangements of the Queensland Police Service with other government departments or agencies, an Australia wide survey was conducted. Results of the survey were contrasted with the particular results of a survey, conducted by the Australian Commonwealth Privacy Commission four years previous, to this survey which showed that security in relation to the recording of activity against access to information held on Australian government computer systems has been poor and a cause for concern. However, within this four year period there is evidence to suggest that government organisations are increasingly more inclined to generate audit trails. An attack on the overall security of audit trails in computer operating systems was initiated to further investigate findings reported in relation to the government systems survey. The survey showed that information systems audit trails in Microsoft Corporation's “Windows” operating system environments are relied on quite heavily. An audit of the security for audit trails generated, stored and managed in the Microsoft “Windows 2000” operating system environment was undertaken and compared and contrasted with similar such audit trail schemes in the “UNIX” and “Linux” operating systems. Strength of passwords and exploitation of any security problems in access control were targeted using software tools that are freely available in the public domain. Results showed that such security for the “Windows 2000” system is seriously flawed and the integrity of audit trails stored within these environments cannot be relied upon. An attempt to produce a framework and set of guidelines for use by expert witnesses in the information technology (IT) profession is proposed. This is achieved by examining the current rules and guidelines related to the provision of expert evidence in a court environment, by analysing the rationale for the separation of distinct disciplines and corresponding bodies of knowledge used by the Medical Profession and Forensic Science and then by analysing the bodies of knowledge within the discipline of IT itself. It is demonstrated that the accepted processes and procedures relevant to expert witnessing in a court environment are transferable to the IT sector. However, unlike some discipline areas, this analysis has clearly identified two distinct aspects of the matter which appear particularly relevant to IT. These two areas are; expertise gained through the application of IT to information needs in a particular public or private enterprise; and expertise gained through accepted and verifiable education, training and experience in fundamental IT products and system.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

Fourier transfonn (FT) Raman, Raman microspectroscopy and Fourier transform infrared (FTIR) spectroscopy have been used for the structural analysis and characterisation of untreated and chemically treated wool fibres. For FT -Raman spectroscopy novel methods of sample presentation have been developed and optimised for the analysis of wool. No significant fluorescence was observed and the spectra could be obtained routinely. The stability of wool keratin to the laser source was investigated and the visual and spectroscopic signs of sample damage were established. Wool keratin was found to be extremely robust with no signs of sample degradation observed for laser powers of up to 600 m W and for exposure times of up to seven and half hours. Due to improvements in band resolution and signal-to-noise ratio, several previously unobserved spectral features have become apparent. The assignment of the Raman active vibrational modes of wool have been reviewed and updated to include these features. The infrared spectroscopic techniques of attenuated total reflectance (ATR) and photoacoustic (P A) have been used to examine shrinkproofed and mothproofed wool samples. Shrinkproofing is an oxidative chemical treatment used to selectively modifY the surface of a wool fibre. Mothproofing is a chemical treatment applied to wool for the prevention of insect attack. The ability of PAS and A TR to vary the penetration depth by varying certain instrumental parameters was used to obtain spectra of the near surface regions of these chemically treated samples. These spectra were compared with those taken with a greater penetration depth, which therefore represent more of the bulk wool sample. The PA and ATR spectra demonstrated that oxidation was restricted to the near-surface layer of wool. Extensive curve fitting of ATR spectra of untreated wool indicated that cuticle was composed of a mixed protein conformation, but was predominately that of an a.-helix. The cortex was proposed to be a mixture of both a.helical and ~-pleated sheet protein conformations. These findings were supported by PAS depth profiling results. Raman microspectroscopy was used in an extensive investigation of the molecular structure of the wool fibre. This included determining the orientation of certain functional groups within the wool fibre and the symmetry of particular vibrations. The orientation ofbonds within the wool fibre was investigated by orientating the wool fibre axis parallel and then perpendicular to the plane of polarisation of the electric vector of the incident radiation. It was experimentally determined that the majority of C=O and N-H bonds of the peptide bond of wool lie parallel to the fibre axis. Additionally, a number of the important vibrations associated with the a-helix were also found to lie parallel to the fibre axis. Further investigation into the molecular structure of wool involved determining what effect stretching the wool fibre had on bond orientation. Raman spectra of stretched and unstretched wool fibres indicated that extension altered the orientation ofthe aromatic rings, the CH2 and CH3 groups of the amino acids. Curve fitting results revealed that extension resulted in significant destruction of the a-helix structure a substantial increase in the P-pleated sheet structure. Finally, depolarisation ratios were calculated for Raman spectra. The vibrations associated with the aromatic rings of amino acids had very low ratios which indicated that the vibrations were highly symmetrical.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

This study, to elucidate the role of des(1-3)IGF-I in the maturation of IGF-I,used two strategies. The first was to detect the presence of enzymes in tissues, which would act on IGF-I to produce des(1-3)IGF-I, and the second was to detect the potential products of such enzymic activity, namely Gly-Pro-Glu(GPE), Gly-Pro(GP) and des(l- 3)IGF-I. No neutral tripeptidyl peptidase (TPP II), which would release the tripeptide GPE from IGF-I, was detected in brain, urine nor in red or white blood cells. The TPPlike activity which was detected, was attributed to a combined action of a dipeptidyl peptidase (DPP N) and an aminopeptidase (AP A). A true TPP II was, however, detected in platelets. Two purified TPP II enzymes were investigated but they did not release GPE from IGF-I under a variety of conditions. Consequently, TPP II seemed unlikely to participate in the formation of des(1-3)IGF-I. In contrast, an acidic tripeptidyl peptidase activity (TPP I) was detected in brain and colostrum, the former with a pH optimum of 4.5 and the latter 3.8. It seems likely that such an enzyme would participate in the formation of des( 1-3 )IGF-I in these tissues in vitro, ie. that des(1-3)IGF-I may have been produced as an artifact in the isolation of IGF-I from brain and colostrum in acidic conditions. This contrasts with suggestions of an in vivo role for des(1-3)IGF-I, as reported by others. The activity of a dipeptidyl peptidase N (DPP N) from urine, which should release the dipeptide GP from IGF-I, was assessed under a variety of conditions and with a variety of additives and potential enzyme stimulants, but there was no release of GP. The DPP N also exhibited a transferase activity with synthetic substrates in the presence of dipeptides, at lower concentrations than previously reported for other acceptors or other proteolytic enzymes. In addition, a low concentration of a product,possibly the tetrapeptide Gly-Pro-Gly-Leu, was detected with the action of the enzyme on IGF-I in the presence of the dipeptide Gly-Leu. As part of attempts to detect tissue production of des(1-3)IGF-I, a monoclonal antibody (MAb ), directed towards the GPE- end ofiGF-I was produced by immunisation with a 10-mer covalently attached to a carrier protein. By the use of indirect ELISA and inhibitor studies, the MAb was shown to selectively recognise peptides with anNterminal GPE- sequence, and applied to the indirect detection of des(1-3)IGF-I. The concentration of GPE in brain, measured by mass spectrometry ( MS), was low, and the concentration of total IGF-I (measured by ELISA with a commercial polyclonal antibody [P Ab]) was 40 times higher at 50 nmol/kg. This also, was not consistent with the action of a tripeptidyl peptidase in brain that converted all IGF-I to des(1-3)IGF-I plus GPE. Contrasting ELISA results, using the MAb prepared in this study, suggest an even higher concentration of intact IGF-I of 150 nmollkg. This would argue against the presence of any des( 1-3 )IGF-I in brain, but in turn, this indicates either the presence of other substances containing a GPE amino-terminus or other cross reacting epitope. Although the results of the specificity studies reported in Chapter 5 would make this latter possibility seem unlikely, it cannot be completely excluded. No GP was detected in brain by MS. No GPE was detected in colostrum by capillary electrophoresis (CE) but the interference from extraneous substances reduced the detectability of GPE by CE and this approach would require further, prior, purification and concentration steps. A molecule, with a migration time equal to that of the peptide GP, was detected in colostrum by CE, but the concentration (~ 10 11mo/L) was much higher than the IGF-I concentration measured by radio-immunoassay using a PAb (80 nmol/L) or using a Mab (300-400 nmolL). A DPP IV enzyme was detected in colostrum and this could account for the GP, derived from substrates other than IGF-1. Based on the differential results of the two antibody assays, there was no indication of the presence of des(1-3)IGF-I in brain or colostrum. In the absence of any enzyme activity directed towards the amino terminus of IGF-I and the absence any potential products, IGF-I, therefore, does not appear to "mature" via des(1-3)IGF-I in the brain, nor in the neutral colostrum. In spite of these results which indicate the absence of an enzymic attack on IGF-I and the absence of the expected products in tissues, the possibility that the conversion of IGF-I may occur in neutral conditions in limited amounts, cannot be ruled out. It remains possible that in the extracellular environment of the membrane, a complex interaction of IGF-I, binding protein, aminopeptidase(s) and receptor, produces des(1- 3)IGF-I as a transient product which is bound to the receptor and internalised.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

Stream ciphers are encryption algorithms used for ensuring the privacy of digital telecommunications. They have been widely used for encrypting military communications, satellite communications, pay TV encryption and for voice encryption of both fixed lined and wireless networks. The current multi year European project eSTREAM, which aims to select stream ciphers suitable for widespread adoptation, reflects the importance of this area of research. Stream ciphers consist of a keystream generator and an output function. Keystream generators produce a sequence that appears to be random, which is combined with the plaintext message using the output function. Most commonly, the output function is binary addition modulo two. Cryptanalysis of these ciphers focuses largely on analysis of the keystream generators and of relationships between the generator and the keystream it produces. Linear feedback shift registers are widely used components in building keystream generators, as the sequences they produce are well understood. Many types of attack have been proposed for breaking various LFSR based stream ciphers. A recent attack type is known as an algebraic attack. Algebraic attacks transform the problem of recovering the key into a problem of solving multivariate system of equations, which eventually recover the internal state bits or the key bits. This type of attack has been shown to be effective on a number of regularly clocked LFSR based stream ciphers. In this thesis, algebraic attacks are extended to a number of well known stream ciphers where at least one LFSR in the system is irregularly clocked. Applying algebriac attacks to these ciphers has only been discussed previously in the open literature for LILI-128. In this thesis, algebraic attacks are first applied to keystream generators using stop-and go clocking. Four ciphers belonging to this group are investigated: the Beth-Piper stop-and-go generator, the alternating step generator, the Gollmann cascade generator and the eSTREAM candidate: the Pomaranch cipher. It is shown that algebraic attacks are very effective on the first three of these ciphers. Although no effective algebraic attack was found for Pomaranch, the algebraic analysis lead to some interesting findings including weaknesses that may be exploited in future attacks. Algebraic attacks are then applied to keystream generators using (p; q) clocking. Two well known examples of such ciphers, the step1/step2 generator and the self decimated generator are investigated. Algebraic attacks are shown to be very powerful attack in recovering the internal state of these generators. A more complex clocking mechanism than either stop-and-go or the (p; q) clocking keystream generators is known as mutual clock control. In mutual clock control generators, the LFSRs control the clocking of each other. Four well known stream ciphers belonging to this group are investigated with respect to algebraic attacks: the Bilateral-stop-and-go generator, A5/1 stream cipher, Alpha 1 stream cipher, and the more recent eSTREAM proposal, the MICKEY stream ciphers. Some theoretical results with regards to the complexity of algebraic attacks on these ciphers are presented. The algebraic analysis of these ciphers showed that generally, it is hard to generate the system of equations required for an algebraic attack on these ciphers. As the algebraic attack could not be applied directly on these ciphers, a different approach was used, namely guessing some bits of the internal state, in order to reduce the degree of the equations. Finally, an algebraic attack on Alpha 1 that requires only 128 bits of keystream to recover the 128 internal state bits is presented. An essential process associated with stream cipher proposals is key initialization. Many recently proposed stream ciphers use an algorithm to initialize the large internal state with a smaller key and possibly publicly known initialization vectors. The effect of key initialization on the performance of algebraic attacks is also investigated in this thesis. The relationships between the two have not been investigated before in the open literature. The investigation is conducted on Trivium and Grain-128, two eSTREAM ciphers. It is shown that the key initialization process has an effect on the success of algebraic attacks, unlike other conventional attacks. In particular, the key initialization process allows an attacker to firstly generate a small number of equations of low degree and then perform an algebraic attack using multiple keystreams. The effect of the number of iterations performed during key initialization is investigated. It is shown that both the number of iterations and the maximum number of initialization vectors to be used with one key should be carefully chosen. Some experimental results on Trivium and Grain-128 are then presented. Finally, the security with respect to algebraic attacks of the well known LILI family of stream ciphers, including the unbroken LILI-II, is investigated. These are irregularly clock- controlled nonlinear filtered generators. While the structure is defined for the LILI family, a particular paramater choice defines a specific instance. Two well known such instances are LILI-128 and LILI-II. The security of these and other instances is investigated to identify which instances are vulnerable to algebraic attacks. The feasibility of recovering the key bits using algebraic attacks is then investigated for both LILI- 128 and LILI-II. Algebraic attacks which recover the internal state with less effort than exhaustive key search are possible for LILI-128 but not for LILI-II. Given the internal state at some point in time, the feasibility of recovering the key bits is also investigated, showing that the parameters used in the key initialization process, if poorly chosen, can lead to a key recovery using algebraic attacks.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

Conifers are resistant to attack from a large number of potential herbivores or pathogens. Previous molecular and biochemical characterization of selected conifer defence systems support a model of multigenic, constitutive and induced defences that act on invading insects via physical, chemical, biochemical or ecological (multitrophic) mechanisms. However, the genomic foundation of the complex defence and resistance mechanisms of conifers is largely unknown. As part of a genomics strategy to characterize inducible defences and possible resistance mechanisms of conifers against insect herbivory, we developed a cDNA microarray building upon a new spruce (Picea spp.) expressed sequence tag resource. This first-generation spruce cDNA microarray contains 9720 cDNA elements representing c. 5500 unique genes. We used this array to monitor gene expression in Sitka spruce (Picea sitchensis) bark in response to herbivory by white pine weevils (Pissodes strobi, Curculionidae) or wounding, and in young shoot tips in response to western spruce budworm (Choristoneura occidentalis, Lepidopterae) feeding. Weevils are stem-boring insects that feed on phloem, while budworms are foliage feeding larvae that consume needles and young shoot tips. Both insect species and wounding treatment caused substantial changes of the host plant transcriptome detected in each case by differential gene expression of several thousand array elements at 1 or 2 d after the onset of treatment. Overall, there was considerable overlap among differentially expressed gene sets from these three stress treatments. Functional classification of the induced transcripts revealed genes with roles in general plant defence, octadecanoid and ethylene signalling, transport, secondary metabolism, and transcriptional regulation. Several genes involved in primary metabolic processes such as photosynthesis were down-regulated upon insect feeding or wounding, fitting with the concept of dynamic resource allocation in plant defence. Refined expression analysis using gene-specific primers and real-time PCR for selected transcripts was in agreement with microarray results for most genes tested. This study provides the first large-scale survey of insect-induced defence transcripts in a gymnosperm and provides a platform for functional investigation of plant-insect interactions in spruce. Induction of spruce genes of octadecanoid and ethylene signalling, terpenoid biosynthesis, and phenolic secondary metabolism are discussed in more detail.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

The Denial of Service Testing Framework (dosTF) being developed as part of the joint India-Australia research project for ‘Protecting Critical Infrastructure from Denial of Service Attacks’ allows for the construction, monitoring and management of emulated Distributed Denial of Service attacks using modest hardware resources. The purpose of the testbed is to study the effectiveness of different DDoS mitigation strategies and to allow for the testing of defense appliances. Experiments are saved and edited in XML as abstract descriptions of an attack/defense strategy that is only mapped to real resources at run-time. It also provides a web-application portal interface that can start, stop and monitor an attack remotely. Rather than monitoring a service under attack indirectly, by observing traffic and general system parameters, monitoring of the target application is performed directly in real time via a customised SNMP agent.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

The α,ω-diyne 4,7,10-trithiatrideca-2,11-diyne reacts with [RuCl2(PPh3)3] and KPF6 to form the phosphonio-substituted metallatricyclic salt [RuCl(PPh3){κ4C,S,S′,S′′-S(C≡CMe)C2H4SC2H4SC(PPh3)CMe}]PF6 arising from the activation of one alkynyl group toward nucleophilic attack by extraneous phosphine.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

We present several new observations on the SMS4 block cipher, and discuss their cryptographic significance. The crucial observation is the existence of fixed points and also of simple linear relationships between the bits of the input and output words for each component of the round functions for some input words. This implies that the non-linear function T of SMS4 does not appear random and that the linear transformation provides poor diffusion. Furthermore, the branch number of the linear transformation in the key scheduling algorithm is shown to be less than optimal. The main security implication of these observations is that the round function is not always non-linear. Due to this linearity, it is possible to reduce the number of effective rounds of SMS4 by four. We also investigate the susceptibility of SMS4 to further cryptanalysis. Finally, we demonstrate a successful differential attack on a slightly modified variant of SMS4. These findings raise serious questions on the security provided by SMS4.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

In a digital world, users’ Personally Identifiable Information (PII) is normally managed with a system called an Identity Management System (IMS). There are many types of IMSs. There are situations when two or more IMSs need to communicate with each other (such as when a service provider needs to obtain some identity information about a user from a trusted identity provider). There could be interoperability issues when communicating parties use different types of IMS. To facilitate interoperability between different IMSs, an Identity Meta System (IMetS) is normally used. An IMetS can, at least theoretically, join various types of IMSs to make them interoperable and give users the illusion that they are interacting with just one IMS. However, due to the complexity of an IMS, attempting to join various types of IMSs is a technically challenging task, let alone assessing how well an IMetS manages to integrate these IMSs. The first contribution of this thesis is the development of a generic IMS model called the Layered Identity Infrastructure Model (LIIM). Using this model, we develop a set of properties that an ideal IMetS should provide. This idealized form is then used as a benchmark to evaluate existing IMetSs. Different types of IMS provide varying levels of privacy protection support. Unfortunately, as observed by Jøsang et al (2007), there is insufficient privacy protection in many of the existing IMSs. In this thesis, we study and extend a type of privacy enhancing technology known as an Anonymous Credential System (ACS). In particular, we extend the ACS which is built on the cryptographic primitives proposed by Camenisch, Lysyanskaya, and Shoup. We call this system the Camenisch, Lysyanskaya, Shoup - Anonymous Credential System (CLS-ACS). The goal of CLS-ACS is to let users be as anonymous as possible. Unfortunately, CLS-ACS has problems, including (1) the concentration of power to a single entity - known as the Anonymity Revocation Manager (ARM) - who, if malicious, can trivially reveal a user’s PII (resulting in an illegal revocation of the user’s anonymity), and (2) poor performance due to the resource-intensive cryptographic operations required. The second and third contributions of this thesis are the proposal of two protocols that reduce the trust dependencies on the ARM during users’ anonymity revocation. Both protocols distribute trust from the ARM to a set of n referees (n > 1), resulting in a significant reduction of the probability of an anonymity revocation being performed illegally. The first protocol, called the User Centric Anonymity Revocation Protocol (UCARP), allows a user’s anonymity to be revoked in a user-centric manner (that is, the user is aware that his/her anonymity is about to be revoked). The second protocol, called the Anonymity Revocation Protocol with Re-encryption (ARPR), allows a user’s anonymity to be revoked by a service provider in an accountable manner (that is, there is a clear mechanism to determine which entity who can eventually learn - and possibly misuse - the identity of the user). The fourth contribution of this thesis is the proposal of a protocol called the Private Information Escrow bound to Multiple Conditions Protocol (PIEMCP). This protocol is designed to address the performance issue of CLS-ACS by applying the CLS-ACS in a federated single sign-on (FSSO) environment. Our analysis shows that PIEMCP can both reduce the amount of expensive modular exponentiation operations required and lower the risk of illegal revocation of users’ anonymity. Finally, the protocols proposed in this thesis are complex and need to be formally evaluated to ensure that their required security properties are satisfied. In this thesis, we use Coloured Petri nets (CPNs) and its corresponding state space analysis techniques. All of the protocols proposed in this thesis have been formally modeled and verified using these formal techniques. Therefore, the fifth contribution of this thesis is a demonstration of the applicability of CPN and its corresponding analysis techniques in modeling and verifying privacy enhancing protocols. To our knowledge, this is the first time that CPN has been comprehensively applied to model and verify privacy enhancing protocols. From our experience, we also propose several CPN modeling approaches, including complex cryptographic primitives (such as zero-knowledge proof protocol) modeling, attack parameterization, and others. The proposed approaches can be applied to other security protocols, not just privacy enhancing protocols.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

Computation Fluid Dynamics (CFD) has become an important tool in optimization and has seen successful in many real world applications. Most important among these is in the optimisation of aerodynamic surfaces which has become Multi-Objective (MO) and Multidisciplinary (MDO) in nature. Most of these have been carried out for a given set of input parameters such as free stream Mach number and angle of attack. One cannot ignore the fact that in aerospace engineering one frequently deals with situations where the design input parameters and flight/flow conditions have some amount of uncertainty attached to them. When the optimisation is carried out for fixed values of design variables and parameters however, one arrives at an optimised solution that results in good performance at design condition but poor drag or lift to drag ratio at slightly off-design conditions. The challenge is still to develop a robust design that accounts for uncertainty in the design in aerospace applications. In this paper this issue is taken up and an attempt is made to prevent the fluctuation of objective performance by using robust design technique or Uncertainty.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

This paper is concerned with some plane strain and axially symmetric free surface problems which arise in the study of static granular solids that satisfy the Coulomb-Mohr yield condition. Such problems are inherently nonlinear, and hence difficult to attack analytically. Given a Coulomb friction condition holds on a solid boundary, it is shown that the angle a free surface is allowed to attach to the boundary is dependent only on the angle of wall friction, assuming the stresses are all continuous at the attachment point, and assuming also that the coefficient of cohesion is nonzero. As a model problem, the formation of stable cohesive arches in hoppers is considered. This undesirable phenomena is an obstacle to flow, and occurs when the hopper outlet is too small. Typically, engineers are concerned with predicting the critical outlet size for a given hopper and granular solid, so that for hoppers with outlets larger than this critical value, arching cannot occur. This is a topic of considerable practical interest, with most accepted engineering methods being conservative in nature. Here, the governing equations in two limiting cases (small cohesion and high angle of internal friction) are considered directly. No information on the critical outlet size is found; however solutions for the shape of the free boundary (the arch) are presented, for both plane and axially symmetric geometries.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

DNA exists predominantly in a duplex form that is preserved via specific base pairing. This base pairing affords a considerable degree of protection against chemical or physical damage and preserves coding potential. However, there are many situations, e.g. during DNA damage and programmed cellular processes such as DNA replication and transcription, in which the DNA duplex is separated into two singlestranded DNA (ssDNA) strands. This ssDNA is vulnerable to attack by nucleases, binding by inappropriate proteins and chemical attack. It is very important to control the generation of ssDNA and protect it when it forms, and for this reason all cellular organisms and many viruses encode a ssDNA binding protein (SSB). All known SSBs use an oligosaccharide/oligonucleotide binding (OB)-fold domain for DNA binding. SSBs have multiple roles in binding and sequestering ssDNA, detecting DNA damage, stimulating strand-exchange proteins and helicases, and mediation of protein–protein interactions. Recently two additional human SSBs have been identified that are more closely related to bacterial and archaeal SSBs. Prior to this it was believed that replication protein A, RPA, was the only human equivalent of bacterial SSB. RPA is thought to be required for most aspects of DNA metabolism including DNA replication, recombination and repair. This review will discuss in further detail the biological pathways in which human SSBs function.