901 resultados para Computer Network Resources


Relevância:

80.00% 80.00%

Publicador:

Resumo:

This work aims to give greater visibility to the issue of software security, due to people talk a lot in security conferences, that much of both IT (Information Technology) staff and, more specifically, IS (Information Security) staff does not know this, and, thanks to the spread of the mobile computing and of the cloud computing, this lack of deeper knowledge on this subject is increasingly becoming worrisome. It aims too, make applications to be developed in a security manner, priorizing the security of the information processed. It attempts to demonstrate the secure coding techniques, the principles of software security, the means to identify software vulnerabilities, the cutting-edge software exploitation techniques and the mechanisms of mitigation. Nowadays, the security guys are in charge of the most of the security tests in applications, audits and pentests, and it is undeniable that the so-called security experts, most often come from computer network field, having few experience in software development and programming. Therefore, the development process does not consider the security issue, thanks to the lack of knowledge on the subject by the developer, and the security tests could be improved whether security experts had a greater know-how on application development. Given this problem, the goal here is to integrate information security with software development, spreading out the process of secure software development. To achieve this, a Linux distribution with proof of concept applicati... (Complete abstract click electronic access below)

Relevância:

80.00% 80.00%

Publicador:

Resumo:

This article aims to describe the proposed development of an emulator application for digital TV that operates on a local computer network, to have it as a testing environment for students and researchers. The emulator application is presented as a useful tool to reduce validation costs of applications developed for digital TV.

Relevância:

80.00% 80.00%

Publicador:

Resumo:

Pós-graduação em Televisão Digital: Informação e Conhecimento - FAAC

Relevância:

80.00% 80.00%

Publicador:

Resumo:

The rapid development of Information and Communication Technologies - TIC, coupled with the advancement of the global Internet computer network have framed new concepts and definitions such as virtual reality, immersive environments, webmuseums, digital museums, electronic art, cyber art, among other terminologies that are becoming more and more common and are present in everyday Web users. To better understand the terminologies used to describe museum in the virtual environment, we present a summarized table of terms such as webmuseum, virtual museum, digital museum and their derivatives in order to define the elements that differentiate or resemble them. We used the bibliographic descriptive method for identifying the concepts presented by some expert authors in the field. In conclusion, we recommend the use of the term webmuseum for museums in cyberspace as the most appropriate and we define the concept, comprehending its meaning and characteristics.

Relevância:

80.00% 80.00%

Publicador:

Resumo:

Pós-graduação em Engenharia Elétrica - FEIS

Relevância:

80.00% 80.00%

Publicador:

Resumo:

Virtual Studio is a system developed for the creation of virtual sets , as well as any three-dimensional virtual objects that can be digitally integrated to the scenes captured on a real television studio . Through techniques such as chroma-key , computer graphics , augmented reality and virtual reality is possible flexibility in producing content for digital TV , reduce cost and meet 12.485/2011 law , the Brazilian Law of Pay TV , which has among its objectives to increase the production and circulation of diverse and quality Brazilian audiovisual content, generating jobs, income , royalties, professionalism and strengthening of national culture (ANCINE , Brazilian Nacional Cinema Agency ). Based on this background , an overview of the benefits of using the technologies mentioned for the production of content for digital television is presented . This work involves the development of a system of Interactive Virtual Studio called ARSTUDIO per team of researchers from the Posgraduate Program in Digital Television: Information and Knowledge at UNESP , São Paulo State University in Bauru , State of São Paulo, Brazil .

Relevância:

80.00% 80.00%

Publicador:

Resumo:

Data Distribution Management (DDM) is a core part of High Level Architecture standard, as its goal is to optimize the resources used by simulation environments to exchange data. It has to filter and match the set of information generated during a simulation, so that each federate, that is a simulation entity, only receives the information it needs. It is important that this is done quickly and to the best in order to get better performances and avoiding the transmission of irrelevant data, otherwise network resources may saturate quickly. The main topic of this thesis is the implementation of a super partes DDM testbed. It evaluates the goodness of DDM approaches, of all kinds. In fact it supports both region and grid based approaches, and it may support other different methods still unknown too. It uses three factors to rank them: execution time, memory and distance from the optimal solution. A prearranged set of instances is already available, but we also allow the creation of instances with user-provided parameters. This is how this thesis is structured. We start introducing what DDM and HLA are and what do they do in details. Then in the first chapter we describe the state of the art, providing an overview of the most well known resolution approaches and the pseudocode of the most interesting ones. The third chapter describes how the testbed we implemented is structured. In the fourth chapter we expose and compare the results we got from the execution of four approaches we have implemented. The result of the work described in this thesis can be downloaded on sourceforge using the following link: https://sourceforge.net/projects/ddmtestbed/. It is licensed under the GNU General Public License version 3.0 (GPLv3).

Relevância:

80.00% 80.00%

Publicador:

Resumo:

The main objective of this article is to focus on the analysis of teaching techniques, ranging from the use of the blackboard and chalk in old traditional classes, using slides and overhead projectors in the eighties and use of presentation software in the nineties, to the video, electronic board and network resources nowadays. Furthermore, all the aforementioned, is viewed under the different mentalities in which the teacher conditions the student using the new teaching technique, improving soft skills but maybe leading either to encouragement or disinterest, and including the lack of educational knowledge consolidation at scientific, technology and specific levels. In the same way, we study the process of adaptation required for teachers, the differences in the processes of information transfer and education towards the student, and even the existence of teachers who are not any longer appealed by their work due which has become much simpler due to new technologies and the greater ease in the development of classes due to the criteria described on the new Grade Programs adopted by the European Higher Education Area. Moreover, it is also intended to understand the evolution of students’ profiles, from the eighties to present time, in order to understand certain attitudes, behaviours, accomplishments and acknowledgements acquired over the semesters within the degree Programs. As an Educational Innovation Group, another key question also arises. What will be the learning techniques in the future?. How these evolving matters will affect both positively and negatively on the mentality, attitude, behaviour, learning, achievement of goals and satisfaction levels of all elements involved in universities’ education? Clearly, this evolution from chalk to the electronic board, the three-dimensional view of our works and their sequence, greatly facilitates the understanding and adaptation later on to the business world, but does not answer to the unknowns regarding the knowledge and the full development of achievement’s indicators in basic skills of a degree. This is the underlying question which steers the roots of the presented research.

Relevância:

80.00% 80.00%

Publicador:

Resumo:

When the fresh fruit reaches the final markets from the suppliers, its quality is not always as good as it should, either because it has been mishandled during transportation or because it lacks an adequate quality control at the producer level, before being shipped. This is why it is necessary for the final markets to establish their own quality assessment system if they want to ensure to their customers the quality they want to sell. In this work, a system to control fruit quality at the last level of the distribution channel has been designed. The system combines rapid control techniques with laboratory equipment and statistical sampling protocols, to obtain a dynamic, objective process, which can substitute advantageously the quality control inspections carried out visually by human experts at the reception platform of most hypermarkets. Portable measuring equipment have been chosen (firmness tester, temperature and humidity sensors...) as well as easy-to-use laboratory equipment (texturometer, colorimeter, refractometer..,) combining them to control the most important fruit quality parameters (firmness, colour, sugars, acids). A complete computer network has been designed to control all the processes and store the collected data in real time, and to perform the computations. The sampling methods have been also defined to guarantee the confidence of the results. Some of the advantages of a quality assessment system as the proposed one are: the minimisation of human subjectivity, the ability to use modern measuring techniques, and the possibility of using it also as a supplier's quality control system. It can be also a way to clarify the quality limits of fruits among members of the commercial channel, as well as the first step in the standardisation of quality control procedures.

Relevância:

80.00% 80.00%

Publicador:

Resumo:

Esta tesis doctoral está enmarcada en dos diferentes pero complementarias áreas de investigación: las redes de Publicación/Subscripción y los servicios móviles distribuidos. Con el paso de los años las redes de Publicación/Subscripción han ido ofreciendo el soporte de comunicaciones desacopladas y ligeras que a su vez, han mejorado la distribución de la información en muchos escenarios de aplicación como lo son la ejecución de servicios distribuidos en entornos fijos. Los servicios móviles distribuidos han de ser desplegados en ambientes inalámbricos en donde los dispositivos móviles deben confiar en las mismas características que las redes de Publicación/Subscripción han estado ofreciendo a sus contrapartes fijos. En este contexto, una de las líneas de investigación pendientes consiste en cómo tomar ventaja de estas características, y cómo avanzar hacia nuevas soluciones no existentes con el fin de mejorar la integración entre los dispositivos fijos y móviles, y la ejecución de los servicios móviles distribuidos. En esta tesis doctoral se pretende avanzar en los mecanismos de integración y coordinación de los servicios móviles distribuidos en el contexto de las redes de Publicación/Subscripción. Los objetivos específicos de esta disertación están enfocados en lograr la integración de los sistemas de Publicación/Suscripción fijos y móviles, y la pro-visión de una versión de red de Publicación/Subscripción específica y uniforme que cuente con mecanismos de coordinación que mejoren la ejecución de los servicios móviles distribuidos. Los resultados de esta tesis doctoral están enmarcados en una versión específica de una red de Publicación/Subscripción que integra brokers fijos y móviles, y permite una coordinación totalmente desacoplada y mejorada entre dispositivos móviles que ejecutan fragmentos de servicios. Las contribuciones específicas son las siguientes: una nueva arquitectura de broker móvil que he llamado Rendezvous Mobile broker, un modelo abstracto de servicios móviles distribuidos coordinados sobre una red de Publicación/Subscripción, mejoras en los mecanismos de enrutamiento epidémicos para diseminar eventos de control producidos por fragmentos de servicios, una solución para soportar servicios altamente fragmentados y geográficamente dispersos, y finalmente una solución de interconexión entre dos dominios de red basados en Publicación/Subscripción: una red basada en el protocolo PubSubHubbub y otro en una red basada en el Publish/Subscribe Internet Routing Paradigm (PSIRP). Los experimentos llevados a cabo confirman que la versión específica de red de Pu-blicación/Subscripción propuesta incrementa el rendimiento de la red en términos de tiempo de espera entre nodos finales, permite una coordinación de los servicios móviles distribuidos más resistente a interrupciones y un mejor uso de los recursos de red, y finalmente logra exitosamente, con variaciones mínimas en el rendimiento de las comunicaciones, la interconexión entre estos dominios de Publicación/Subscripción diferentes. ABSTRACT This dissertation is made up of two different but complementary research areas: Publish/Subscribe networks and mobile distributed services. Over the years, Publish/Subscribe networks have been offering the lightweight and decoupled communication characteristics to improve the information distribution in several application domains such as the execution of distributed services. Mobile distributed services are set to be deployed in wireless environments where mobile devices must rely on the same features Publish/Subscribe networks can offer; so one of the pending research directions consists of how to take advantage of these features and further advance to-wards new un-existing solutions that enhance the integration between mobile and fixed systems and the execution of mobile distributed services. This dissertation seeks to advance the integration and coordination mechanisms of mobile distributed services in the context of Publish/Subscribe networks. The specific objectives aim to enable the integration of mobile and fixed Publish/Subscribe systems and provide a uniform and specific version of a Publish/Subscribe network with new coordination mechanisms that improve the execution of mobile distributed services. The results of this dissertation are enclosed in one specific version of a Publish/Subscribe network that integrates mobile and fixed brokers and coordinates the execution of mobile distributed services. These specific contributions are: a new architecture of a mobile broker I called Rendezvous Mobile Broker, an abstract model for coordinating mobile distributed services executions using a Publish/Subscribe net-work, new gossip routing solutions to disseminate events of services, mechanisms to support highly partitioned and geographically dispersed services and finally, an inter-networking solution between two Publish/Subscribe domains: a PubSubHubbub-based network and the Publish/Subscribe Internet Routing Paradigm (PSIRP)-based network. The experimental efforts confirm that the specific version of the Publish/Subscribe proposed in this dissertation improves the performance of the overall network in terms of end-to-end delay, enables a more resilience execution of mobile distributed services, a better usage of the existing network resources, and finally successfully achieves, with minor variations in the network performance, the internetworking between two different Publish/Subscribe domains.

Relevância:

80.00% 80.00%

Publicador:

Resumo:

El Hogar Digital Accesible (HDA) de la ETSIST nace con el propósito de acercar las nuevas Tecnologías de la Información a las personas que precisan de necesidades concretas de accesibilidad y usabilidad, dotándoles de herramientas que les permitan aumentar su calidad de vida, confort, seguridad y autonomía. El entorno del HDA consta de elementos de control para puertas, persianas, iluminación, agua o gas, sensores de temperatura, incendios, gas, sistemas de climatización, sistemas de entretenimiento y sistemas de seguridad tales como detectores de presencia y alarmas. Todo ello apoyado sobre una arquitectura de red que proporciona una pasarela residencial y un acceso a banda ancha. El objetivo principal de este PFG ha sido el desarrollo de un sistema de autenticación para el Hogar Digital Accesible de bajo coste. La idea de integrar un sistema de autenticación en el HDA, surge de la necesidad de proteger de accesos no deseados determinados servicios disponibles dentro de un ámbito privado. Algunos de estos servicios pueden ser tales como el acceso a la lectura de los mensajes disponibles en el contestador automático, el uso de equipos multimedia, la desconexión de alarmas de seguridad o simplemente la configuración de ambientes según el usuario que esté autenticado (intensidad de luz, temperatura de la sala, etc.). En el desarrollo han primado los principios de accesibilidad, usabilidad y seguridad necesarios para la creación de un entorno no invasivo, que permitiera acreditar la identidad del usuario frente al sistema HDA. Se ha planteado como posible solución, un sistema basado en el reconocimiento de un trazo realizado por el usuario. Este trazo se usará como clave de cara a validar a los usuarios. El usuario deberá repetir el trazado que registró en el sistema para autenticarse. Durante la ejecución del presente PFG, se justificará la elección de este mecanismo de autenticación frente a otras alternativas disponibles en el mercado. Para probar la aplicación, se ha podido contar con dos periféricos de distintas gamas, el uDraw creado para la PS3 que se compone de una tableta digitalizadora y un lápiz que permite recoger los trazos realizados por el usuario de forma inalámbrica y la tableta digitalizadora Bamboo de Wacom. La herramienta desarrollada permite a su vez, la posibilidad de ser usada por otro tipo de dispositivos como es el caso del reloj con acelerómetro de 3 ejes de Texas Instruments Chronos eZ430 capaz de trasladar los movimientos del usuario al puntero de un ratón. El PFG se encuentra dividido en tres grandes bloques de flujo de trabajo. El primero se centra en el análisis del sistema y las tecnologías que lo componen, incluyendo los distintos algoritmos disponibles para realizar la autenticación basada en reconocimiento de patrones aplicados a imágenes que mejor se adaptan a las necesidades del usuario. En el segundo bloque se recoge una versión de prueba basada en el análisis y el diseño UML realizado previamente, sobre la que se efectuaron pruebas de concepto y se comprobó la viabilidad del proyecto. El último bloque incluye la verificación y validación del sistema mediante pruebas que certifican que se han alcanzado los niveles de calidad necesarios para la consecución de los objetivos planteados, generando finalmente la documentación necesaria. Como resultado del trabajo realizado, se ha obtenido un sistema que plantea una arquitectura fácilmente ampliable lograda a través del uso de técnicas como la introspección, que permiten separar la lógica de la capa de negocio del código que la implementa, pudiendo de forma simple e intuitiva sustituir código mediante ficheros de configuración, lo que hace que el sistema sea flexible y escalable. Tras la realización del PFG, se puede concluir que el producto final obtenido ha respondido de forma satisfactoria alcanzando los niveles de calidad requeridos, siendo capaz de proporcionar un sistema de autenticación alternativo a los convencionales, manteniendo unas cotas de seguridad elevadas y haciendo de la accesibilidad y el precio sus características más reseñables. ABSTRACT. Accessible Digital Home (HDA) of the ETSIST was created with the aim of bringing the latest information and communications technologies closer to the people who has special needs of accessibility and usability increasing their quality of life, comfort, security and autonomy. The HDA environment has different control elements for doors, blinds, lighting, water or gas, temperature sensors, fire protection systems, gas flashover, air conditioning systems, entertainments systems and security systems such as intruders detectors and alarms. Everything supported by an architecture net which provides a broadband residential services gateway. The main goal of this PFG was the development of a low-cost authentication system for the Accessible Digital Home. The idea of integrating an authentication system on the HDA, stems from the need to safeguard certain private key network resources from unauthorized access. Some of said resources are the access to the answering machine messages, the use of multimedia devices, the alarms deactivation or the parameter settings for each environment as programmed by the authenticated user (light intensity, room temperature, etc.). During the development priority was given to concepts like accessibility, usability and security. All of them necessary to create a non invasive environment that allows the users to certify their identity. A system based on stroke pattern recognition, was considered as a possible solution. This stroke is used as a key to validate users. The user must repeat the stroke that was saved on the system to validate access. The selection of this authentication mechanism among the others available options will be justified during this PFG. Two peripherals with different ranges were used to test the application. One of them was uDraw design for the PS3. It is wireless and is formed by a pen and a drawing tablet that allow us to register the different strokes drawn by the user. The other one was the Wacom Bamboo tablet, that supports the same functionality but with better accuracy. The developed tool allows another kind of peripherals like the 3-axes accelerometer digital wristwatch Texas Instruments Chronos eZ430 capable of transfering user movements to the mouse cursor. The PFG is divided by three big blocks that represent different workflows. The first block is focused on the system analysis and the technologies related to it, including algorithms for image pattern recognition that fits the user's needs. The second block describes how the beta version was developed based on the UML analysis and design previously done. It was tested and the viability of the project was verified. The last block contains the system verification and validation. These processes certify that the requirements have been fulfilled as well as the quality levels needed to reach the planned goals. Finally all the documentation has been produced. As a result of the work, an expandable system has been created, due to the introspection that provides the opportunity to separate the business logic from the code that implements it. With this technique, the code could be replaced throughout configuration files which makes the system flexible and highly scalable. Once the PFG has finished, it must therefore be concluded that the final product has been a success and high levels of quality have been achieved. This authentication tool gives us a low-cost alternative to the conventional ones. The new authentication system remains security levels reasonably high giving particular emphasis to the accessibility and the price.

Relevância:

80.00% 80.00%

Publicador:

Resumo:

From research groups at the universities of developed countries there is a growing interest in providing solutions to problems of developing countries. In this context we have studied typical problems in many (educational) institutions, such as the lack of technicians who repair the computers, the administration of the machines, and also the difficulty to maintain and configure the old hardware available due to the variety of characteristics of the different machines and the amount of hardware breakdowns and software issues (viruses, administration issues) that the local staff has to face up to with their equipments. We propose a thin client approach that takes into account the human, hardware and software characteristics of developing institutions to provide a complete service for a computer network. The network administration is reduced to the administration of one server only. The maintenance of the machines is simplified and old computers can simulate the running of a powerful computer. Our proposal results in a cheap, simple (from the support point of view) and powerful (in terms of achieved functionalities) design.

Relevância:

80.00% 80.00%

Publicador:

Resumo:

Las aplicaciones distribuidas que precisan de un servicio multipunto fiable son muy numerosas, y entre otras es posible citar las siguientes: bases de datos distribuidas, sistemas operativos distribuidos, sistemas de simulación interactiva distribuida y aplicaciones de distribución de software, publicaciones o noticias. Aunque en sus orígenes el dominio de aplicación de tales sistemas distribuidos estaba reducido a una única subred (por ejemplo una Red de Área Local) posteriormente ha surgido la necesidad de ampliar su aplicabilidad a interredes. La aproximación tradicional al problema del multipunto fiable en interredes se ha basado principalmente en los dos siguientes puntos: (1) proporcionar en un mismo protocolo muchas garantías de servicio (por ejemplo fiabilidad, atomicidad y ordenación) y a su vez algunas de éstas en distintos grados, sin tener en cuenta que muchas aplicaciones multipunto que precisan fiabilidad no necesitan otras garantías; y (2) extender al entorno multipunto las soluciones ya adoptadas en el entorno punto a punto sin considerar las características diferenciadoras; y de aquí, que se haya tratado de resolver el problema de la fiabilidad multipunto con protocolos extremo a extremo (protocolos de transporte) y utilizando esquemas de recuperación de errores, centralizados (las retransmisiones se hacen desde un único punto, normalmente la fuente) y globales (los paquetes solicitados se vuelven a enviar al grupo completo). En general, estos planteamientos han dado como resultado protocolos que son ineficientes en tiempo de ejecución, tienen problemas de escalabilidad, no hacen un uso óptimo de los recursos de red y no son adecuados para aplicaciones sensibles al retardo. En esta Tesis se investiga el problema de la fiabilidad multipunto en interredes operando en modo datagrama y se presenta una forma novedosa de enfocar el problema: es más óptimo resolver el problema de la fiabilidad multipunto a nivel de red y separar la fiabilidad de otras garantías de servicio, que pueden ser proporcionadas por un protocolo de nivel superior o por la propia aplicación. Siguiendo este nuevo enfoque se ha diseñado un protocolo multipunto fiable que opera a nivel de red (denominado RMNP). Las características más representativas del RMNP son las siguientes; (1) sigue una aproximación orientada al emisor, lo cual permite lograr un grado muy alto de fiabilidad; (2) plantea un esquema de recuperación de errores distribuido (las retransmisiones se hacen desde ciertos encaminadores intermedios que siempre estarán más cercanos a los miembros que la propia fuente) y de ámbito restringido (el alcance de las retransmisiones está restringido a un cierto número de miembros). Este esquema hace posible optimizar el retardo medio de distribución y disminuir la sobrecarga introducida por las retransmisiones; (3) incorpora en ciertos encaminadores funciones de agregación y filtrado de paquetes de control, que evitan problemas de implosión y reducen el tráfico que fluye hacia la fuente. Con el fin de evaluar el comportamiento del protocolo diseñado, se han realizado pruebas de simulación obteniéndose como principales conclusiones que, el RMNP escala correctamente con el tamaño del grupo, hace un uso óptimo de los recursos de red y es adecuado para aplicaciones sensibles al retardo.---ABSTRACT---There are many distributed applications that require a reliable multicast service, including: distributed databases, distributed operating systems, distributed interactive simulation systems and distribution applications of software, publications or news. Although the application domain of distributed systems of this type was originally confíned to a single subnetwork (for example, a Local Área Network), it later became necessary extend their applicability to internetworks. The traditional approach to the reliable multicast problem in internetworks is based mainly on the following two points: (1) provide a lot of service guarantees in one and the same protocol (for example, reliability, atomicity and ordering) and different levéis of guarantee in some cases, without taking into account that many multicast applications that require reliability do not need other guarantees, and (2) extend solutions adopted in the unicast environment to the multicast environment without taking into account their distinctive characteristics. So, the attempted solutions to the multicast reliability problem were end-to-end protocols (transport protocols) and centralized error recovery schemata (retransmissions made from a single point, normally the source) and global error retrieval schemata (the requested packets are retransmitted to the whole group). Generally, these approaches have resulted in protocols that are inefficient in execution time, have scaling problems, do not make optimum use of network resources and are not suitable for delay-sensitive applications. Here, the multicast reliability problem is investigated in internetworks operating in datagram mode and a new way of approaching the problem is presented: it is better to solve to the multicast reliability problem at network level and sepárate reliability from other service guarantees that can be supplied by a higher protocol or the application itself. A reliable multicast protocol that operates at network level (called RMNP) has been designed on the basis of this new approach. The most representative characteristics of the RMNP are as follows: (1) it takes a transmitter-oriented approach, which provides for a very high reliability level; (2) it provides for an error retrieval schema that is distributed (the retransmissions are made from given intermedíate routers that will always be closer to the members than the source itself) and of restricted scope (the scope of the retransmissions is confined to a given number of members), and this schema makes it possible to optimize the mean distribution delay and reduce the overload caused by retransmissions; (3) some routers include control packet aggregation and filtering functions that prevent implosión problems and reduce the traffic flowing towards the source. Simulation test have been performed in order to evalúate the behaviour of the protocol designed. The main conclusions are that the RMNP scales correctly with group size, makes optimum use of network resources and is suitable for delay-sensitive applications.

Relevância:

80.00% 80.00%

Publicador:

Resumo:

Las redes de sensores inalámbricas son uno de los sectores con más crecimiento dentro de las redes inalámbricas. La rápida adopción de estas redes como solución para muchas nuevas aplicaciones ha llevado a un creciente tráfico en el espectro radioeléctrico. Debido a que las redes inalámbricas de sensores operan en las bandas libres Industrial, Scientific and Medical (ISM) se ha producido una saturación del espectro que en pocos años no permitirá un buen funcionamiento. Con el objetivo de solucionar este tipo de problemas ha aparecido el paradigma de Radio Cognitiva (CR). La introducción de las capacidades cognitivas en las redes inalámbricas de sensores permite utilizar estas redes para aplicaciones con unos requisitos más estrictos respecto a fiabilidad, cobertura o calidad de servicio. Estas redes que aúnan todas estas características son llamadas redes de sensores inalámbricas cognitivas (CWSNs). La mejora en prestaciones de las CWSNs permite su utilización en aplicaciones críticas donde antes no podían ser utilizadas como monitorización de estructuras, de servicios médicos, en entornos militares o de vigilancia. Sin embargo, estas aplicaciones también requieren de otras características que la radio cognitiva no nos ofrece directamente como, por ejemplo, la seguridad. La seguridad en CWSNs es un aspecto poco desarrollado al ser una característica no esencial para su funcionamiento, como pueden serlo el sensado del espectro o la colaboración. Sin embargo, su estudio y mejora es esencial de cara al crecimiento de las CWSNs. Por tanto, esta tesis tiene como objetivo implementar contramedidas usando las nuevas capacidades cognitivas, especialmente en la capa física, teniendo en cuenta las limitaciones con las que cuentan las WSNs. En el ciclo de trabajo de esta tesis se han desarrollado dos estrategias de seguridad contra ataques de especial importancia en redes cognitivas: el ataque de simulación de usuario primario (PUE) y el ataque contra la privacidad eavesdropping. Para mitigar el ataque PUE se ha desarrollado una contramedida basada en la detección de anomalías. Se han implementado dos algoritmos diferentes para detectar este ataque: el algoritmo de Cumulative Sum y el algoritmo de Data Clustering. Una vez comprobado su validez se han comparado entre sí y se han investigado los efectos que pueden afectar al funcionamiento de los mismos. Para combatir el ataque de eavesdropping se ha desarrollado una contramedida basada en la inyección de ruido artificial de manera que el atacante no distinga las señales con información del ruido sin verse afectada la comunicación que nos interesa. También se ha estudiado el impacto que tiene esta contramedida en los recursos de la red. Como resultado paralelo se ha desarrollado un marco de pruebas para CWSNs que consta de un simulador y de una red de nodos cognitivos reales. Estas herramientas han sido esenciales para la implementación y extracción de resultados de la tesis. ABSTRACT Wireless Sensor Networks (WSNs) are one of the fastest growing sectors in wireless networks. The fast introduction of these networks as a solution in many new applications has increased the traffic in the radio spectrum. Due to the operation of WSNs in the free industrial, scientific, and medical (ISM) bands, saturation has ocurred in these frequencies that will make the same operation methods impossible in the future. Cognitive radio (CR) has appeared as a solution for this problem. The networks that join all the mentioned features together are called cognitive wireless sensor networks (CWSNs). The adoption of cognitive features in WSNs allows the use of these networks in applications with higher reliability, coverage, or quality of service requirements. The improvement of the performance of CWSNs allows their use in critical applications where they could not be used before such as structural monitoring, medical care, military scenarios, or security monitoring systems. Nevertheless, these applications also need other features that cognitive radio does not add directly, such as security. The security in CWSNs has not yet been explored fully because it is not necessary field for the main performance of these networks. Instead, other fields like spectrum sensing or collaboration have been explored deeply. However, the study of security in CWSNs is essential for their growth. Therefore, the main objective of this thesis is to study the impact of some cognitive radio attacks in CWSNs and to implement countermeasures using new cognitive capabilities, especially in the physical layer and considering the limitations of WSNs. Inside the work cycle of this thesis, security strategies against two important kinds of attacks in cognitive networks have been developed. These attacks are the primary user emulator (PUE) attack and the eavesdropping attack. A countermeasure against the PUE attack based on anomaly detection has been developed. Two different algorithms have been implemented: the cumulative sum algorithm and the data clustering algorithm. After the verification of these solutions, they have been compared and the side effects that can disturb their performance have been analyzed. The developed approach against the eavesdropping attack is based on the generation of artificial noise to conceal information messages. The impact of this countermeasure on network resources has also been studied. As a parallel result, a new framework for CWSNs has been developed. This includes a simulator and a real network with cognitive nodes. This framework has been crucial for the implementation and extraction of the results presented in this thesis.

Relevância:

80.00% 80.00%

Publicador:

Resumo:

Las prestaciones y características de los dispositivos móviles actuales los sitúa a un nivel similar a los ordenadores de escritorio tradicionales en cuanto a funcionalidad y posibilidades de uso, añadiendo además la movilidad y la sensación de pertenencia al usuario que se deriva de ésta. Estas cualidades convierten a las plataformas móviles de computación en verdaderos ordenadores personales, y cada día es más popular su utilización en ámbitos distintos del ocio y las comunicaciones propiamente dichas, pasando a convertirse en herramientas de apoyo a la productividad también en el entorno profesional y corporativo. La utilización del dispositivo móvil como parte de una infraestructura de telecomunicaciones da lugar a nuevas expresiones de problemas clásicos de gestión y seguridad. Para tratar de abordarlos con la flexibilidad y la escalabilidad necesarias se plantean alternativas novedosas que parten de enfoques originales a estos problemas, como las ideas y conceptos que se engloban en la filosofía del Control de Acceso a la Red (Network Access Control, o NAC). La mayoría de los planteamientos de NAC se basan, en el ámbito de la seguridad, en comprobar ciertas características del dispositivo móvil para tratar de determinar hasta qué punto puede éste suponer una amenaza para los recursos de la red u otros usuarios de la misma. Obtener esta información de forma fiable resulta extremadamente difícil si se caracteriza el dispositivo mediante un modelo de caja blanca, muy adecuado dada la apertura propia de los sistemas operativos móviles actuales, muy diferentes de los de antaño, y la ausencia de un marco de seguridad efectivo en ellos. Este trabajo explora el Estado de la Técnica en este ámbito de investigación y plantea diferentes propuestas orientadas a cubrir las deficiencias de las soluciones propuestas hasta el momento y a satisfacer los estrictos requisitos de seguridad que se derivan de la aplicación del modelo de caja blanca, materializándose en última instancia en la definición de un mecanismo de evaluación de características arbitrarias de un cierto dispositivo móvil basado en Entornos Seguros de Ejecución (Trusted Execution Environments, o TEEs) con elevadas garantías de seguridad compatible con los planteamientos actuales de NAC. ABSTRACT The performance and features of today’s mobile devices make them able to compete with traditional desktop computers in terms of functionality and possible usages. In addition to this, they sport mobility and the stronger sense of ownership that derives from it. These attributes change mobile computation platforms into truly personal computers, allowing them to be used not only for leisure or as mere communications devices, but also as supports of productivity in professional and corporative environments. The utilization of mobile devices as part of a telecommunications infrastructure brings new expressions of classic management and security problems with it. In order to tackle them with appropriate flexibility and scalability, new alternatives are proposed based on original approaches to these problems, such as the concepts and ideas behind the philosophy of Network Access Control (NAC). The vast majority of NAC proposals are based, security-wise, on checking certain mobile device’s properties in order to evaluate how probable it is for it to become a threat for network resources or even other users of the infrastructure. Obtaining this information in a reliable and trustworthy way is extremely difficult if the device is characterized using a white-box model, which is the most appropriate if the openness of today’s mobile operating systems, very different from former ones, and the absence of an effective security framework are taken into account. This work explores the State of the Art related with the aforementioned field of research and presents different proposals targeted to overcome the deficiencies of current solutions and satisfy the strict security requirements derived from the application of the white box model. These proposals are ultimately materialized in the definition of a high-security evaluation procedure of arbitrary properties of a given mobile device based on Trusted Execution Environments (TEEs) which is compatible with modern NAC approaches.