A policy model for secure information flow

When a computer program requires legitimate access to confidential data, the question arises whether such a program may illegally reveal sensitive information. This paper proposes a policy model to specify what information flow is permitted in a computational system. The security definition, which is based on a general notion of information lattices, allows various representations of information to be used in the enforcement of secure information flow in deterministic or nondeterministic systems. A flexible semantics-based analysis technique is presented, which uses the input-output relational model induced by an attacker's observational power, to compute the information released by the computational system. An illustrative attacker model demonstrates the use of the technique to develop a termination-sensitive analysis. The technique allows the development of various information flow analyses, parametrised by the attacker's observational power, which can be used to enforce what declassification policies.

Television broadcast reception

The sections in this article are: Vestigial Sideband Modulation, Spectrum Allocation, VHF Versus UHF Propagation, Receivers, Interference, Multipath Equalization, and Digital Receivers

Reduction of vestigial sideband effects due to multipath transmission in terrestrial broadcast television

In terrestrial television transmission multiple paths of various lengths can occur between the transmitter and the receiver. Such paths occur because of reflections from objects outside the direct transmission path. The multipath signals arriving at the receiver are all detected along with the intended signal causing time displaced replicas called 'ghosts' to appear on the television picture. With an increasing number of people living within built up areas, ghosting is becoming commonplace and therefore deghosting is becoming increasingly important. This thesis uses a deterministic time domain approach to deghosting, resulting in a simple solution to the problem of removing ghosts. A new video detector is presented which reduces the synchronous detector local oscillator phase error, caused by any practical size of ghost, to a lower level than has ever previously been achieved. From the new detector, dispersion of the video signal is minimised and a known closed-form time domain description of the individual ghost components within the detected video is subsequently obtained. Developed from mathematical descriptions of the detected video, a new specific deghoster filter structure is presented which is capable of removing both inphase (I) and also the phase quadrature (Q) induced ghost signals derived from the VSB operation. The new deghoster filter requires much less hardware than any previous deghoster which is capable of removing both I and Q ghost components. A new channel identification algorithm was also required and written which is based upon simple correlation techniques to find the delay and complex amplitude characteristics of individual ghosts. The result of the channel identification is then passed to the new I and Q deghoster filter for ghost cancellation. Generated from the research work performed for this thesis, five papers have been published. D

User-friendly free-text keystroke dynamics authentication for practical applications

This paper introduces a novel approach for free-text keystroke dynamics authentication which incorporates the use of the keyboard’s key-layout. The method extracts timing features from specific key-pairs. The Euclidean distance is then utilized to find the level of similarity between a user’s profile data and his/her test data. The results obtained from this method are reasonable for free-text authentication while maintaining the maximum level of user relaxation. Moreover, it has been proven in this study that flight time yields better authentication results when compared with dwell time. In particular, the results were obtained with only one training sample for the purpose of practicality and ease of real life application.

Enhanced three-factor security protocol for consumer USB mass storage devices

The Universal Serial Bus (USB) is an extremely popular interface standard for computer peripheral connections and is widely used in consumer Mass Storage Devices (MSDs). While current consumer USB MSDs provide relatively high transmission speed and are convenient to carry, the use of USB MSDs has been prohibited in many commercial and everyday environments primarily due to security concerns. Security protocols have been previously proposed and a recent approach for the USB MSDs is to utilize multi-factor authentication. This paper proposes significant enhancements to the three-factor control protocol that now makes it secure under many types of attacks including the password guessing attack, the denial-of-service attack, and the replay attack. The proposed solution is presented with a rigorous security analysis and practical computational cost analysis to demonstrate the usefulness of this new security protocol for consumer USB MSDs.

New opportunities for secure communication networks using shaped femtosecond laser pulses inducing filamentation processes in the atmosphere

The current study discusses new opportunities for secure ground to satellite communications using shaped femtosecond pulses that induce spatial hole burning in the atmosphere for efficient communications with data encoded within super-continua generated by femtosecond pulses. Refractive index variation across the different layers in the atmosphere may be modelled using assumptions that the upper strata of the atmosphere and troposphere behaving as layered composite amorphous dielectric networks composed of resistors and capacitors with different time constants across each layer. Input-output expressions of the dynamics of the networks in the frequency domain provide the transmission characteristics of the propagation medium. Femtosecond pulse shaping may be used to optimize the pulse phase-front and spectral composition across the different layers in the atmosphere. A generic procedure based on evolutionary algorithms to perform the pulse shaping is proposed. In contrast to alternative procedures that would require ab initio modelling and calculations of the propagation constant for the pulse through the atmosphere, the proposed approach is adaptive, compensating for refractive index variations along the column of air between the transmitter and receiver.

Upgrading a TCABR data analysis and acquisition system for remote participation using Java, XML, RCP and modern client/server communication/authentication

The TCABR data analysis and acquisition system has been upgraded to support a joint research programme using remote participation technologies. The architecture of the new system uses Java language as programming environment. Since application parameters and hardware in a joint experiment are complex with a large variability of components, requirements and specification solutions need to be flexible and modular, independent from operating system and computer architecture. To describe and organize the information on all the components and the connections among them, systems are developed using the extensible Markup Language (XML) technology. The communication between clients and servers uses remote procedure call (RPC) based on the XML (RPC-XML technology). The integration among Java language, XML and RPC-XML technologies allows to develop easily a standard data and communication access layer between users and laboratories using common software libraries and Web application. The libraries allow data retrieval using the same methods for all user laboratories in the joint collaboration, and the Web application allows a simple graphical user interface (GUI) access. The TCABR tokamak team in collaboration with the IPFN (Instituto de Plasmas e Fusao Nuclear, Instituto Superior Tecnico, Universidade Tecnica de Lisboa) is implementing this remote participation technologies. The first version was tested at the Joint Experiment on TCABR (TCABRJE), a Host Laboratory Experiment, organized in cooperation with the IAEA (International Atomic Energy Agency) in the framework of the IAEA Coordinated Research Project (CRP) on ""Joint Research Using Small Tokamaks"". (C) 2010 Elsevier B.V. All rights reserved.

FAST, PARALLEL AND SECURE CRYPTOGRAPHY ALGORITHM USING LORENZ`S ATTRACTOR

A novel cryptography method based on the Lorenz`s attractor chaotic system is presented. The proposed algorithm is secure and fast, making it practical for general use. We introduce the chaotic operation mode, which provides an interaction among the password, message and a chaotic system. It ensures that the algorithm yields a secure codification, even if the nature of the chaotic system is known. The algorithm has been implemented in two versions: one sequential and slow and the other, parallel and fast. Our algorithm assures the integrity of the ciphertext (we know if it has been altered, which is not assured by traditional algorithms) and consequently its authenticity. Numerical experiments are presented, discussed and show the behavior of the method in terms of security and performance. The fast version of the algorithm has a performance comparable to AES, a popular cryptography program used commercially nowadays, but it is more secure, which makes it immediately suitable for general purpose cryptography applications. An internet page has been set up, which enables the readers to test the algorithm and also to try to break into the cipher.

Analys av en meddelandetjänst vid krissituationer baserat på CBS-tekniken(Cell Broadcast Service)

Uppdragsgivare för detta examensarbete är Länsstyrelsen Dalarna. Målet är att undersöka hur lämplig tekniken med CBS (Cell Broadcast Service) baserade textmeddelande är vid viktigt meddelande till allmänheten (VMA-larm). En tjänst som utnyttjar CBS-tekniken kan rädda liv om allmänheten i ett tidigt skede får reda på vad som hänt och vart de ska bege sig.Rapporten visar på hur man kan använda SMS då en krissituation uppstår. Med hjälp av CBS-tekniken skickas meddelandet till specifikt valda basstationer och alla mobiltelefoner som är uppkopplade mot den. Det positiva är att bara de som behöver få veta vad som hänt får meddelandet.Enligt specifikationerna (ETSI) på GSM och 3G-näten i Sverige finns det stöd för utskick av CBS-meddelanden inbyggt i de befintliga näten. Det finns dock vissa problem vid införandet av CBS-tekniken i operatörsnäten. Operatörerna måste implementera en Cell Broadcast Center (CBC) i näten, denna del av infrastrukturen kommunicerar med basstationerna och sköter utskicken av CBS-meddelanden. Ett ytterligare problem med CBS-tekniken är att användarna måste aktivera mobiltelefonen för att ta emot CBS-meddelanden.Enligt Telia och Vodafone används CBS inte i Sverige idag men vi bedömer att tjänsten för att varna allmänheten kan använda sig av CBS-tekniken om den implementeras i operatörsnäten. Vi har i detta arbete använt oss av en generell kvalitativ metod kompletterat med Siegels metod. Med den kvalitativa metoden har vi intervjuat Telia och Vodafone på ingående fakta om CBS-tekniken. Vid design av teknisk lösning har vi använt oss av Siegels två första faser.