878 resultados para Public key cryptography
Resumo:
As the user base of the Internet has grown tremendously, the need for secure services has increased accordingly. Most secure protocols, in digital business and other fields, use a combination of symmetric and asymmetric cryptography, random generators and hash functions in order to achieve confidentiality, integrity, and authentication. Our proposal is an integral security kernel based on a powerful mathematical scheme from which all of these cryptographic facilities can be derived. The kernel requires very little resources and has the flexibility of being able to trade off speed, memory or security; therefore, it can be efficiently implemented in a wide spectrum of platforms and applications, either software, hardware or low cost devices. Additionally, the primitives are comparable in security and speed to well known standards.
Resumo:
We propose a secure full-duplex VoIP and instant messaging system on a Pocket PC platform, allowing for session key transport using a public-key protocol and encrypted text or voice communication using a private-key algorithm. The full-duplex VoIP scheme presents good performance for long duration communication over LAN networks.
Resumo:
The advent of personal communication systems within the last decade has depended upon the utilization of advanced digital schemes for source and channel coding and for modulation. The inherent digital nature of the communications processing has allowed the convenient incorporation of cryptographic techniques to implement security in these communications systems. There are various security requirements, of both the service provider and the mobile subscriber, which may be provided for in a personal communications system. Such security provisions include the privacy of user data, the authentication of communicating parties, the provision for data integrity, and the provision for both location confidentiality and party anonymity. This thesis is concerned with an investigation of the private-key and public-key cryptographic techniques pertinent to the security requirements of personal communication systems and an analysis of the security provisions of Second-Generation personal communication systems is presented. Particular attention has been paid to the properties of the cryptographic protocols which have been employed in current Second-Generation systems. It has been found that certain security-related protocols implemented in the Second-Generation systems have specific weaknesses. A theoretical evaluation of these protocols has been performed using formal analysis techniques and certain assumptions made during the development of the systems are shown to contribute to the security weaknesses. Various attack scenarios which exploit these protocol weaknesses are presented. The Fiat-Sharmir zero-knowledge cryptosystem is presented as an example of how asymmetric algorithm cryptography may be employed as part of an improved security solution. Various modifications to this cryptosystem have been evaluated and their critical parameters are shown to be capable of being optimized to suit a particular applications. The implementation of such a system using current smart card technology has been evaluated.
Resumo:
Combinatorial designs are used for designing key predistribution schemes that are applied to wireless sensor networks in communications. This helps in building a secure channel. Private-key cryptography helps to determine a common key between a pair of nodes in sensor networks. Wireless sensor networks using key predistribution schemes have many useful applications in military and civil operations. When designs are efficiently implemented on sensor networks, blocks with unique keys will be the result. One such implementation is a transversal design which follows the principle of simple key establishment. Analysis of designs and modeling the key schemes are the subjects of this project.
Resumo:
Si tota la formació es fa a distància, per què els exàmens en aquest tipus d'ensenyament no ho són? Probablement hi hauran diverses visions a l'hora de respondre aquesta pregunta. En tot cas, per poc que pensem en la realització d'exàmens a distància ens sorgeixen un seguit de qüestions per resoldre: com podem assegurar l'autenticitat i integritat de les dades? Com podem estar segurs que la persona que fa l'examen és qui diu ser? En aquest projecte de final de carrera s'ha dissenyat, implementat i provat un sistema que, mitjançant criptografia de clau pública, garanteix la correcció en totes les fases d'un procés d'examen electrònic. Entenem que aquest és un pas previ a la realització d'exàmens a distància.
Resumo:
Implementació d'un esquema criptogràfic basat en PKI (Public Key Infrastructure) per a gestionar d'una manera segura dins una xarxa de comunicacions els historials mèdics dels pacients.
Resumo:
Aquest treball presenta una solució basada en criptosistemes de clau pública, certificats i signatures digitals, emprant Java com a llenguatge de programació. Per a estendre la funcionalitat quant a seguretat del Java Developer Kit (JDK) s'utilitza la llibreria criptogràficaIAIK (Institute for Applied Information Processing and Communication).
Resumo:
En aquest projecte de final de carrera s'ha dissenyat, implementat i provat un sistema que utilitzant criptografia de clau pública, garanteix la correcta utilització de les dades en un procés de consulta i complimentació d'una història clínica informatitzada consultada a distància.
Resumo:
One of the major problems when using non-dedicated volunteer resources in adistributed network is the high volatility of these hosts since they can go offlineor become unavailable at any time without control. Furthermore, the use ofvolunteer resources implies some security issues due to the fact that they aregenerally anonymous entities which we know nothing about. So, how to trustin someone we do not know?.Over the last years an important number of reputation-based trust solutionshave been designed to evaluate the participants' behavior in a system.However, most of these solutions are addressed to P2P and ad-hoc mobilenetworks that may not fit well with other kinds of distributed systems thatcould take advantage of volunteer resources as recent cloud computinginfrastructures.In this paper we propose a first approach to design an anonymous reputationmechanism for CoDeS [1], a middleware for building fogs where deployingservices using volunteer resources. The participants are reputation clients(RC), a reputation authority (RA) and a certification authority (CA). Users needa valid public key certificate from the CA to register to the RA and obtain thedata needed to participate into the system, as now an opaque identifier thatwe call here pseudonym and an initial reputation value that users provide toother users when interacting together. The mechanism prevents not only themanipulation of the provided reputation values but also any disclosure of theusers' identities to any other users or authorities so the anonymity isguaranteed.
Resumo:
Aquest projecte implementa una plataforma web per a la creació i signatura digital d'iniciatives legislatives populars. La solució es basa en la implementació d'un sistema d'autenticació mitjançant SSL i certificats digitals.
Resumo:
El despliegue de un esquema de confianza es fundamental para poder desarrollar servicios de seguridad que permitan administrar y operar una red. Sin embargo, las soluciones empleadas en las redes tradicionales no se adaptan a un entorno ad hoc debido a la naturaleza dinámica y sin infraestructura de estas redes. En el presente trabajo se propone un esquema de confianza práctico y eficiente basado en una infraestructura de clave pública distribuida, umbral y jerárquica, que no requiere sincronización temporal entre todos los nodos de la red. La autorización de usuarios en el sistema se hace a través de certificados de corta duración que eliminan la necesidad de mantener la publicación y diseminación de unas listas de revocación. Por otro lado, una entidad externa de confianza permite alargar la reputación de un usuario de la red más allá de la existencia de la propia red.
Resumo:
La Ley 527 de 1999 regula lo relativo al Comercio Electrónico en Colombia. Esta ley sigue de cerca la Ley Modelo que sobre la materia preparó la Comisión de las Naciones Unidas para el Derecho Mercantil Internacional
Resumo:
Via Internet kan vi sköta många av våra dagliga rutiner. Vi kan handla, betala räkningar, beställa biljetter till diverse evenemang, resor med mera. Även den offentliga sektorn erbjuder alltfler av sina tjänster elektroniskt. Det största hindret för utvecklingen av elektroniska tjänster är den höga säkerhet som måste ställas på exempelvis identifiering och signering. För denna säkerhet kan med fördel PKI, Public Key Infrastructure, användas. Det är en säkerhetsmetod som innebär att man använder privata och publika nycklar. PKI-tekniken skyddar bra mot avlyssning eftersom identifieringen bygger på att ett slumptal krypteras, och att resultatet därför ser olika ut från gång till gång.Socialtjänsten på Borlänge Kommun har påbörjat utvecklingen av en elektronisk tjänst som kommer att innebära att personer som beviljats ekonomiskt bistånd, ska kunna förnya sin ansökan via Internet. Personen i fråga ska även kunna se de uppgifter som Socialtjänsten har ifrån övriga inblandade myndigheter, samt vika utbetalningar som Socialtjänsten gjort och ska göra till personen. I och med detta exjobb kan Borlänge Kommun visa upp en prototyp som fungerar i stort sett som de vill att den skarpa tjänsten ska göraSverige är en av pionjärerna i världen att öppna förvaltningen på Internet, och Borlänge kommun har som en av de första kommunerna i Sverige startat utvecklingen av en tjänst i enlighet med "24-timmars myndigheten".
Resumo:
Previous works have studied the characteristics and peculiarities of P2P networks, especially security information aspects. Most works, in some way, deal with the sharing of resources and, in particular, the storage of files. This work complements previous studies and adds new definitions relating to this kind of systems. A system for safe storage of files (SAS-P2P) was specified and built, based on P2P technology, using the JXTA platform. This system uses standard X.509 and PKCS # 12 digital certificates, issued and managed by a public key infrastructure, which was also specified and developed based on P2P technology (PKIX-P2P). The information is stored in a special file with XML format which is especially prepared, facilitating handling and interoperability among applications. The intention of developing the SAS-P2P system was to offer a complementary service for Giga Natal network users, through which the participants in this network can collaboratively build a shared storage area, with important security features such as availability, confidentiality, authenticity and fault tolerance. Besides the specification, development of prototypes and testing of the SAS-P2P system, tests of the PKIX-P2P Manager module were also performed, in order to determine its fault tolerance and the effective calculation of the reputation of the certifying authorities participating in the system
Resumo:
Nowadays due to the security vulnerability of distributed systems, it is needed mechanisms to guarantee the security requirements of distributed objects communications. Middleware Platforms component integration platforms provide security functions that typically offer services for auditing, for guarantee messages protection, authentication, and access control. In order to support these functions, middleware platforms use digital certificates that are provided and managed by external entities. However, most middleware platforms do not define requirements to get, to maintain, to validate and to delegate digital certificates. In addition, most digital certification systems use X.509 certificates that are complex and have a lot of attributes. In order to address these problems, this work proposes a digital certification generic service for middleware platforms. This service provides flexibility via the joint use of public key certificates, to implement the authentication function, and attributes certificates to the authorization function. It also supports delegation. Certificate based access control is transparent for objects. The proposed service defines the digital certificate format, the store and retrieval system, certificate validation and support for delegation. In order to validate the proposed architecture, this work presents the implementation of the digital certification service for the CORBA middleware platform and a case study that illustrates the service functionalities
