512 research outputs found

    Web services security: A proposed architecture for interdomain trust relationship

    Get PDF
    Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2006Includes bibliographical references (leaves: 49)Text in English; Abstract: Turkish and Englishix, 68 leavesWeb services technology is vulnerable to security threats similar to other technologies which are based on communication over internet. Some applications working over internet typically require strong authentication. The security requirements of a scenario may involve interdomain authentication mechanisms. These domains may be operating using different technologies. In order to enable such scenarios, we leverage existing approaches with emerging standards and propose an architecture. Our proposed architecture takes advantage of XML technology and emerging SAML standard. The most important aim of the proposed architecture is platform indepedence. Our proposed architecture includes a Security Token Service and a protocol for communication between token requesters, consumers and issuers. Although, the exact flow of execution depends on the scenario, we believe our approaches can be used as common ground for implementation

    Extending the Internet of Things to the future Internet through IPv6 Support

    Get PDF
    Emerging Internet of Things (IoT)/Machine-to-Machine (M2M) systems require a transparent access to information and services through a seamless integration into the Future Internet. This integration exploits infrastructure and services found on the Internet by the IoT. On the one hand, the so-called Web of Things aims for direct Web connectivity by pushing its technology down to devices and smart things. On the other hand, the current and Future Internet offer stable, scalable, extensive, and tested protocols for node and service discovery, mobility, security, and auto-configuration, which are also required for the IoT. In order to integrate the IoT into the Internet, this work adapts, extends, and bridges using IPv6 the existing IoT building blocks (such as solutions from IEEE 802.15.4, BT-LE, RFID) while maintaining backwards compatibility with legacy networked embedded systems from building and industrial automation. Specifically, this work presents an extended Internet stack with a set of adaptation layers from non-IP towards the IPv6-based network layer in order to enable homogeneous access for applications and services

    Security in Distributed, Grid, Mobile, and Pervasive Computing

    Get PDF
    This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

    Addressing Insider Threats from Smart Devices

    Get PDF
    Smart devices have unique security challenges and are becoming increasingly common. They have been used in the past to launch cyber attacks such as the Mirai attack. This work is focused on solving the threats posed to and by smart devices inside a network. The size of the problem is quantified; the initial compromise is prevented where possible, and compromised devices are identified. To gain insight into the size of the problem, campus Domain Name System (DNS) measurements were taken that allow for wireless traffic to be separated from wired traffic. Two-thirds of the DNS traffic measured came from wireless hosts, implying that mobile devices are playing a bigger role in networks. Also, port scans and service discovery protocols were used to identify Internet of Things (IoT) devices on the campus network and follow-up work was done to assess the state of the IoT devices. Motivated by these findings, three solutions were developed. To handle the scenario when compromised mobile devices are connected to the network, a new strategy for steppingstone detection was developed with both an application layer and a transport layer solution. The proposed solution is effective even when the mobile device cellular connection is used. Also, malicious or vulnerable applications make it through the mobile app store vetting process. A user space tool was developed that identifies apps contacting malicious domains in real time and collects data for research purposes. Malicious app behavior can then be identified on the user’s device, catching malicious apps that were overlooked by software vetting. Last, the variety of IoT device types and manufacturers makes the job of keeping them secure difficult. A generic framework was developed to lighten the management burden of securing IoT devices, serve as a middle box to secure legacy devices, and also use DNS queries as a way to identify misbehaving devices

    REST in Practice

    Get PDF

    Remote monitoring of industrial frequency converters

    Get PDF
    Frequency converters are sometimes mounted at places, in which they have the most processing power of the surrounding devices. Often the remote monitoring of frequency converters has been implemented in an external programmable logic controller PC which is connected to the Internet. Sometimes it is not reasonable to use an extra computer at the location, which means the remote connection should be directly connectible to the frequency converter. This master’s thesis studies the possibility to use SOAP for a remote connection, established from the frequency converter to an external database server. The objective is to create a remote monitoring connection which is easily deployable for the end user. The implementation considers compatibility issues with firewalls, proxy servers and NAT routers.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format
    corecore