Evaluating single sign on security failure in cloud services

The business use of cloud computing services is motivated by the ease of use and the potential financial cost reductions. Service failure may occur when the service provider does not protect information or when the use of the services becomes overly complex and difficult. The benefits also bring optimisation challenges for the information owners who must assess the service security risk and the degree to which new human behaviours are required. In this research we look at the risk of identity theft when ease of service access is provided through a Single Sign On (SSO) authorisation and ask: What are the optimal behavioural expectations for a Cloud service information owner? Federated identity management is a well-developed design literature for solutions to optimising human behaviours in relation to the new technologies. We briefly review the literature and then propose a working solution that optimises the trade-off between disclosure risk, human user risk and service security. Both breech and non-use of a system are failures

Certified Learning Experiences: From Heterogeneous Learning Spaces to Portable Education Portfolios

The digital era has accomplished new kinds of learning spaces, where learners engage in different kinds of learning activities. Thus different learners are gaining various learning experiences from heterogeneous learning spaces. A key challenge is how to systematically collect those heterogeneous learning activities into well-organized education portfolios. In existing Education Portfolio Systems (EPS) including LinkedIn, Mahara, and Open-Badges does not support importing learning activities from learning spaces. In these systems, it does not allow users to authenticate through OpenID, and also users cannot create multiple portfolio views. Thus to address these problems we propose our system named Portable Education Portfolios (PEPs) which imports certified users experiences from different learning spaces. This thesis utilizes a Design Science Research Methodology (DSRM) for PEPs development, which intends to solve the key challenge. The proposed approach i.e. DSRM is modified to fit this research context. As a result, alike existing EPS, an innovative IT artifact called PEPs tool is created. PEPs collect certified experiences of users from different learning spaces and also create their portfolio. On the other hand, as an additional feature to existing EPS, the PEPs tool supports Life-Long Learning Process and Continuing Professional Development. To address the research objectives PEPs system is experimented with three different learning spaces including TUT-Mantis, Moodle and OpenSE. These learning spaces follow informal, formal and non-formal learning patterns respectively. PEPs successfully collected various user experiences and created a single portable portfolio for the users. Hence, we conclude that the PEPs system is a complete tool to solve all the key issues raised in this research

Diseñar e implementar un sistema integrado de puntos de acceso Wi-Fi

Los puntos de acceso Wi-Fi permiten la conectividad en cualquier momento y lugar donde se tenga cobertura. Su sencillez y facilidad de uso hacen que rápidamente se estén desplegando en lugares que tienden a atraer a los usuarios nómadas. Sin embargo, su uso en muchos puntos tiende a una baja utilización y no son rentables. Con el propósito de mitigar las causas de esta baja utilización y poder aumentar el uso de puntos de acceso Wi-Fi para servicio público, es necesario diseñar e implementar en un único dispositivo, un sistema integrado de Access Point Wi-Fi que integre varios métodos de acceso a través de portales cautivos, con despliegue de publicidad controlada no invasiva, un servidor AAA y una interfaz de gestión web para toda la solución.The Wi-Fi hotspots allow connectivity at any time and place where you have coverage. Its simplicity and ease of use means that they are rapidly deploying in places that tend to attract nomadic users. However, its use in many points tends to low utilization and is not profitable. In order to mitigate the causes of this low usage and to increase the use of Wi-Fi hotspots for public service, it is necessary to design and implement in a single device, an integrated system of Access Point Wi-Fi that integrates several access methods through captive portals, with the deployment of non-invasive controlled advertising, an AAA server and a web management interface for the entire solution.Magíster en Ingeniería ElectrónicaMaestrí