Study and development of a remote biometric authentication protocol

This paper reports the phases of study and implementation of a remote biometric authentication protocol developed during my internship at the I.i.t. of the C.n.r. in Pisa. Starting from the study of authentication history we had a look from the first system used since the 60ies to the latest technology; this helped us understand how we could realize a demonstration working protocol that could achieve a web remote authentication granting good reliability: to do this we choosed to modify the SSL handshake with biometric tests and we decided to use smart-cards a secure vault for the sensible biometric data involved. In the first chapter you will find a brief definition of authentication and an introduction on how we can achieve it, with a particular focus on new biometric techniques. In the second chapter there\u27s the history of authentication from the very first password system to actual ones: new token and smart card technolgies are longer stressed in order to introduce the reader to the last chapter. In the third chapter you will find the project framework, the development of our implementation choiches and the source code of the demo project

Multilingual interactive integrated multimedia based e-commerce

As we approach the end of the twentieth century, E-commerce is a critical force shaping the world of today and tomorrow. E-commerce have introduced a new society where people can buy freely, anywhere, at anytime, across the globe on the web. There seems to be a market for consultants and outsourcing purveyors who will take your money and put together an online business for you. These are all very different markets, however. As lot of people speak different language than English, the concept of Multilingual Technology is essential. The primary purpose of this research paper is to study the Integrated Multimedia interaction with today\u27s technology secondary purpose is to check out the Application of this technology in E -Commerce with the help of Multilingual technology. Multilingual-based E-commerce would prompt more widespread use of the types of services now available and prompt the development of new and better services and the benefits brought by information, technology, and information services available will be magnified and extended globally

TLS Adaptation for Virtualized Border Gateway

WiFi radio access technology is being adopted as a part of the current small cell solutions of mobile networks. Any WiFi network with Internet connectivity can be used by the mobile device to access packet-based LTE services like voice calling and instant messaging. This service traffic is strictly confidential and needs to be protected with encryption when an untrusted access, i.e., a public hotspot access, is used. This new scenario requires a new network element that terminates the encrypted service connection. For Nokia Networks this element is called the Border Gateway. At the same time the telecommunications industry is moving towards cloud computing so network elements are being virtualized to operate on virtual machines running in the cloud instead of the current embedded systems. This thesis begins by discussing the current industry landscape and how both the WiFi small cells and the cloud-based network infrastructure are partly answering the problem of rapidly growing mobile data consumption. The focus of the thesis is studying the capabilities of the Border Gateway on the context of non-real-time service traffic encryption, with an emphasis on the virtualized platform. Also a general network security related validation is performed, as this element exists for providing security features. The virtualized Border Gateway proved to be ten times more capable than the original embedded system, because the current x86-based processors used in the cloud offer significantly more performance than the digital signal processors in the embedded system. The fact that the Unix operating system and related software in the cloud are mostly open source, proved that security related testing only needed to be performed on the embedded platform, as there the platform software is closed-source and not already verified by the masses

Teleoperation of passivity-based model reference robust control over the internet

This dissertation offers a survey of a known theoretical approach and novel experimental results in establishing a live communication medium through the internet to host a virtual communication environment for use in Passivity-Based Model Reference Robust Control systems with delays. The controller which is used as a carrier to support a robust communication between input-to-state stability is designed as a control strategy that passively compensates for position errors that arise during contact tasks and strives to achieve delay-independent stability for controlling of aircrafts or other mobile objects. Furthermore the controller is used for nonlinear systems, coordination of multiple agents, bilateral teleoperation, and collision avoidance thus maintaining a communication link with an upper bound of constant delay is crucial for robustness and stability of the overall system. For utilizing such framework an elucidation can be formulated by preparing site survey for analyzing not only the geographical distances separating the nodes in which the teleoperation will occur but also the communication parameters that define the virtual topography that the data will travel through. This survey will first define the feasibility of the overall operation since the teleoperation will be used to sustain a delay based controller over the internet thus obtaining a hypothetical upper bound for the delay via site survey is crucial not only for the communication system but also the delay is required for the design of the passivity-based model reference robust control. Following delay calculation and measurement via site survey, bandwidth tests for unidirectional and bidirectional communication is inspected to ensure that the speed is viable to maintain a real-time connection. Furthermore from obtaining the results it becomes crucial to measure the consistency of the delay throughout a sampled period to guarantee that the upper bound is not breached at any point within the communication to jeopardize the robustness of the controller. Following delay analysis a geographical and topological overview of the communication is also briefly examined via a trace-route to understand the underlying nodes and their contribution to the delay and round-trip consistency. To accommodate the communication channel for the controller the input and output data from both nodes need to be encapsulated within a transmission control protocol via a multithreaded design of a robust program within the C language. The program will construct a multithreaded client-server relationship in which the control data is transmitted. For added stability and higher level of security the channel is then encapsulated via an internet protocol security by utilizing a protocol suite for protecting the communication by authentication and encrypting each packet of the session using negotiation of cryptographic keys during each session

How to Measure TLS, X.509 Certificates, and Web PKI: A Tutorial and Brief Survey

Transport Layer Security (TLS) is the base for many Internet applications and services to achieve end-to-end security. In this paper, we provide guidance on how to measure TLS deployments, including X.509 certificates and Web PKI. We introduce common data sources and tools, and systematically describe necessary steps to conduct sound measurements and data analysis. By surveying prior TLS measurement studies we find that diverging results are rather rooted in different setups instead of different deployments. To improve the situation, we identify common pitfalls and introduce a framework to describe TLS and Web PKI measurements. Where necessary, our insights are bolstered by a data-driven approach, in which we complement arguments by additional measurements

Proceedings of the 2nd International Workshop on Security in Mobile Multiagent Systems

This report contains the Proceedings of the Second Workshop on Security on Security of Mobile Multiagent Systems (SEMAS2002). The Workshop was held in Montreal, Canada as a satellite event to the 5th International Conference on Autonomous Agents in 2001. The far reaching influence of the Internet has resulted in an increased interest in agent technologies, which are poised to play a key role in the implementation of successful Internet and WWW-based applications in the future. While there is still considerable hype concerning agent technologies, there is also an increasing awareness of the problems involved. In particular, that these applications will not be successful unless security issues can be adequately handled. Although there is a large body of work on cryptographic techniques that provide basic building-blocks to solve specific security problems, relatively little work has been done in investigating security in the multiagent system context. Related problems are secure communication between agents, implementation of trust models/authentication procedures or even reflections of agents on security mechanisms. The introduction of mobile software agents significantly increases the risks involved in Internet and WWW-based applications. For example, if we allow agents to enter our hosts or private networks, we must offer the agents a platform so that they can execute correctly but at the same time ensure that they will not have deleterious effects on our hosts or any other agents / processes in our network. If we send out mobile agents, we should also be able to provide guarantees about specific aspects of their behaviour, i.e., we are not only interested in whether the agents carry out-out their intended task correctly. They must defend themselves against attacks initiated by other agents, and survive in potentially malicious environments. Agent technologies can also be used to support network security. For example in the context of intrusion detection, intelligent guardian agents may be used to analyse the behaviour of agents on a firewall or intelligent monitoring agents can be used to analyse the behaviour of agents migrating through a network. Part of the inspiration for such multi-agent systems comes from primitive animal behaviour, such as that of guardian ants protecting their hill or from biological immune systems

ISECUBE: a portable ISEAGE

As the Internets\u27 potential continues to grow in functionality and services, malicious activity becomes more prevalent. Professionals and researchers are working hard to create and implement secure systems, but this can require extensive tools and training to arising situations.;ISECUBE has been developed to be used in conjunction with Iowa State University\u27s Internet Scale Event and Attack Generation Environment (ISEAGE) to act as a self sustaining portable environment as well as an extension of its functionality and services. ISECUBE is a transportable device that provides different realistic environments. These environments were designed with the classroom, research collaboration, and corporate use in mind. Overall statistics of usage is collected and can be viewed in different formats for later analysis. By developing such a device, the education and security fields can benefit from ISECUBE\u27s capability