Analisis Fungsi Keamanan Terhadap Kinerja Router Pada Jaringan Berkecepatan Tinggi

Router adalah sebuah perangkat pada jaringan komputer yang digunakan untuk meneruskan paket data. Karena fungsinya, router menjadi peran penting dalam mengukur kinerja jaringan komputer. Router perlu memproses paket data yang masuk dengan kecepatan tinggi dan delay sedikit mungkin. Oleh karena itu, router harus didukung dengan sistem keamanan yang baik juga. Aktivasi aplikasi keamanan dan enkripsi data pada router dan firewall dapat mengkonsumsi sumber daya CPU untuk komputasi tambahan dan hal ini dapat mempengaruhi penurunan kinerja router. Selain itu, mekanisme keamanan di router bisa membawa kemungkinan kemacetan di jaringan pada saat ON/OFF fungsi keamanan sehingga dapat mempengaruhi kinerja router dalam meneruskan paket data. Sebuah analisis kuantitatif didasarkan pada teori antrian dapat digunakan untuk mengukur dan memprediksi serta meningkatkan kinerja router. Dalam tulisan ini, beberapa skenario simulasi akan dilakukan untuk menganalisis pengaruh fungsi keamanan di router pada jaringan kecepatan tinggi. Skenario tersebut menggunakan distribusi Generalized Exponential (GE-type) untuk mencerminkan interarrival bursty dan waktu servis pada router. Hasil penelitian menunjukkan bahwa fungsi keamanan di router bisa membawa penurunan pada kinerjanya. Kata kunci— router, keamanan, kinerja, teori antrian, jaringan berkecepatan tingg

Integración de seguridad e información médica en FHIR

En este proyecto se experimenta con FHIR (Fast Healthcare Interoperability Resources), un conjunto de estándares desarrollados por HL7 (Health Level 7) Internacional, y se implementan una serie de servicios basados en FHIR que permitan hacer búsquedas de información médica de forma segura a través de una interfaz REST (REpresentational State Transfer). Además de la implementación de estos servicios, se desarrolla una aplicación cliente que demuestre su funcionamiento. En este documento se puede encontrar detallado todo el proceso de realización del proyecto desde sus fase más temprana de planificación hasta su finalización y se detallan las decisiones tomadas durante su desarrollo y los problemas e inconvenientes encontrados.This project experiments with FHIR (Fast Healthcare Interoperability Resources), a set of standards developed by HL7 (Health Level 7 International), and implements a series of FHIR-based services that allow searching of medical information safely through a REST (REpresentational State Transfer) interface. In addition to the implementation of these services, a client application is developed to demonstrate its operation. In this document, you can find the entire process of carrying out the project from its earliest planning phase to its completion, and details the decisions made during its development and the problems encountered

Guidelines to address the human factor in the South African National Research and Education Network beneficiary institutions

Even if all the technical security solutions appropriate for an organisation’s network are implemented, for example, firewalls, antivirus programs and encryption, if the human factor is neglected then these technical security solutions will serve no purpose. The greatest challenge to network security is probably not the technological solutions that organisations invest in, but the human factor (non-technical solutions), which most organisations neglect. The human factor is often ignored even though humans are the most important resources of organisations and perform all the physical tasks, configure and manage equipment, enter data, manage people and operate the systems and networks. The same people that manage and operate networks and systems have vulnerabilities. They are not perfect and there will always be an element of mistake-making or error. In other words, humans make mistakes that could result in security vulnerabilities, and the exploitation of these vulnerabilities could in turn result in network security breaches. Human vulnerabilities are driven by many factors including insufficient security education, training and awareness, a lack of security policies and procedures in the organisation, a limited attention span and negligence. Network security may thus be compromised by this human vulnerability. In the context of this dissertation, both physical and technological controls should be implemented to ensure the security of the SANReN network. However, if the human factors are not adequately addressed, the network would become vulnerable to risks posed by the human factor which could threaten the security of the network. Accordingly, the primary research objective of this study is to formulate guidelines that address the information security related human factors in the rolling out and continued management of the SANReN network. An analysis of existing policies and procedures governing the SANReN network was conducted and it was determined that there are currently no guidelines addressing the human factor in the SANReN beneficiary institutions. Therefore, the aim of this study is to provide the guidelines for addressing the human factor threats in the SANReN beneficiary institutions

Scaling and Visualizing Network Data to Facilitate in Intrusion Detection Tasks

As the trend of successful network attacks continue to rise, better forms of intrusion, detection and prevention are needed. This thesis addresses network traffic visualization techniques that aid administrators in recognizing attacks. A view of port statistics and Intrusion Detection System (IDS) alerts has been developed. Each help to address issues with analyzing large datasets involving networks. Due to the amount of traffic as well as the range of possible port numbers and IP addresses, scaling techniques are necessary. A port-based overview of network activity produces an improved representation for detecting and responding to malicious activity. We have found that presenting an overview using stacked histograms of aggregate port activity, combined with the ability to drill-down for finer details allows small, yet important details to be noticed and investigated without being obscured by large, usual traffic. Another problem administrators face is the cumbersome amount of alarm data generated from IDS sensors. As a result, important details are often overlooked, and it is difficult to get an overall picture of what is occurring in the network by manually traversing textual alarm logs. We have designed a novel visualization to address this problem by showing alarm activity within a network. Alarm data is presented in an overview from which system administrators can get a general sense of network activity and easily detect anomalies. They additionally have the option of then zooming and drilling down for details. Based on our system administrator requirements study, this graphical layout addresses what system administrators need to see, is faster and easier than analyzing text logs, and uses visualization techniques to effectively scale and display the data. With this design, we have built a tool that effectively uses operational alarm log data generated on the Georgia Tech campus network. For both of these systems, we describe the input data, the system design, and examples. Finally, we summarize potential future work.Ph.D.Committee Chair: Copeland, John; Committee Member: Hamblen, James; Committee Member: Ji, Chuanyi; Committee Member: Owen, Henry; Committee Member: Stasko, Joh

Ascertaining the Relationship between Security Awareness and the Security Behavior of Individuals

Security threats caused by the inappropriate actions of the user continue to be a significant security problem within any organization. The purpose of this study was to continue the efforts of Katz by assessing the security behavior and practices of working professionals. Katz conducted a study that assessed whether the faculty and staff at Armstrong Atlantic State University had been performing the simple everyday practices and behavior necessary to avert insider threats to information security. Critical in understanding human behavior is in knowing how behavior varies across different groups or demographics. Because a user\u27s behavior can be influenced by demographic groups, this study adapted Katz\u27s study by examining the influence on the security behavior of four demographic groups identified by gender, age, education, and occupation. Like Katz, this study used a 5-point Likert scale quantitative self-administered, closed-ended questionnaire to assess the participants\u27 security practices and behaviors. The questionnaire was developed in two sections: Section 1 used a binary scale to gather the participants\u27 demographics data while Section 2 used a 5-point Likert scale to measure the participants\u27 security behaviors. The sample population was derived from working professionals at the General Dynamic and Program Manager Advanced Amphibious Assault (GD & PM AAA) Facility in Woodbridge, Virginia. The total population at PM AAA Office was 288, of which 87 or 30% completed the survey. Results of the demographic survey indicate that (a) women were more security aware than their male counterparts, (b) younger participants were more security aware than their older counterparts, (c) participants who did not attend college were more security aware than their college-educated counterparts, and (d) participants in nontechnical positions were more security aware than their counterparts in technical positions. The results indicate that a relation exists between the participants\u27 security behaviors and their levels of security awareness

Performance and Security Trade-offs in High-Speed Networks. An investigation into the performance and security modelling and evaluation of high-speed networks based on the quantitative analysis and experimentation of queueing networks and generalised stochastic Petri nets.

Most used security mechanisms in high-speed networks have been adopted without adequate quantification of their impact on performance degradation. Appropriate quantitative network models may be employed for the evaluation and prediction of ¿optimal¿ performance vs. security trade-offs. Several quantitative models introduced in the literature are based on queueing networks (QNs) and generalised stochastic Petri nets (GSPNs). However, these models do not take into consideration Performance Engineering Principles (PEPs) and the adverse impact of traffic burstiness and security protocols on performance. The contributions of this thesis are based on the development of an effective quantitative methodology for the analysis of arbitrary QN models and GSPNs through discrete-event simulation (DES) and extended applications into performance vs. security trade-offs involving infrastructure and infrastructure-less high-speed networks under bursty traffic conditions. Specifically, investigations are carried out focusing, for illustration purposes, on high-speed network routers subject to Access Control List (ACL) and also Robotic Ad Hoc Networks (RANETs) with Wired Equivalent Privacy (WEP) and Selective Security (SS) protocols, respectively. The Generalised Exponential (GE) distribution is used to model inter-arrival and service times at each node in order to capture the traffic burstiness of the network and predict pessimistic ¿upper bounds¿ of network performance. In the context of a router with ACL mechanism representing an infrastructure network node, performance degradation is caused due to high-speed incoming traffic in conjunction with ACL security computations making the router a bottleneck in the network. To quantify and predict the trade-off of this degradation, the proposed quantitative methodology employs a suitable QN model consisting of two queues connected in a tandem configuration. These queues have single or quad-core CPUs with multiple-classes and correspond to a security processing node and a transmission forwarding node. First-Come-First-Served (FCFS) and Head-of-the-Line (HoL) are the adopted service disciplines together with Complete Buffer Sharing (CBS) and Partial Buffer Sharing (PBS) buffer management schemes. The mean response time and packet loss probability at each queue are employed as typical performance metrics. Numerical experiments are carried out, based on DES, in order to establish a balanced trade-off between security and performance towards the design and development of efficient router architectures under bursty traffic conditions. The proposed methodology is also applied into the evaluation of performance vs. security trade-offs of robotic ad hoc networks (RANETs) with mobility subject to Wired Equivalent Privacy (WEP) and Selective Security (SS) protocols. WEP protocol is engaged to provide confidentiality and integrity to exchanged data amongst robotic nodes of a RANET and thus, to prevent data capturing by unauthorised users. WEP security mechanisms in RANETs, as infrastructure-less networks, are performed at each individual robotic node subject to traffic burstiness as well as nodal mobility. In this context, the proposed quantitative methodology is extended to incorporate an open QN model of a RANET with Gated queues (G-Queues), arbitrary topology and multiple classes of data packets with FCFS and HoL disciplines under bursty arrival traffic flows characterised by an Interrupted Compound Poisson Process (ICPP). SS is included in the Gated-QN (G-QN) model in order to establish an ¿optimal¿ performance vs. security trade-off. For this purpose, PEPs, such as the provision of multiple classes with HoL priorities and the availability of dual CPUs, are complemented by the inclusion of robot¿s mobility, enabling realistic decisions in mitigating the performance of mobile robotic nodes in the presence of security. The mean marginal end-to-end delay was adopted as the performance metric that gives indication on the security improvement. The proposed quantitative methodology is further enhanced by formulating an advanced hybrid framework for capturing ¿optimal¿ performance vs. security trade-offs for each node of a RANET by taking more explicitly into consideration security control and battery life. Specifically, each robotic node is represented by a hybrid Gated GSPN (G-GSPN) and a QN model. In this context, the G-GSPN incorporates bursty multiple class traffic flows, nodal mobility, security processing and control whilst the QN model has, generally, an arbitrary configuration with finite capacity channel queues reflecting ¿intra¿-robot (component-to-component) communication and ¿inter¿-robot transmissions. Two theoretical case studies from the literature are adapted to illustrate the utility of the QN towards modelling ¿intra¿ and ¿inter¿ robot communications. Extensions of the combined performance and security metrics (CPSMs) proposed in the literature are suggested to facilitate investigating and optimising RANET¿s performance vs. security trade-offs. This framework has a promising potential modelling more meaningfully and explicitly the behaviour of security processing and control mechanisms as well as capturing the robot¿s heterogeneity (in terms of the robot architecture and application/task context) in the near future (c.f. [1]. Moreover, this framework should enable testing robot¿s configurations during design and development stages of RANETs as well as modifying and tuning existing configurations of RANETs towards enhanced ¿optimal¿ performance and security trade-offs.Ministry of Higher Education in Libya and the Libyan Cultural Attaché bureau in Londo