Telecommunication Network Security

YesOur global age is practically defined by the ubiquity of the Internet; the worldwide interconnection of cyber networks that facilitates accessibility to virtually all ICT and other elements of critical infrastructural facilities, with a click of a button. This is regardless of the user’s location and state of equilibrium; whether static or mobile. However, such interconnectivity is not without security consequences. A telecommunication system is indeed a communication system with the distinguishing key word, the Greek tele-, which means "at a distance," to imply that the source and sink of the system are at some distance apart. Its purpose is to transfer information from some source to a distant user; the key concepts being information, transmission and distance. These would require a means, each, to send, convey and receive the information with safety and some degree of fidelity that is acceptable to both the source and the sink. Chapter K begins with an effort to conceptualise the telecommunication network security environment, using relevant ITU-T2* recommendations and terminologies for secure telecommunications. The chapter is primarily concerned with the security aspect of computer-mediated telecommunications. Telecommunications should not be seen as an isolated phenomenon; it is a critical resource for the functioning of cross-industrial businesses in connection with IT. Hence, just as information, data or a computer/local computer-based network must have appropriate level of security, so also a telecommunication network must have equivalent security measures; these may often be the same as or similar to those for other ICT resources, e.g., password management. In view of the forgoing, the chapter provides a brief coverage of the subject matter by first assessing the context of security and the threat-scape. This is followed by an assessment of telecommunication network security requirements; identification of threats to the systems, the conceivable counter or mitigating measures and their implementation techniques. These bring into focus various cryptographic/crypt analytical concepts, vis a vis social engineering/socio-crypt analytical techniques and password management. The chapter noted that the human factor is the most critical factor in the security system for at least three possible reasons; it is the weakest link, the only factor that exercises initiatives, as well as the factor that transcends all the other elements of the entire system. This underscores the significance of social 2*International Telecommunications Union - Telecommunication Standardisation Sector 12 engineering in every facet of security arrangement. It is also noted that password security could be enhanced, if a balance is struck between having enough rules to maintain good security and not having too many rules that would compel users to take evasive actions which would, in turn, compromise security. The chapter is of the view that network security is inversely proportional to its complexity. In addition to the traditional authentication techniques, the chapter gives a reasonable attention to locationbased authentication. The chapter concludes that security solutions have a technological component, but security is fundamentally a people problem. This is because a security system is only as strong as its weakest link, while the weakest link of any security system is the human infrastructure. A projection for the future of telecommunication network security postulates that, network security would continue to get worse unless there is a change in the prevailing practice of externality or vicarious liability in the computer/security industry; where consumers of security products, as opposed to producers, bear the cost of security ineffectiveness. It is suggested that all transmission devices be made GPS-compliant, with inherent capabilities for location-based mutual authentication. This could enhance the future of telecommunication security.Petroleum Technology Development Fun

Innovative Location Based Scheme for Internet Security Protocol. A proposed Location Based Scheme N-Kerberos Security Protocol Using Intelligent Logic of Believes, Particularly by Modified BAN Logic.

The importance of the data authentication has resulted in the science of the data protection. Interest in this knowledge has been growing due to the increase in privacy of the user's identity, especially after the widespread use of online transactions. Many security techniques are available to maintain the privacy of the user's identity. These include password, smart card or token and face recognition or finger print. But unfortunately, the possibility to duplicate the identity of a user is still possible. Recently, specialists used the user's physical location as a new factor in order to increase the strength of the verification of the user's identity. This thesis focused on the authentication-based user's location. It is based on the idea of using the Global Position System in order to verify the user identity. Improving Kerberos protocol using GPS signal is proposed in order to eliminate the effect of replay attack. This proposal does not expect a high performance from the user during the implementation of the security system. Moreover, to give users more confidence to use security protocol, it has to be evaluated before accepting it. Thus, a measurement tool used to validate protocols called BAN logic was described. In this thesis, a new form of BAN logic which aims to raise the efficiency checking process of the protocol protection strength using the GPS signal is proposed. The proposed form of Kerberos protocol has been analysed using the new form of BAN logic. The new scheme has been tested and compared with the existing techniques to demonstrate its merits and capabilities

Інструментальні засоби та методи аналізу загроз програмно-визначених телекомунікаційних мереж

Розмір пояснювальної записки – 91 аркуш, містить 5 ілюстрацій, 10 таблиць, 3 додатки. Актуальність теми. У роботі розглянуто проблему організації захисту програмно-визначених телекомунікаційних мереж, показано основні особливості існуючих методів бізнес-аналізу загроз та захисту комп’ютерних мереж, їх переваги та недоліки. Виявлено потребу в розробці нового методу організації захисту комп’ютерних мереж з використанням сучасних засобів бізнес-аналізу. Мета дослідження. Метою роботи є підвищення якості та швидкості виявлення кіберзагроз у корпоративній мережі підприємства з використанням розбиття загроз комп’ютерній мережі на рівні із застосуванням еталонної моделі взаємозв’язку відкритих систем. Об’єкт дослідження: телекомунікаційні мережі як сукупність апаратних та логічних об’єктів. Предмет дослідження: захист телекомунікаційних мереж як поєднання технічних, програмних і організаційних рашень. Для реалізації поставленої мети сформульовані наступні завдання: - провести аналіз наявних загроз для безпеки телекомунікаційних мереж та побудувати їх класифікацію; - провести аналіз існуючих методів захисту мереж від описаних загроз; - побудувати функціональні та нефункціональні вимоги до засобів та методів захисту мереж; - побудувати централізований метод організації заходів з захисту телекомунікаційних мереж. Наукова новизна результатів магістерської дисертації полягає в тому, що запропонований інтегрований метод ешелонованого захисту телекомунікаційних мереж, що включає в себе програмні та адміністративно-організаційні засоби виявлення та видалення загроз. Результат досягнений шляхом розробки методу на основі аналізу загроз, проведеного з використанням сучасних методів бізнес-аналізу. Практичне значення отриманих результатів полягає у тому, що реалізований метод є простим у використанні для адміністратора телекомунікаційної мережі керівництвом для боротьби з загрозами роботі мережі. Реалізовано програмний додаток з фільтрації трафіку у мережі та схема дій з захисту мережі з використанням BPMN-нотації, за допомогою чого значно пришвидшується та полегшується робота з організації захисту телекомунікаційної мережі. Даний метод може бути використаний на підприємствах бізнесу та в учбових закладах. Робота виконувалась на кафедрі інформатики та програмної інженерії Національного технічного університету України «Київський політехнічний інститут імені Ігоря Сікорського». Наукові положення дисертації пройшли апробацію на конференції «SoftTech-2021». Наукові положення дисертації опубліковані в: 1) Теленик А.М., Жаріков Е.В. Бізнес-аналіз безпеки комп’ютерних мереж // Матеріали I всеукраїнської науково-практичної конференції молодих вчених та студентів «SoftTech-2021» - м. Київ: НТУУ «КПІ ім. Ігоря Сікорського», 22-26 листопада 2021 р.Explanatory note size is 91 sheets, contains 5 illustrations, 10 tables, 3 appendices. Topicality. The paper considers the problem of organization of protection of software-defined telecommunication networks, shows the main features of existing methods of business analysis of threats and protection of computer networks, their advantages and disadvantages. The need to develop a new method of organizing the protection of computer networks using modern business analysis tools has been identified. The aim of the study. The aim of the work is to improve the quality and speed of detection of cyber threats in the corporate network of the enterprise using the division of threats to the computer network at the level of the reference model of open systems. Object of research: telecommunication networks as a set of hardware and logical objects. Subject of research: protection of telecommunication networks as a combination of technical, software and organizational solutions. To achieve this goal, the following tasks were formulated: - to analyze the existing threats to the security of telecommunications networks and build their classification; - to analyze the existing methods of protecting networks from the described threats; - to define functional and non-functional requirements for means and methods of network protection; - to build a centralized method of organizing measures to protect telecommunications networks. The scientific novelty of the results of the master's dissertation is that the proposed integrated method of tiered protection of telecommunications networks, which includes software and administrative and organizational tools for detecting and removing threats. The result was achieved by developing a method based on threat analysis, using modern methods of business analysis. The practical value of the obtained results is that the implemented method is an easy-to-use guide for the telecommunication network administrator to deal with threats to the network. Implemented a software application for filtering traffic in the network and a scheme of actions to protect the network using BPMN-notation, which significantly speeds up and simplifies the work of organizing the protection of telecommunications network. This method can be used in business enterprises and educational institutions. Work was performed at the Department of Informatics and Software Engineering of the National Technical University of Ukraine «Kyiv Polytechnic Institute. Igor Sikorsky». Approbation. The scientific provisions of the dissertation were tested at the First All-Ukrainian Scientific and Practical Conference of Young Scientists and Students „SoftTech-2021” - Kyiv. Publications. The scientific provisions of the dissertation are published in: 1) Telenyk A. M., Zharikov E.V., Business analysis of computer network security // Proceedings of the First All-Ukrainian scientific-practical conference of young scientists and students "SoftTech-2021" - Kyiv: NTUU "KPI Igor Sikorsky ", November 22-26, 202

Advanced Location-Based Technologies and Services

Since the publication of the first edition in 2004, advances in mobile devices, positioning sensors, WiFi fingerprinting, and wireless communications, among others, have paved the way for developing new and advanced location-based services (LBSs). This second edition provides up-to-date information on LBSs, including WiFi fingerprinting, mobile computing, geospatial clouds, geospatial data mining, location privacy, and location-based social networking. It also includes new chapters on application areas such as LBSs for public health, indoor navigation, and advertising. In addition, the chapter on remote sensing has been revised to address advancements

Cryptography and Computer Communications Security. Extending the Human Security Perimeter through a Web of Trust

This work modifies Shamir’s algorithm by sharing a random key that is used to lock up the secret data; as against sharing the data itself. This is significant in cloud computing, especially with homomorphic encryption. Using web design, the resultant scheme practically globalises secret sharing with authentications and inherent secondary applications. The work aims at improving cybersecurity via a joint exploitation of human factors and technology; a human-centred cybersecurity design as opposed to technology-centred. The completed functional scheme is tagged CDRSAS. The literature on secret sharing schemes is reviewed together with the concepts of human factors, trust, cyberspace/cryptology and an analysis on a 3-factor security assessment process. This is followed by the relevance of passwords within the context of human factors. The main research design/implementation and system performance are analysed, together with a proposal for a new antidote against 419 fraudsters. Two twin equations were invented in the investigation process; a pair each for secret sharing and a risk-centred security assessment technique. The building blocks/software used for the CDRSAS include Shamir’s algorithm, MD5, HTML5, PHP, Java, Servlets, JSP, Javascript, MySQL, JQuery, CSS, MATLAB, MS Excel, MS Visio, and Photoshop. The codes are developed in Eclipse IDE, and the Java-based system runs on Tomcat and Apache, using XAMPP Server. Its code units have passed JUnit tests. The system compares favourably with SSSS. Defeating socio-cryptanalysis in cyberspace requires strategies that are centred on human trust, trust-related human attributes, and technology. The PhD research is completed but there is scope for future work.Petroleum Technology Development Fund (PTDF), Abuja, Nigeria

Location based Kerberos Authentication Protocol

Online communication offers organizations greater efficiency. However, online processes increase the threat level during message transfer. This necessitates researchers to develop and improve security protocols in order to enhance the security of communication lines. Despite the evaluation and acceptance of many authentication protocols, online communications remain insecure, we propose to add the user's physical location as a new authentication factor into Kerberos protocol and call it N-Kerberos protocol, and we validate the new form of Kerberos (N-Kerberos)