Firmware enhancements for BYOD-aware network security

In today’s connected world, users migrate within a complex set of networks, including, but not limited to, 3G and 4G (LTE) services provided by mobile operators, Wi-Fi hotspots in private and public places, as well as wireless and/or wired LAN access in business and home environments. Following the widely expanding Bring Your Own Device (BYOD) approach, many public and educational institutions have begun to encourage customers and students to use their own devices at all times. While this may be cost-effective in terms of decreased investments in hardware and consequently lower maintenance fees on a long-term basis, it may also involve some security risks. In particular, many users are often connected to more than one network and/or communication service provider at the same time, for example to a 3G/4G mobile network and to a Wi-Fi. In a BYOD setting, an infected device or a rogue one can turn into an unwanted gateway, causing a security breach by leaking information across networks. Aiming at investigating in greater detail the implications of BYOD on network security in private and business settings we are building a framework for experiments with mobile routers both in home and business networks. This is a continuation of our earlier work on communications and services with enhanced security for network appliances

Security architecture methodology for large net-centric systems

This thesis describes an over-arching security architecture methodology for large network enabled systems that can be scaled down for smaller network centric operations such as present at the University of Missouri-Rolla. By leveraging the five elements of security policy & standards, security risk management, security auditing, security federation and security management, of the proposed security architecture and addressing the specific needs of UMR, the methodology was used to determine places of improvement for UMR --Abstract, page iii

Analisa Infrastruktur Jaringan Wireless dan Local Area Network (WLAN) Meggunakan Wireshark Serta Metode Penetration Testing Kali Linux

Computer networks and the internet play an important role for the smooth running of various fields of work. One example of information and communication technology is the Wireless Local Area Network (WLAN) or also called wireless local network technology. The method used in this research is the Penetration Testing method, with the intention of analyzing the Wireless Network computer security system in the STMIK Bina Patria Laboratory. Testing is carried out with several activities, including identifying and exploiting vulnerabilities in computer network security. In analyzing the security of the WLAN network, it is carried out using the Penetration Testing method where a form of attack on the network is simulated, one of the operating systems that has the right specifications in this regard is Kali Linux. Wireless network is a network that is widely used in institutions and public places. Even though it has a security system, wireless networks can still be attacked by attackers

Wireless sensor data security

Wireless Sensor Network (WSNs) is a network of sensors deployed in places unsuitable for human beings and where constant monitoring is required. They work with low power, low cost smart devices having limited computing resources. They have a crucial role to play in battle surveillance, border control and infrastructure protection. Keeping in view the precious data they transmit, their security from active or passive attacks is very crucial. We came to know about LOCK model implementing novel Distributed Key Management Exclusion Basis (EBS) System is very efficient in providing with Network Security. Keeping in view the importance of Data Security we preferred to secure WSN data through Public Key Encryption methods like RSA. We also discussed and implemented Elliptic Curve Cryptography (ECC) and its advantages over RSA. However our novel Spiral Encryption Technique implemented along with ECC algorithm, has shown how it helped in making the transmitted message more secure and less informative for the eavesdropper

Delegating Network Security with More Information

Network security is gravitating towards more centralized control. Strong centralization places a heavy burden on the administrator who has to manage complex security policies and be able to adapt to users' requests. To be able to cope, the administrator needs to delegate some control back to end-hosts and users, a capability that is missing in today's networks. Delegation makes administrators less of a bottleneck when policy needs to be modified and allows network administration to follow organizational lines. To enable delegation, we propose ident++ - a simple protocol to request additional information from end-hosts and networks on the path of a flow. ident++ allows users and end-hosts to participate in network security enforcement by providing information that the administrator might not have or rules to be enforced on their behalf. In this paper we describe ident++ and how it provides delegation and enables flexible and powerful policies.United States. Dept. of Homeland Security (Scholarship and Fellowship Program)United States. Dept. of EnergyOak Ridge Institute for Science and Educatio

Security: Hash Function-authentications

As security or firewall administrator, we got basically the same concerns (as a plumber) the size of the pipe the contents of the pipe, making sure the correct traffic is in the correct pipes and keeping the pipes from splitting and leaking all over the places of course like plumbers. When the pipes do leak: we are the ones responsible for cleaning up the mess and we are the ones who come up smelling awful. Firewall is a device that is used to provide protection to a system from network-based security threats. The firewall uses service, behavior, user and direction control techniques

A Secure Mechanism for Big Data Collection in Large Scale Internet of Vehicle

As an extension for Internet of Things (IoT), Internet of Vehicles (IoV) achieves unified management in smart transportation area. With the development of IoV, an increasing number of vehicles are connected to the network. Large scale IoV collects data from different places and various attributes, which conform with heterogeneous nature of big data in size, volume, and dimensionality. Big data collection between vehicle and application platform becomes more and more frequent through various communication technologies, which causes evolving security attack. However, the existing protocols in IoT cannot be directly applied in big data collection in large scale IoV. The dynamic network structure and growing amount of vehicle nodes increases the complexity and necessary of the secure mechanism. In this paper, a secure mechanism for big data collection in large scale IoV is proposed for improved security performance and efficiency. To begin with, vehicles need to register in the big data center to connect into the network. Afterwards, vehicles associate with big data center via mutual authentication and single sign-on algorithm. Two different secure protocols are proposed for business data and confidential data collection. The collected big data is stored securely using distributed storage. The discussion and performance evaluation result shows the security and efficiency of the proposed secure mechanism