Simple authentication and security layer incorporating extensible authentication protocol

There are many methods that support user authentication and access control, important roles in the establishment of secure communication. Particularly, we examine Simple Authentication and Security Layer (SASL) and Extensible Authentication Protocol (EAP) and propose EAP-Advanced Encryption Standard-Pre-Shared-Key (EAP-AES-PSK). SASL is an authentication framework in connection-oriented protocols. EAP is an authentication framework providing multiple authentication methods. SASL is vulnerable to the dictionary attack, replay attack, and Man-In-The-Middle attack as well as the re-keying issue. We propose to incorporate EAP into SASL to enhance the security of SASL and to provide a pathway for easy incorporation of future EAP enhancements into SASL. Standalone EAP still faces some common attacks. We propose EAP-AES-PSK, a new EAP method, to provide strong authentication and we implement this method on the Cyrus SASL implementation: one of the publicly available SASL implementations. This project is evaluated through the verification of functionality of a SASL application incorporating EAR Further, we argue how the common security risks associated with SASL are addressed, and we complete a performance evaluation of the new method incorporated into SASL

Supporting Massive Mobility with stream processing software

The goal of this project is to design a solution for massive mobility using LISP protocol and scalable database systems like Apache Kafka. The project consists of three steps: rst, understanding the requirements of the massive mobility scenario; second, designing a solution based on a stream processing software that integrates with OOR (open-source LISP implementation). Third, building a prototype with OOR and a stream processing software (or a similar technology) and evaluating its performance. Our objectives are: Understand the requirements in an environment for massive mo- bility;Learn and evaluate the architecture of Apache Kafka and similar broker messages to see if these tools could satisfy the requirements; Propose an architecture for massive mobility using protocol LISP and Kafka as mapping system, and nally; Evaluate the performance of Apache Kafka using such architecture. In chapters 3 and 4 we will provide a summary of LISP protocol, Apache Kafka and other message brokers. On these chapters we describe the components of these tools and how we can use such components to achieve our objective. We will be evaluating the di erent mechanisms to 1) authenticate users, 2) access control list, 3) protocols to assure the delivery of the message, 4)integrity and 5)communication patterns. Because we are interested only in the last message of the queue, it is very important that the broker message provides a capability to obtain this message. Regarding the proposed architecture, we will see how we adapted Kafka to store the information managed by the mapping system in LISP. The EID in LISP will be repre- sented by topics in Apache Kafka., It will use the pattern publish-subscribe to spread the noti cation between all the subscribers. xTRs or Mobile devices will be able to play the role of Consumers and Publisher of the message brokers. Every topic will use only one partition and every subscriber will have its own consumer group to avoid competition to consume the messages. Finally we evaluate the performance of Apache Kafka. As we will see, Kafka escalates in a Linear way in the following cases: number of packets in the network in relation with the number of topics, number of packets in the network in relation with the number of subscribers, number of opened les by the server in relation with the number of topics time elapsed between the moment when publisher sends a message and subscriber receives it, regarding to the number of topics. In the conclusion we explain which objectives were achieved and why there are some challenges to be faced by kafka especially in two points: 1) we need only the last location (message) stored in the broker since Kafka does not provide an out of the box mechanism to obtain such messages, and 2) the amount of opened les that have to be managed simultaneously by the server. More study is required to compare the performance of Kafka against other tools

A Practical Study of E-mail Communication through SMTP

Simple Mail Transfer Protocol (SMTP) is an application layer protocol for e-mail communication. It has been adopted as a standard by Internet Engineering Task Force (IETF). SMTP has set conversational and grammatical rules for exchanging messages between connected computers. It has evolved through several revisions and extensions since its formation by Jon Postel in 1981. In SMTP, the sender establishes a full-duplex transmission channel with a receiver. The receiver may be either the ultimate destination or an intermediate forwarding agent. SMTP commands are issued by the sender and are sent to the receiver, which responds to these commands through codes. Each SMTP session between the sender and the receiver consists of three phases namely: connection establishment, mail transactions and connection termination. This paper describes and illustrates the process of e-mail communication through SMTP by issuing the individual SMTP commands directly to transmit e-mail messages. It also describes individual SMTP commands and extensions with practical implementation using a Telnet client

XMPP architecture and security challenges in an IoT ecosystem

The elusive quest for technological advancements with the aim to make human life easier has led to the development of the Internet of Things (IoT). IoT technology holds the potential to revolutionise our daily life, but not before overcoming barriers of security and data protection. IoTs’ steered a new era of free information that transformed life in ways that one could not imagine a decade ago. Hence, humans have started considering IoTs as a pervasive technology. This digital transformation does not stop here as the new wave of IoT is not about people, rather it is about intelligent connected devices. This proliferation of devices has also brought serious security issues not only to its users but the society as a whole. Application layer protocols form an integral component of IoT technology stack, and XMPP is one of such protocol that is efficient and reliable that allows real-time instant messaging mechanism in an IoT ecosystem. Though the XMPP specification possesses various security features, some vulnerabilities also exist that can be leveraged by the attacking entity to compromise an IoT network. This paper will present XMPP architecture along with various security challenges that exist in the protocol. The paper has also simulated a Denial of Service (DoS) attack on the XMPP server rendering its services unresponsive to its legitimate clients

Enhancement Of Login Process Multi-Server Conmmnication For Multimedia Conferencing System (Mcs) Using Distributed Lightweight Directory Access Protocol (Ldap).

Perkembangan pesat serta penyebaran yang meluas sistem sidang video dalam pelbagai bidang pengkomputeran adalah kerana keberkesanannya mewujudkan komunikasi dalam kalangan warga dunia dari serata pelusuk tempat. Video conferencing systems are rapidly growing and spreading through various computing areas due to their benefits in efficiently producing communication between people from just about many different locations all over the world

KVM Based Virtualization and Remote Management

In the recent past, cloud computing is the most significant shifts and Kernel Virtual Machine (KVM) is the most commonly deployed hypervisor which are used in the IaaS layer of the cloud computing systems. The Hypervisor is the one which provides the complete virtualization environment which will intend to virtualize as much as hardware and systems which will include the CPUs, Memory, network interfaces and so on. Because of the virtualization technologies such as the KVM and others such as ESXi, there has been a significant decrease in the usage if the resources and decrease in the costs involved. Firstly, in this Paper I will be discussing about the different hypervisors that are used for the virtualization of the systems, then I discuss about how the virtualization using the Kernel Virtual Machine (KVM) is made easy, and then discuss about the Host security, the access and the security of the KVM virtual machines by the remote management using the Secure Sell (SSH) tunnels, Simple Authentication and Secure Layer (SASL) authentication and Transport Layer Security (TLS)