214 research outputs found
Identity management and e-learning standards for promoting the sharing of contents and services in higher education
In this paper, we present the status of identity management systems and e-learning standards across
Europe, in order to promote the mobility and the sharing of contents and services in higher
education institutions.
With new requirements for authentication, authorization and identity management for Web
applications, most higher education institutions implement several solutions to address these issues.
At the first level, the adoption of directory Servers like LDAP, Active Directory and others, solve
some problems of having multiple logins and passwords for authentication.
The growing of Web applications like Learning management Systems, portals, Blogs, Wikis, and
others, need a more effective way of identity management, providing security and accessibility. Web
Single Sign-On (SSO) resolves some of these issues of identity management, because the
authentication is managed centrally and the user can navigate through different Web applications
using the same session. One example of a Web SSO system is the Central Authentication Systems
(CAS).
SSO systems provide an effective way to manage authentication and authorization inside institutions,
but are restricted to the administrative domain of each institution. With the implementation of
Bologna Process more students, lecturers and staff will be on mobility programs within European
higher education institutions. The creation of identity management federations is mandatory to
provide the mobility of users and to permit the exchange of contents and services between
institutions.
The creation of identities federations across Europe is been in discussion by TERENA (Trans-European
Research and Education Networking Association) to provide a service federation like the EDUROAM
WI-FI network that permits the mobility across Europe. This paper reports on some of the issues
highlighted in the light of recent developments.
To share contents and services within Europe, the adoption of standards is mandatory. IEEE LTSC
(Learning Technology Standards Committee), IMS (IMS Global Learning, Inc) and ADL (Advanced
Distributed Learning) are standards organizations that publish a set of standards to promote the
interoperability, reusability and integration of e-learning contents and services. The most important
standards that promote the sharing of contents and services across Europe are Sharable Content
Object Reference Model (SCORM), IMS Digital Repositories Interoperability and IMS Learning Design.
This paper presents the main features of e-learning standards and how it can be used in conjunction
with identity management systems to create collaborative learning objects repositories to promote a
more effective learning experience and a more competitive European space for higher education,
with respect to the requirements of knowledge based societies
D3.1 Validation of technical specifications of ECO modules
The objective of this document is to list the most important technical specifications of each MOOC platform that will be integrated in the overall ECO architecture.
The objective of this particular task is to carry out analysis of all the technical specifications of each of the modules/platforms that are to be integrated in the global ECO platform. Once integration will be done, an Open Data exposure solution will be implemented by means of integrating an Open Data Catalog platform such as CKAN.ICT Policy Support Programme as part of the Competitiveness and Innovation framework Programme (CIP) - grant number 62112
Towards secure web services: Performance analysis, decision making and steganography approaches
This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.Web services provide a platform neutral and programming language independent technology that supports interoperable machine-to-machine interaction over a network. Clients and other systems interact with Web services using a standardised XML messaging system, such as the Simple Object Access Protocol (SOAP), typically conveyed using HTTP with an XML serialisation in conjunction with other related Web standards. Nevertheless, the idea of applications from different parties communicating together raises a security threat. The challenge of Web services security is to understand and consider the risks of securing a Web-based service depending on the existing security techniques and simultaneously follow evolving standards in order to fill the gap in Web services security. However, the performance of the security mechanisms is fraught with concerns due to additional security contents in SOAP messages, the higher number of message exchanges to establish trust, as well as the extra CPU time to process these additions. As the interaction between service providers and requesters occurs via XML-based SOAP messages, securing Web services tends to make these messages longer than they would be otherwise and consequently requires interpretation by XML parsers on both sides, which reduces the performance of Web services. The work described in this thesis can be broadly divided into three parts, the first of which is studying and comparing the performance of various security profiles applied on a Web service tested with different initial message sizes.
The second part proposes a multi-criteria decision making framework to aid Web services developers and architects in selecting the best suited security profile that satisfies the different requirements of a given application during the development process in a systematic, manageable, and effective way. The proposed framework, based on the Analytical Hierarchy Process (AHP) approach, incorporates not only the security requirements, but also the performance considerations as well as the configuration constraints of these security profiles. The framework is then validated and evaluated using a scenario-driven approach to demonstrate situations where the decision making framework is used to make informed decisions to rank various security profiles in order to select the most suitable one for each scenario.
Finally, the last part of this thesis develops a novel steganography method to be used for SOAP messages within Web services environments. This method is based on changing the order of XML elements according to a secret message. This method has a high imperceptibility; it leaves almost no trail because it uses the communication protocol as a cover medium, and keeps the structure and size of the SOAP message intact. The method is empirically validated using a feasible scenario so as to indicate its utility and value
Privacy considerations for secure identification in social wireless networks
This thesis focuses on privacy aspects of identification and key exchange
schemes for mobile social networks. In particular, we consider identification
schemes that combine wide area mobile communication with short range communication
such as Bluetooth, WiFi. The goal of the thesis is to identify possible
security threats to personal information of users and to define a framework
of security and privacy requirements in the context of mobile social networking.
The main focus of the work is on security in closed groups and the procedures
of secure registration, identification and invitation of users in mobile social networks.
The thesis includes an evaluation of the proposed identification and key
exchange schemes and a proposal for a series of modifications that augments
its privacy-preserving capabilities. The ultimate design provides secure and effective
identity management in the context of, and in respect to, the protection
of user identity privacy in mobile social networks
A policy-based security framework for ad-hoc networks
Imperial Users onl
An identity based framework for security and privacy in pervasive networks
Master'sMASTER OF ENGINEERIN
Security, Trust and Privacy (STP) Model for Federated Identity and Access Management (FIAM) Systems
The federated identity and access management systems facilitate the home domain
organization users to access multiple resources (services) in the foreign domain
organization by web single sign-on facility. In federated environment the user’s
authentication is performed in the beginning of an authentication session and allowed
to access multiple resources (services) until the current session is active. In current
federated identity and access management systems the main security concerns are: (1)
In home domain organization machine platforms bidirectional integrity measurement
is not exist, (2) Integrated authentication (i.e., username/password and home domain
machine platforms mutual attestation) is not present and (3) The resource (service)
authorization in the foreign domain organization is not via the home domain machine
platforms bidirectional attestation
Towards secure web services : performance analysis, decision making and steganography approaches
Web services provide a platform neutral and programming language independent technology that supports interoperable machine-to-machine interaction over a network. Clients and other systems interact with Web services using a standardised XML messaging system, such as the Simple Object Access Protocol (SOAP), typically conveyed using HTTP with an XML serialisation in conjunction with other related Web standards. Nevertheless, the idea of applications from different parties communicating together raises a security threat. The challenge of Web services security is to understand and consider the risks of securing a Web-based service depending on the existing security techniques and simultaneously follow evolving standards in order to fill the gap in Web services security. However, the performance of the security mechanisms is fraught with concerns due to additional security contents in SOAP messages, the higher number of message exchanges to establish trust, as well as the extra CPU time to process these additions. As the interaction between service providers and requesters occurs via XML-based SOAP messages, securing Web services tends to make these messages longer than they would be otherwise and consequently requires interpretation by XML parsers on both sides, which reduces the performance of Web services. The work described in this thesis can be broadly divided into three parts, the first of which is studying and comparing the performance of various security profiles applied on a Web service tested with different initial message sizes. The second part proposes a multi-criteria decision making framework to aid Web services developers and architects in selecting the best suited security profile that satisfies the different requirements of a given application during the development process in a systematic, manageable, and effective way. The proposed framework, based on the Analytical Hierarchy Process (AHP) approach, incorporates not only the security requirements, but also the performance considerations as well as the configuration constraints of these security profiles. The framework is then validated and evaluated using a scenario-driven approach to demonstrate situations where the decision making framework is used to make informed decisions to rank various security profiles in order to select the most suitable one for each scenario. Finally, the last part of this thesis develops a novel steganography method to be used for SOAP messages within Web services environments. This method is based on changing the order of XML elements according to a secret message. This method has a high imperceptibility; it leaves almost no trail because it uses the communication protocol as a cover medium, and keeps the structure and size of the SOAP message intact. The method is empirically validated using a feasible scenario so as to indicate its utility and value.EThOS - Electronic Theses Online ServiceGBUnited Kingdo
- …