9 research outputs found
Understanding Federation: An Analytical Framework for the Interoperability of Social Networking Sites
Although social networking has become a remarkable feature in the Web, full
interoperability has not arrived. This work explores the main 5 paradigms of
interoperability across social networking sites, corresponding to the layers in
which we an find interoperability. Building on those, a novel analytical
framework for SNS interoperability is introduced. Seven representative
interoperability SNS technologies are compared using the proposed framework.
The analysis exposes an overwhelming disparity and fragmentation in the
solutions for tackling the same problems. Although there are a few solutions
where consensus is reached and are widely adopted (e.g. in object IDs), there
are multiple central issues that are still far from being widely standarized
(e.g. in profile representation). In addition, several areas have been
identified where there is clear room for improvement, such as privacy controls
or data synchronization
Improving Desktop System Security Using Compartmentalization
abstract: Compartmentalizing access to content, be it websites accessed in a browser or documents and applications accessed outside the browser, is an established method for protecting information integrity [12, 19, 21, 60]. Compartmentalization solutions change the user experience, introduce performance overhead and provide varying degrees of security. Striking a balance between usability and security is not an easy task. If the usability aspects are neglected or sacrificed in favor of more security, the resulting solution would have a hard time being adopted by end-users. The usability is affected by factors including (1) the generality of the solution in supporting various applications, (2) the type of changes required, (3) the performance overhead introduced by the solution, and (4) how much the user experience is preserved. The security is affected by factors including (1) the attack surface of the compartmentalization mechanism, and (2) the security decisions offloaded to the user. This dissertation evaluates existing solutions based on the above factors and presents two novel compartmentalization solutions that are arguably more practical than their existing counterparts.
The first solution, called FlexICon, is an attractive alternative in the design space of compartmentalization solutions on the desktop. FlexICon allows for the creation of a large number of containers with small memory footprint and low disk overhead. This is achieved by using lightweight virtualization based on Linux namespaces. FlexICon uses two mechanisms to reduce user mistakes: 1) a trusted file dialog for selecting files for opening and launching it in the appropriate containers, and 2) a secure URL redirection mechanism that detects the user’s intent and opens the URL in the proper container. FlexICon also provides a language to specify the access constraints that should be enforced by various containers.
The second solution called Auto-FBI, deals with web-based attacks by creating multiple instances of the browser and providing mechanisms for switching between the browser instances. The prototype implementation for Firefox and Chrome uses system call interposition to control the browser’s network access. Auto-FBI can be ported to other platforms easily due to simple design and the ubiquity of system call interposition methods on all major desktop platforms.Dissertation/ThesisDoctoral Dissertation Computer Science 201
Zero Touch Provisioning in NETCONF Server
Administrátori počítačových sietí potrebujú pokročilé nástroje na konfiguráciu sieťových zariadení. Pre tento účel vznikol protokol NETCONF a modelovací jazyk YANG. Cieľom tejto práce je implementovať mechanizmu Zero Touch, ktorý slúži na počiatočnú konfiguráciu NETCONF servera.Tento mechanizmus bude integrovaný do dátového úložiska sysrepo.Computer network administrators need advanced tools to configure network devices. For this purpose, the NETCONF protocol and the YANG modeling language were developed. The aim of this thesis is to implement the Zero Touch mechanism that serves the initial configuration of the NETCONF server. This mechanism will be integrated into the sysrepo datastore.
Segurança e privacidade em terminologia de rede
Security and Privacy are now at the forefront of modern concerns, and drive
a significant part of the debate on digital society. One particular aspect that
holds significant bearing in these two topics is the naming of resources in the
network, because it directly impacts how networks work, but also affects how
security mechanisms are implemented and what are the privacy implications
of metadata disclosure. This issue is further exacerbated by interoperability
mechanisms that imply this information is increasingly available regardless of
the intended scope.
This work focuses on the implications of naming with regards to security and
privacy in namespaces used in network protocols. In particular on the imple-
mentation of solutions that provide additional security through naming policies
or increase privacy. To achieve this, different techniques are used to either
embed security information in existing namespaces or to minimise privacy ex-
posure. The former allows bootstraping secure transport protocols on top of
insecure discovery protocols, while the later introduces privacy policies as part
of name assignment and resolution.
The main vehicle for implementation of these solutions are general purpose
protocols and services, however there is a strong parallel with ongoing re-
search topics that leverage name resolution systems for interoperability such
as the Internet of Things (IoT) and Information Centric Networks (ICN), where
these approaches are also applicable.Segurança e Privacidade são dois topicos que marcam a agenda na discus-
são sobre a sociedade digital. Um aspecto particularmente subtil nesta dis-
cussão é a forma como atribuímos nomes a recursos na rede, uma escolha
com consequências práticas no funcionamento dos diferentes protocols de
rede, na forma como se implementam diferentes mecanismos de segurança
e na privacidade das várias partes envolvidas. Este problema torna-se ainda
mais significativo quando se considera que, para promover a interoperabili-
dade entre diferentes redes, mecanismos autónomos tornam esta informação
acessível em contextos que vão para lá do que era pretendido.
Esta tese foca-se nas consequências de diferentes políticas de atribuição de
nomes no contexto de diferentes protocols de rede, para efeitos de segurança
e privacidade. Com base no estudo deste problema, são propostas soluções
que, através de diferentes políticas de atribuição de nomes, permitem introdu-
zir mecanismos de segurança adicionais ou mitigar problemas de privacidade
em diferentes protocolos. Isto resulta na implementação de mecanismos de
segurança sobre protocolos de descoberta inseguros, assim como na intro-
dução de mecanismos de atribuiçao e resolução de nomes que se focam na
protecçao da privacidade.
O principal veículo para a implementação destas soluções é através de ser-
viços e protocolos de rede de uso geral. No entanto, a aplicabilidade destas
soluções extende-se também a outros tópicos de investigação que recorrem
a mecanismos de resolução de nomes para implementar soluções de intero-
perabilidade, nomedamente a Internet das Coisas (IoT) e redes centradas na
informação (ICN).Programa Doutoral em Informátic
User-controlled access management to resources on the Web
PhD ThesisThe rapidly developing Web environment provides users with a wide set of rich services as
varied and complex as desktop applications. Those services are collectively referred to as "Web
2.0", with such examples as Facebook, Google Apps, Salesforce, or Wordpress, among many
others. These applications are used for creating, managing, and sharing online data between
users and services on the Web. With the shift from desktop computers to the Web, users create
and store more of their data online and not on the hard drives of their computers. This data
includes personal information, documents, photos, as well as other resources. Irrespective of
the environment, either desktop or the Web, it is the user who creates the data, who disseminates
it and who shares this data. On the Web, however, sharing resources poses new security
and usability challenges which were not present in traditional computing. Access control, also
known as authorisation, that aims to protect such sharing, is currently poorly addressed in this
environment. Existing access control is often not well suited to the increasing amount of highly
distributed Web data and does not give users the required flexibility in managing their data.
This thesis discusses new solutions to access control for the Web. Firstly, it shows a proposal
named User-Managed Access Control (UMAC) and presents its architecture and protocol. This
thesis then focuses on the User-Managed Access (UMA) solution that is researched by the User-
Managed Access Work Group at Kantara Initiative. The UMA approach allows the user to
play a pivotal role in assigning access rights to their resources which may be spread across
multiple cloud-based Web applications. Unlike existing authorisation systems, it relies on a
user’s centrally located security requirements for these resources. The security requirements are
expressed in the form of access control policies and are stored and evaluated in a specialised
component called Authorisation Manager. Users are provided with a consistent User Experience
for managing access control for their distributed online data and are provided with a holistic
view of the security applied to this data. Furthermore, this thesis presents the software that
implements the UMA proposal. In particular, this thesis shows frameworks that allow Web
applications to delegate their access control function to an Authorisation Manager. It also
presents design and implementation of an Authorisation Manager and discusses its evaluation
conducted with a user study. It then discusses design and implementation of a second, improved
Authorisation Manager. Furthermore, this thesis presents the applicability of the UMA approach
and the implemented software to real-world scenarios
Recommended from our members
Scaling up VoIP: Transport Protocols and Controlling Unwanted Communication Requests
Millions of people worldwide use voice over IP (VoIP) services not only as cost-effective alternatives to long distance and international calls but also as unified communication tools, such as video conferencing. Owing to the low cost of new user accounts, each person can easily obtain multiple accounts for various purposes. Rich VoIP functions combined with the low cost of new accounts and connections attract many people, resulting in a dramatic increase in the number of active user accounts. Internet telephony service providers (ITSPs), therefore, need to deploy VoIP systems to accommodate this growing demand for VoIP user accounts. Attracted people also include bad actors who make calls that are unwanted to callees. Once ITSPs openly connect with each other, unwanted bulk calls will be at least as serious a problem as email spam. This dissertation studies how we can reduce load both on ITSPs and end users to ensure continuing the success of VoIP services. From ITSPs' perspective, the scalability of VoIP servers is of importance and concern. Scalability depends on server implementation and the transport protocol for SIP, VoIP signaling. We conduct experiments to understand the impact of connection-oriented transport protocols, namely, TCP and SCTP, because of the additional costs of handling connections. Contradicting the negative perception of connection-oriented transport protocols, our experimental results demonstrate that the TCP implementation in Linux can maintain comparable capacity to UDP, which is a lightweight connection-less transport protocol. The use of SCTP, on the other hand, requires improving the Linux implementation since the not-well-tested implementation makes a server less scalable. We establish the maximum number of concurrent TCP or SCTP connections as baseline data and suggest better server configurations to minimize the negative impact of handling a large number of connections. Thus, our experimental analysis will also contribute to the design of other servers with a very large number of TCP or SCTP connections. From the perspective of end users, controlling unwanted calls is vital to preserving the VoIP service utility and value. Prior work on preventing unwanted email or calls has mainly focused on detecting unwanted communication requests, leaving many messages or calls unlabeled since false positives during filtering are unacceptable. Unlike prior work, we explore approaches to identifying a "good" call based on signaling messages rather than content. This is because content-based filtering cannot prevent call spam from disturbing callees since a ringing tone interrupts them before content is sent. Our first approach uses "cross-media relations.'' Calls are unlikely to be unwanted if two parties have been previously communicated with each other through other communication means. Specifically, we propose two mechanisms using cross-media relations. For the first mechanism, a potential caller offers her contact addresses which might be used in future calls to the callee. For the second mechanism, a callee provides a potential caller with weak secret for future use. When the caller makes a call, she conveys the information to be identified as someone the callee contacted before through other means. Our prototype illustrates how these mechanisms work in web-then-call and email-then-call scenarios. In addition, our user study of received email messages, calls, SMS messages demonstrates the potential effectiveness of this idea. Another approach uses caller's attributes, such as organizational affiliation, in the case where two parties have had no prior contact. We introduce a lightweight mechanism for validating user attributes with privacy-awareness and moderate security. Unlike existing mechanisms of asserting user attributes, we design to allow the caller to claim her attributes to callees without needing to prove her identity or her public key. To strike the proper balance between the ease of service deployment and security, our proposed mechanism relies on transitive trust, through an attribute validation server, established over transport layer security. This mechanism uses an attribute reference ID, which limits the lifetime and restricts relying parties. Our prototype demonstrates the simplicity of our concept and the possibility of practical use