Uses of PKI for process authorization

Download
2003
Taşkazan, Feyza
Enterprises require an information security solution that provides privacy, integrity, authentication and access controls for processes. License management systems are developed to be a solution for process authorization in different platforms. However, security threats on processes cannot be controlled with existing license management mechanisms. The need is a complete system that is independent from implementation, platform, and application. In this thesis, we design a complete system for process authorization based on Public Key Infrastructure (PKI) technology.

Suggestions

Analysis of Password Attacks From The Perspective Of The Attacker By Multiple Honeypots
Aydın, Kıvanç; Acartürk, Cengiz; Department of Cybersecurity (2021-8-19)
Authentication is vital for secure operation of ICT systems. Since the past several decades, alternative solutions have been developed for authentication, such as biometric authentication methods, aiming at replacing passwords. Nevertheless, their success has been limited as evidenced by intensive use of passwords. Today, an average user uses dozens of different passwords in daily practice. The frequent use of passwords in authentication also leads to a close interest of attackers due to rapid the expansion...
Acceptance of Blockchain Based Supply Chain Management System: Research Model Proposal Blokzincir Tabanli Tedarik Zinciri Yönetimi Sistemi Kabulü: Arastirma Modeli Önerisi
Gokalp, Ebru; Coban, Selin; Gökalp, Mert Onuralp (2019-11-01)
© 2019 IEEE.Blockchain technology provides emerging solutions including decentralized management, security, privacy and robustness. In Supply Chain Management (SCM) applications, blockchain technology enable us to increase customer satisfaction, operational excellence, and to decrease operational costs and risks. Despite of these significant benefits, there are limited number of studies that combines SCM and blockchain in the literature. The main aim of this study is to investigate the factors influencing t...
Creating application security layer based on resource access decision service
Metin, Mehmet Özer; Şener, Cevat; Göǧebakan, Yenal (2008-01-01)
Different solutions have been implemented for different security aspects (access control, application security) of enterprise web applications. However combining "enterprise-level" and "application-level" security aspects in one layer could give great benefits such as reusability, manageability, and scalability. In this paper, we propose adding a new layer to n-tier web application architectures, which use RAD service implementations to execute enterprise and application security policies. Proposed architec...
A Decision Support System for Optimal Selection of Enterprise Information Security Preventative Actions
Sonmez, Ferda Ozdemir; Günel Kılıç, Banu (2021-09-01)
Types and complexity of information security related vulnerabilities are growing rapidly and present numerous challenges to the enterprises. One of the key challenges is to identify the optimal set of precautions with limited budget. Despite the fact that majority of enterprises have a budget constraint for installing and maintaining the protection systems, the majority of the previous work only focus on prioritization of security targets and do not consider the preventative actions and budget constraints. ...
A PUF-based lightweight group authentication and key distribution protocol
Yıldız, Hüsnü; Onur, Ertan; Department of Computer Engineering (2020-9)
Securing Internet of Things (IoT) applications that collect and transport sensitive data by guaranteeing authenticity, integrity, and confidentiality is a critical challenge. Reducing computation and communication overhead of security functions is also a key concern since a large number of constrained devices may take place in such applications. Our main focus in this thesis is group authentication and key management in IoT. The existing group authentication and key management protocols in the literature pe...
Citation Formats
F. Taşkazan, “Uses of PKI for process authorization,” M.S. - Master of Science, Middle East Technical University, 2003.