Wyniki wyszukiwania - BazTech

1

New challenges in network security

Bilski T.

Przegląd Elektrotechniczny

|

2016

|

R. 92, nr 12

228--232

EN

The purpose of the paper is to point out different security issues of network evolution and to point out new threats related to the network evolution. We will discuss such issues as: complexity of security tools, IPv4/IPv6 transition, new modes of operation, IoT (Internet of Things), BYOD (Bring Your Own Device), cloud computing, SDN (Software Defined Network), wireless transmission. The paper should be of interest to different groups of people, among them are researchers and designers in the security area, policy makers and users of modern networks.

PL

Celem jest wskazanie aspektów bezpieczeństwa związanych z ewolucją sieci komputerowych. Przedstawiono takie zagadnienia jak: złożoność narzędzi bezpieczeństwa, przejście z IPv4 na IPv6, nowe tryby działania, Internet Rzeczy, BYOD (Bring Your Own Device), przetwarzanie w chmurach, SDN (Software Defined Network), transmisja bezprzewodowa. Artykuł powinien zainteresować różne grupy, w tym: osoby badające i projektujące zabezpieczenia, twórców polityk bezpieczeństwa i użytkowników sieci.

2

Systemy uwierzytelniania pozapasmowego

Bilski T.

Studia Informatica

|

2014

|

Vol. 35, nr 3

39--51

PL

Standardowe kanały komunikacyjne oparte na falach elektromagnetycznych nie mogą być uznawane za zaufane i autentyczne. Docierające do odbiorcy fale elektromagnetyczne mogą pochodzić ze źródeł, których istnienie może być ukryte przed odbiorcą. W ogólnym przypadku użytkownik odbierający takie sygnały nie jest w stanie określić ich pochodzenia i nie ma pewności co do tego, czy sygnały te pochodzą od określonego (zaufanego) nadawcy. Brak tej pewności może prowadzić do naruszeń bezpieczeństwa, takich jak podszywanie się czy podsłuch. Tak więc pojawia się potrzeba uwierzytelnienia urządzenia bezprzewodowego bez użycia zwykłego kanału komunikacyjnego opartego na falach radiowych. Artykuł stanowi przegląd metod uwierzytelniania pozapasmowego. Uwzględniono zarówno prace teoretyczne, standardy, jak i rozwiązania komercyjne

EN

Standard communication channels based on radio waves may not be considered safe. Signals that user receives may come from different places, which may be hidden. User is not able to determine the source of the signals. This may be used by illegitimate users to spoof or to sniff wireless channel. In order to authenticate the sender’s wireless device one has to use additional out-of-band channel. The paper is a survey of out-of-band authentication methods and systems. Standards, theoretical works as well as commercial solutions have been presented.

3

New Threats and Innovative Protection Methods in Wireless Transmission Systems

Bilski T.

Journal of Telecommunications and Information Technology

|

2014

|

nr 3

26--33

EN

Many improvements in the field of wireless communication can be observed nowadays. Some developments are gradual, others are revolutionary. It is obvious that each innovation in the area may lead to new security threats and vulnerabilities. Such technologies and transmission methods as: Near Field Communication (NFC), Visible Light Communication (VLC), handover, mesh networks, 5G cellular network, mobile IPv6, beamforming, cooperative beamforming, Multiple Input Multiple Output (MIMO), Orthogonal Frequency Division Multiple Access (OFDMA), transmission in Extra High Frequency (EHF) band are very important from the security point of view. In order to preserve high level of security one needs to identify, analyse and classify distinctive sets of threats and vulnerabilities as well as some emerging data protection opportunities related to innovative wireless transmission methods and technologies. This identification, analysis and classification is a main purpose of the paper. It will focus on cryptography in wireless systems, security vs. energy tradeoffs, physical layer security. For example, common problems related to cryptography may be solved with a use of physical layer security. Data confidentiality may be fulfilled with a use of beamforming and jamming, authentication may be performed with a use of out-of-band authentication model.

4

Parameterized hash functions

Bilski T., Bucholc K., Grocholewska-Czuryło A., Stoklosa J.

Annales Universitatis Mariae Curie-Skłodowska. Sectio AI, Informatica

|

2012

|

Vol. 12, no. 3

11--24

EN

In this paper we describe a family of highly parameterized hash functions. This parameterization results in great flexibility between performance and security of the algorithm. The three basic functions, HaF-256, HaF-512 and HaF-1024 constitute this hash function family. Lengths of message digests are 256, 512 and 1024 bits respectively. The paper discusses the details of functions structure. The method used to generate function S-box is also described in detail.

5

Analiza ruchu na podstawie wielkości pakietów IP

Bilski T.

Studia Informatica

|

2011

|

Vol. 32, nr 3A

167-176

PL

W artykule przedstawiono koncepcję wykorzystania długości pakietów IP w analizie ruchu, w sieciach komputerowych. W pierwszej części artykułu dokonano przeglądu ograniczeń związanych z klasyfikacją ruchu na podstawie numerów portów. Główna część artykułu poświęcona jest koncepcji analizy i klasyfikowania ruchu sieciowego na podstawie długości pojedynczych pakietów oraz rozkładu długości w zbiorach pakietów. W ostatniej części przedstawiono przykładowe zastosowanie w systemach wykrywania kradzieży usług.

EN

The paper discusses traffic analysis/classification problem. First part deals with some problems and limitations of analysis with a use of port numbers. Main part of the paper presents a concept of packet size based traffic classification. Exemplary application is provided in the last part of the paper.

6

Data storage and transmission convergence concept

Bilski T.

Foundations of Control and Management Sciences

|

2005

|

No. 3

25-44

EN

Computer systems process, store and transmit data. Seemingly, storage and transmission are dissimilar. Despite the difference, the properties of services are comparable: effectiveness, security, reliability. The requirements are accomplished with the same methods: data structure, coding, compression, redundancy. The convergence between the services is noticeable. In the paper, some concepts, such as how to utilize the convergence to optimize the system performance, are presented. For example, in a file transmission procedure: sectors of disk are read, their checksums are examined and a file is assembled; communication software divides the file into packets, assigns new checksums and transmits data; on the receiver side the checksums are examined, the packets are assembled into a file and forwarded to the storage system; during write process a file is divided into sectors; sectors are given checksums and are stored. In the paper, more effective scheme is proposed. First, a disk sector is read and its checksum is examined. Then the sector is placed in the packet data field and the sector checksum is placed in the packet checksum field. The packet is transmitted. On the receiver side the sector and its checksum are stored. The unification of other elements of storage and transmission such as: channel coding, compression technique is also evaluated in the paper.