Recent Changes - Search:

WNaS @ UNIK

Master Thesis

Security and Mobility
UniK, Kjeller

edit SideBar

This page provides a more detailed description of topics which we offer for a Master Thesis, either at the Institute for Informatics at the University of Oslo (UiO, Ifi) or at the Norwegian University of Technology and Science (NTNU).

Any ideas for a thesis, send mail to Josef , or contact us directly


Topic: Future Service Environments

Security of Services Oriented Architecture

SOA (Services Oriented Architecture) is currently one of the most important IT architectural concepts, and represents a way to design loosely coupled relationships between services controlled by different providers. This project aims at analysing various threats that the SOA is currently facing, judge whether current defence approaches are appropriate, and propose new defence solutions. Supervisor: Audun Jøsang , (contact info)

Semantic Services versus Mobile Services

The world is moving towards Web 2.0 and Internet Services, e.g. Flickr, Google. Companies like IBM, Oracle, SAP have converted their services to a Web Service architecture (Service Oriented Architecture (SOA)). This service world relies on permanent available services on fixed connections. Lot's of services in the mobile/wireless world are spontaneous, e.g. payment through the phone, data collection from the phone, and have a radio link with varying quality. Goal of this thesis is to compare the types of services and create guidelines on how to include mobile services into the Internet service world. Further information from Josef Noll, (contact info)

Integrate Sensor data in the mobile/wireless service world

Sensors deliver data, which can contribute to decision making. However, most of the sensor data are _event based_, and thus not available in the Internet service world. The goal of this practical work is on sensor integration into the mobile device, and how these services can be integrated into an Internet service world. Applications area cover a.o. the measurements of air quality and position of the measurements. Further information from Josef Noll, (contact info)

Use Community tagging to create meaning of words and their relations

In order to ease the complex integration of information, meaning and functionalities of e.g. software components are described in a semantic way. These descriptions are established through tools by engineers, who have the knowledge of the area and know about the functional relation. However, as meanings of _words_ change, also relations change. Thus to describe formally decisions through a rule based system (taxonomy) is a cumbersome affair. Using information on the web might help in creating these relations, e.g. what do _people at FFI mean when they talk about tactical war_ might be used to create these relations. In the Internet this is called social tagging or folksonomy. Goal is to see how folksonomy can automatically create relations between objects.
Further information from Josef Noll, (contact info)

Enable Services in a complex Transportation Scenario

Intelligent Transport Systems will enable services for the "user on the way". Interconnecting different transport systems, points-of-interest, traffic warning and other services are envisaged. However, today's systems don't support an easy integration and modification of services. A potential way to go is to introduce a semantic service description in order to model the services. Further details in ITSontology.
Further information from Josef Noll, (contact info)

Roaming of advanced Telecom Services

The advantage of the mobile phone is the service access "anyway, anytime". Basis is the roaming of communication capabilities, both for voice (GSM/UMTS) and data (GPRS/UMTS). More advanced roaming capabilities are not yet available. Further details in TelecomRoaming
Further information from Josef Noll, (contact info)

Video Communication on Mobile phones - compatibility and testing

Video is available on mobile phones, and will be available in cars. However, these video codecs are often defined for static environments, not for dynamic environments. This study will start with an analysis of mobility issues for video codecs. The final step will be to test the codecs in a real life mobile environment. Further details in CompatibilityVideoTelephony
Further information from Josef Noll, (contact info)

Capabilities of future mobile phones

Phones are getting more specific, and have capabilities for a wide range of services. This thesis will provide a service overview, and evaluate the functionality required to perform the services. The capabilities will be presented in an advanced database, providing the opportunity for service development of future phones. Further information still to come.
Further information from Josef Noll, (contact info)


Topic: Communication in the North

Analysis and test of suitable SATCOM technologies in specific Coast Guard operations in Norway.

The Norwegian Coast Guard is the Norwegian Governments most important handler of authority at sea and performs its activities in the whole Norwegian area of responsibility. The Norwegian Coast Guard is a part of the Norwegian Royal Navy and is the primary presence of the Norwegian Defence in peace-time. A greater part of the operations take place in northern territory and inside fjords, where data transfer challenges for information exchange between the Norwegian Coast Guard and military/civil departments is met daily. Further information KystvaktSatcom
Further information from Robert H. Macdonald, Josef Noll, (contact info)


Topic: Identity Management, Me, My Interests, My Social Networks

Identity in the digital world, including

  • Using Semantics to describe a Group Identity
  • Describing your preferences for context-aware services
  • Me and my social networks - trust-based privacy
  • Service authentication due to Group Membership

Identity handling in the virtual world is is not an easy task, as it has to provide "seamless service access", but also has to take into account the privacy of the user. Identity is mainly verified through an authentication mechanism. The Web community has defined Laws of Identity, providing a unifying identity meta-system that can offer the Internet the identity layer it needs. One of the conclusions is to provide the user with the capabilities of providing exactly the information required to receive the service, and not his complete identity. This thesis will focus on the methods of using different identification mechanisms for the variety of services. It will also review potential architectures for identity mechanisms. Further details in Semantic Identity, Identity,DigitalIdentity
Further information from Josef Noll, Mohammad M.R. Chowdhury, Zahid Iqbal, (contact info)

Federated identity management in future markets and communities

Identity overload and password fatigue is a common problem for people who engage in online activities. Federated identity management aims at reducing this problem by linking multiple online identities belonging to the same party. This project will analyse the advantages and disadvantages of identity federation from a security and trust perspective in order to determine what role it will have in future online markets and communities.
Supervisor: Audun Jøsang, (contact info)

Identity fraud countermeasures (ongoing)

Identity fraud is emereging as one of the fastest growing crimes globally. This project aims at analysing the current state of the art in identity fraud techniques and countermeasures from an interdisciplinary perspective, taking the legal, technological, forensic and policy aspects into account. Supervisor: Audun Jøsang, (contact info) Student: Jon Børge Tjelta

Context-aware services


Further information from Josef Noll, Sarfraz Alam, Najeeb Elahi, (contact info)


Topic: Security Usability

Experimental Security Usability Investigations

Security usability can be studied through experiments with human participants. This project aims at studying a particular secrity application by conducting an experiment to determine whether normal users are able to operate the security application correctly. As part of the project, the student will design and conduct the experiment, and write a report about the findings. Supervisor: Audun Jøsang, (contact info)


Topic: Trust and Reputation Management

Robustness of Reputation Systems

Online reputation systems are used in many online communities as a moderation mechanism for sanctioning bad behaviour and rewarding good behaviour. While this represents a technology for soft security, it is crucial that the reputation system itself can not be attacked and manipulated. This project will focus on methods and principles for making reputation systems robust and to analyse the level of robustness that can be achieved. Supervisor: Audun Jøsang, (contact info)


Topic: Trusted Systems

Integrating Trusted Computing and PKI

Trusted Computing can in general be defined as computation platforms based on security hardware, e.g. such as the TPM (Trusted Platform Module). Trusted computing can protect against inherent security vulnerabilities in software. A problem with PKIs is that it is difficult to protect the confidentiality of private keys and the integrity of root publik keys with software alone. This projecgt aims at investigating how the TPM or other security hardware can be integrated with PKIs in order to provide higher assurance in PKI integrity. Supervisor: Audun Jøsang, (contact info)

Robustness of Trusted Computing in Digital Rights Management

The set of security functions provided by the TPM (Trusted Platform Module) have been designed partially to support DRM (Digital Rights Management). In that sense, the TPM represents security functionality in a user platform that considers the user as the enemy. This project aims at investigating the theoretical and practical robustness of DRM based on the TPM. As part of the project, the functions of the TPM can tested in a lab environment. Supervisor: Audun Jøsang, (contact info)

Trusted Systems Security Models

A Trusted System can be defined as a computing platform that provides high security assurance, i.e. higher than that of current commodity platforms. Various OS and hardware vendors are proposing architectures for trusted systems. For example, SELinux (Security Enhanced Linux) which is part of Red Hat Enterprise Linux and Fedora Linux, (Trusted) Solaris, and Microsoft's NGSCB (Next Generation Secure Computing Base) combined with Intel's TXT (Trusted Execution Technology). The fundamental characteristics of these systems is to support strong separation of users and data. Security models are architectures for access control. This project focuses on investigating how pratical security models on the application level can be supported by trusted systems on the platform level. A health information application can for example be used as practical model. Supervisor: Audun Jøsang, (contact info)


Topic: Near-Field Communications (NFC) and Ad-Hoc Networks

Communication with the car

Modern cars have lot's of communication capabilities, but lack the link to the outside world. This thesis will focus on the link between the car and the handset of the user. It will establish methods for the transfer of information from the phone to the car and vice versa. Examples are GSM location from the car, to be transmitted to the queue server. Further details in CarCommunication
Further information from Josef Noll, (contact info)

Security in Mobile Phone Banking

This part will establish an architecture for seamless service access, and will evaluate the different solutions with focus on security. Specific application area is Mobile Phone Banking, based on a seamless authentication from the mobile phone, enhanced with SIM PKI based encryption. Goal will be to evaluate the solutions, and test the results on different mobile phones. Further details in MobilePhoneBanking

Near Field Communication (NFC) enables Personal Area Network Communication(ongoing)

A) Interconnectivity between devices is a big challenge. Bluetooth pairing is possible for IT experts, but not straight forward for non-IT experts. This thesis will evaluate how NFC can support the set-up of communication between devices, being it through Bluetooth, WLAN, or wireless USB.

Establish a virtual mobile in a network

If mobile and ad-hoc services are to be included in a communication environment, they have to be available immediately. To contact the mobile phone over the radio interface is both lengthy and costly. Our approach is to make the mobile phone services available in a virtual form. Thus services can be composed including what is on the mobile, while service execution will happen on the mobile phone. A similar approach is foreseen for sensor, where the capabilities of the sensors are hold in a virtual sensor, and service execution will happen on the sensor itself.
Further information from Josef Noll, Sarfraz Alam, (contact info)


Topic: Privacy and Digital Rights Management

Privacy and Security in Social Networks

This part will establish mechanisms to enable ... Further details to be established
Further information from Josef Noll, (contact info)

Cost of DRM Technologies

DRM (Digital Rights Management) can be enforced by security mechanisms. For example, the data on a HD DVD can be encrypted, as well as the video signals from the playback device to the display device, so that cleartext signals only exist within the display device itself. All this requires hardware, software and processing time, and increases the likelihood of failure. This project aims at investigating and assessing the cost of various DRM techniques and look at the business models behind DRM. The student can select a set of DRM technologies to investigate.
SUPERVISOR: Audun Jøsang

SIM card based security for mobile applications

 Further details to be established
Further information from Josef Noll, (contact info)

Protection mechanisms for personal content(ongoing)

This part will establish a protection of personal or community content. Key of the work is a public DRM system, initiated and controlled by the user. Two possible areas are envisaged, the access to the content (how can a user identity himself?) and the distribution and revokation of DRM keys (typically through Internet, local connectivity or mobile network). Further details ContentProtection
Further information from Gyuri Kalman, Josef Noll , (contact info)

B) Imagine you don't have to take with you any keys, small money, admission cards. The only thing you need is your mobile phone, which integrates it all. Applications will have an access key on the SIM card, and the application on the phone. Focus in this thesis is on prototypical implementation of new services, and security considerations of the architecture. Further details are in NFCpin.

DRM Systems relatert til smartkort/UICC/JavaCard og Mobil TV

Abel DRM har flere masteroppgaver i det området, som er oppført i vedlagt .pdfΔ (Contact: Chunming Rong)


Topic: Cryptography

Future of Quantum Cryptography

Quantum cryptography is a general term used to describe security mechanisms based on principles of quantum theory. The most well known is Quantum Key Distribution. Practical implementations of quantum computing could also revolutionise the art of cryptography. This project aims at examining the current state of the art in quantum cryptography and study problems and issues that need to be resolved before quantum cryptography can be widely used. Supervisor: Audun Jøsang, (contact info)


Topic: Information Warfare

Games Security

TITLE: Security Threats and Vulnerabilities in Online Games, and Possible Countermeasures
ABSTRACT:
Many online games have been found vulnerable to security attacks. Combined with strong incentives to commit fraud, such games are often being successfully attacked and exploited. This poses a threat to the users and providers of online games. This project focuses on investigating the modes of attack, legal issues involved, and possible defence strategies. The goal is to propose new and better methods and principles for making online games robust against attacks.
SUPERVISOR: Audun Jøsang, (contact info)

Honeypots, Honeynets and Darknets

TITLE: Decepting Attackers Through Honeypots, Honeynets and Darknets
ABSTRACT:
Firewalls, IDS (Intrusion Detection Systems) and encryption are one-way security mechanisms, meaning that they can protect computers and networks, but they do nothing to the attacaker. Honeypots, honeyets and darknets are aimed at spying on the attacker, slowing him down and possibly deceiving him. This project aims at investigating the state of the art in honeypot technology, and to analyse which real security benefits it can bring. Installing and observing a honeypot can be part of the project.
SUPERVISOR: Audun Jøsang, (contact info)

Negative Impacts of Spam

TITLE: Spam, and its negative impact on the Internet and the effectiveness of organisations
ABSTRACT:
Spam is used for various things, such as marketing and for launching phisning attacks. It is estimated that more than 75% of all email traffic passing through the Internet is spam, and it is well known that spam is sent by bots maliciously installed in millions of computers worldwide. This project aims at investigating the mechanisms for spam, and to analyse the negative impact it has on the economy, such as loss of bandwith, waisted time deleting spam, and secondary attacks such as phishing.
SUPERVISOR: Audun Jøsang, (contact info)

Botnet threats and countermeasures

TITLE: Botnet Threats and Countermeasures
ABSTRAC:
Due to the recent increase in malicious botnet activity it is important to understand the motives, impact, mechanisms of attack and defences against this new threat. This project aims at investigating how botnets are established and organised, their intended purposes, and the threats it poses for the economy and society as a whole. Possible defences should also be investigated.
SUPERVISOR: Audun Jøsang, (contact info)

Decide on an action depending on situation (ongoing)

To make decisions or take actions should be based on the evaluation of multiple parameters. Sensor input, position data, context will influence the decision. Goal of this master thesis is to create a semantic based decision engine, which allows actions like "_if the value of CO increases with 5 %/min send a warning to phone, unless it's less than 1 % in total_". Applications: Tactical warforce (decision making), environemental monitoring (air polution),... More info at DecisionMaking
Further information from Josef Noll, (contact info)


Topic: Security Management

Measuring Security

TITLE: Measuring Security
ABSTRACT:
The level of security of something is an evasive notion and can be extremely difficult to determine. Principles such as "it's only as secure as the weakest link" and "surface of exposure" are often used and cited. Nevertheless they portray two seemingly incompatible views of how security can be measured, either as that of the least secure component, or inversely proportional to the number of exposed components. Also, a model that is meaningful for measuring the security of a single system might not be meaningful for measuring the security of a whole network or an organization. To provide good usability a security meter could be developed for single systems, but this would probably be less meaningful for whole networks. This project focuses on investigating possible models and methods of measuring security, and methods for making this usable and meaningful for users and organizations. Components to be considered can range from single system to networks and organizations.
This project will be conducted in collaboration with Storebrand.
SUPERVISOR: Prof. Audun Jøsang, UniK, University of Oslo , (contact info)
ASSOCIATE SUPERVISOR: Sissel Gjessing, Risk Governance Manager, Storebrand

Uncertainty in Risk Management

TITLE: Uncertainty Evaluation in Risk Analysis
ABSTRACT:
Input parameters to risk analysis are often characterised by considerable degrees of uncertainty. In such situations the outputs of a risk analysis will be equally subject to uncertainty. The degree of uncertainty can be extremely difficult to assess, even more so because potential risks usually do not materialise and therefore provide a weak basis for statistical analysis. This project aims at investigating the role uncertainty plays in risk analysis. A possible approach can be to assess the degree of uncertainty in the input parameters, and determine how this uncertainty propagates through to the the output. Being able to assess the uncertainty of estimated risks can be valuable for determining investment in risk mitigation, or for identfying areas where additional assessments are required.
This project will be conducted in collaboration with Storebrand.
SUPERVISOR: Prof. Audun Jøsang, UniK, University of Oslo , (contact info)
ASSOCIATE SUPERVISOR: Sissel Gjessing, Risk Governance Manager, Storebrand



Contacts

Contacts:

Josef Noll,UNIK, ,9083 8066
Marianne Rustad,FFI, 4084 5356
Kjell MyksvollTelenor, ,918 00 651
Gyorgy KalmanUNIK, ,4787 4607
Mohammad M.R. ChowdhuryUniK, 9579 8902
Najeeb ElahiUNIK,  
Sarfraz AlamUNIK,  
Audun JøsangUNIK  


Ongoing theses

Master Theses in 2008/2009

Master Theses in 2007/2008

Master Theses in 2006/2007

Master Thesis in 2005/2006

Edit - History - Print - Recent Changes - Search
Page last modified on June 11, 2010, at 11:28 AM EST