MSc.ISS Theses and Dissertations (2018)

Permanent URI for this collection


Recent Submissions

Now showing 1 - 5 of 9
  • Item
    Design and implementation of a private certificate authority: a case study of Telkom Kenya limited
    (Strathmore University, 2018) Moraa, Deborah Rioba
    Public Key Infrastructure (PKI) provides confidentiality and integrity to an enterprise and its customers. Applications accessed through corporate network needs to be protected when in transit and hence the need for a Certificate Authority (CA). Most enterprises currently purchase digital certificates from other Certificate Authorities, for instance Comodo, Symantec, Digicert, Thwate, GoDadddy, etc. Others purchase through third parties for instance Cloud Productivity Solutions in Kenya who then get their digital certificates from GeoTrust. These certificates are used to guarantee secure communication when accessing services on servers within an organization. The main challenge of buying of the certificates is the high purchase cost of single or Subject Alternative Name (SAN) certificates. By having their own Certificate Authority, digital certificates would cost less and give an enterprise the means to control large numbers of Digital Certificates for SSL, authentication, document signing, S/MIME (Secure/Multipurpose Internet Mail Extensions) and other usages of digital signatures. This implies that costs would be reduced by generation of enterprise-owned digital certificates instead of purchasing them. By understanding the current infrastructure in place, a CA was created for generation distribution and revocation of SSL certificates. This would replace purchasing of certificates signed by other public Certificate Authorities. This dissertation sought to design, develop and implement a comprehensive CA as per the X.509 standard for the purpose of generation of certificates for internal use for corporates and selling of the same to generate revenue so as to cut on costs incurred on purchase of digital certificates. Also a proof of concept of a private CA was used to validate the certificate authority with security of the Certificate Authority being considered.
  • Item
    Digital content security: video streaming digital rights management system
    (Strathmore University, 2018) Owenda, Benjamin Odonya
    The usability and applicability of digital videos, especially through the Internet, offers great opportunities for Kenyan content creators to further their careers as the platform enables them to share ideas which contributes to knowledge in the field which in turn generates wealth in the industry as new and efficient ways of creating the content are discovered making the production and distribution process cost effective. The Internet is however proving to be a double-edged sword as there have been multiple reports and incidences of copyright infringement within the country. This can be largely attributed to the fact that the platforms available to the average user provide a convenient environment for them to make several copies of the protected media file and distribute them as they wish: which facilitates misuse, piracy and plagiarism. The purpose of this project was to mitigate the unlawful replication and dissemination on an enormous scale of digital videos that are owned by practitioners in the education industry and presented to end users over the Internet. This followed a move by the players in the industry to convert their content into a digital format to meet the demand for online classes. Popular avenues that have been used to acquire copies of the digital streams include by use of standalone file grabbing software such as Internet Download Manager or browser plugins such as DownThemAll. These software implementations are extremely simple to use and allow users to create local copies of the streams through a single click of a button. They therefore present a threat to an entire ecosystem as content creators are heavily dependent on revenues generated from their material. This study seeks to develop a solution in the form of a Digital Rights Management (DRM) system that can be used to secure video streams and, in the process, preserve their economic value. A DRM system secures and implements the rights associated with the use of digital content by use of a set of access control technologies, which ensures that the videos are consumed as intended, and no illegal duplicates are created. Rapid Application Software Development Methodology were leveraged to accomplish the objectives
  • Item
    Investigating keystroke dynamics as a two-factor biometric security
    (Strathmore University, 2018) Njogholo, Brian Mwandau
    Keystroke dynamics is the study of how people can be distinguished based on their typing rhythms. This proposal aims at investigating user authentication approaches and how keystroke dynamics can be used to enhance user authentication and access control. With more users embracing technologies and using applications without necessarily understanding the security repercussions, a further protection mechanism needs to be employed. It emphasizes on the need of an additional layer of security, through keystroke dynamics, on top of the traditional username-password combination to enhance security during authentication. It also proposes the use of a machine learning classifier for possible application in keystroke dynamics to verify and validate the legitimacy of a user during authentication.
  • Item
    A Platform for analyzing log files using temporal logic approach: a test case with web server logs
    (Strathmore University, 2018) Muema, Peris Ndululu
    Web logs are a set of recorded events between clients and web servers. Information provided by these events is valuable to computer system administrators, digital forensic investigators and system security personnel during digital investigations. It is important for these entities to understand when certain system events were initiated and by whom. To achieve this, it is fundamental to gather related evidence to the crime from log files. These forensic procedures however pose a major challenge due to large sizes of the web log files, difficulty in understanding and correlating to attack patterns associated to digital crimes. The connections of events that are remotely positioned in the large log files require extensive computational manpower. This dissertation proposes the design, implementation and evaluation of a web log analysis system based on temporal logic and reconstruction. The case study will be on web server misuse. Temporal Logic operators represent system changes over time. The reconstruction of records in web server log files as streams will enable the implementation of temporal logic on the streaming data. The web server attack patterns established will be described by a special subset of temporal logic known as MSFOMTL (Many Sorted First Order Metric Temporal Logic). The attack patterns will be written in a special EPL (Event Processing Language) as queries and be parsed through Esper, a Complex Event Processing (CEP) engine. To ensure the proposed system increases the quality of log analysis process, log analysis will be performed based on a time window mechanism on sorted log files.
  • Item
    Secure plugin for automated software updates using Public Key Infrastructure for embedded systems
    (Strathmore University, 2018) Mbuvi, Victor Malombe
    Embedded systems are the driving force for technological development in many domains such as automotive, healthcare, and industrial control in the emerging post-PC era. As more and more computational and networked devices are integrated into all aspects of our lives in a pervasive and invisible way, security becomes critical for the dependability of all smart or intelligent systems built upon these embedded systems. Most embedded device software is not updated after deployment. This is because chip manufacturers and system manufacturers (usually original device manufacturers) do not have any incentive, expertise, or even ability to patch the software once it is shipped. This leaves IoT developers to improvise their own ways of delivering software updates for embedded devices. These techniques do not have security in their design, and hence malicious updates from unauthorised sources may change the software leading to mass compromise. This research reviewed previous work done using the Public Key Infrastructure in securing software updates in legacy systems and led to the development of a secure software updates plugin for embedded devices. The prototype applies Experimental Research Design and Agile Development Methodology, for building of an evaluation platform. It provides opportunities to assess the dissertation progress and direction throughout the development lifecycle. This is achieved through iterations, coming up with a potentially stable product finally.