Browsing Theses by Supervisor "Tripunitara, Mahesh"
Now showing items 1-20 of 21
-
An Assessment of, and Improvements to, the Digital Forensics Acquisition Process of a Law Enforcement Agency
(University of Waterloo, 2022-01-17)Forensics addresses the collection and analysis of evidence. Digital forensics is forensics in the context of digital devices. It is a rapidly evolving field employed in various organizations such as law enforcement, ... -
Automated Safety Analysis of Administrative Temporal Role-Based Access Control (ATRBAC) Policies using Mohawk+T
(University of Waterloo, 2016-08-17)Safety analysis is recognized as a fundamental problem in access control. It has been studied for various access control schemes in the literature. Recent work has proposed an administrative model for Temporal Role-Based ... -
AWS Identity-based Policies with "Read", "Write" and "Execute" Actions
(University of Waterloo, 2020-12-15)This thesis addresses Amazon Web Service (AWS) identity-based policies with "read", "write" and "execute" actions. AWS is a large provider of cloud computing, security is an important property that an application running ... -
Evaluating Object and Text Detectors under the Binary Classification Scenario: A Review
(University of Waterloo, 2022-01-27)With the explosively increasing volume of hateful speech presented with images on the Internet, it is necessary to detect hateful speech automatically. Due to the intense demand for computation from the hateful meme detection ... -
Forensic Analysis in Access Control: a Case-Study of a Cloud Application
(University of Waterloo, 2019-11-27)We discuss a case-study we have conducted on forensic analysis in access control. The case-study is an application in the Amazon Web Services (AWS) cloud provider. Forensic analysis is the investigation and analysis of ... -
From Isomorphism-Based Security for Graphs to Semantics-Preserving Security for the Resource Description Framework (RDF)
(University of Waterloo, 2016-08-17)Resource Description Framework (RDF) is a graph-like data model designed for the web. One of its compelling features is a precise, model-theoretic semantics. We address security in the context of the RDF. We first observe ... -
The Hardness of Learning Access Control Policies
(University of Waterloo, 2023-08-30)The problem of learning access control policies is gaining significant attention in research. We contribute to the foundations of this problem by posing and addressing meaningful questions on computational hardness. Our ... -
An Implementation of 5G-AKA and a Usability Analysis of OpenLDAP Access Control Lists (ACLs)
(University of Waterloo, 2021-08-27)We address two pieces of work: (i) an implementation of the Authentication and Key Agreement protocol suite from the 5th generation cellular communications standards (5G-AKA) that we intend to make available as open-source, ... -
Least-Privilege Identity-Based Policies for Lambda Functions in Amazon Web Services (AWS)
(University of Waterloo, 2020-12-21)We address least-privilege in a particular context of public cloud computing: identity-based policies for callback functions, called Lambda functions, in serverless applications of the Amazon Web Services (AWS) cloud ... -
Multi-cloud Connectivity Provisioning with Security Attributes
(University of Waterloo, 2023-04-21)In this thesis, we detail the following work: (i) the design and development of graph-based cloud management software with multiple microservices, including one that provides easy connectivity provisioning in the multi-cloud ... -
Optimal Learning Theory and Approximate Optimal Learning Algorithms
(University of Waterloo, 2019-09-12)The exploration/exploitation dilemma is a fundamental but often computationally intractable problem in reinforcement learning. The dilemma also impacts data efficiency which can be pivotal when the interactions between the ... -
Polynomial Timed Reductions to Solve Computer Security Problems in Access Control, Ethereum Smart Contract, Cloud VM Scheduling, and Logic Locking.
(University of Waterloo, 2020-08-28)This thesis addresses computer security problems in: Access Control, Ethereum Smart Contracts, Cloud VM Scheduling, and Logic Locking. These problems are solved using polynomially timed reductions to 2 complexity classes: ... -
Problems in Cloud Security, Access Control and Logic Locking
(University of Waterloo, 2020-07-22)In this thesis, we study problems related to security in three different contexts: cloud scheduling, access control, and logic locking to protect digital ICs. The first set of problems relates to security in cloud ... -
A Reduction from Smart Contract Verification to Model Checking
(University of Waterloo, 2021-08-25)We present a reduction from verification of smart contracts to model checking. A smart contract is a computer program written in a language with constructs that correspond to real-world contracts, such as verified sending ... -
Secrecy Resilience of Authorization Policies and Its Application to Role Mining
(University of Waterloo, 2021-09-21)We propose and study a new property that we call secrecy resilience in the context of authorization policies that are used to secure information systems. An authorization policy expresses whether a principal (e.g., a user ... -
Security Vulnerabilities in Smart Contracts as Specifications in Linear Temporal Logic
(University of Waterloo, 2021-12-21)Ethereum is a distributed computer with a native cryptocurrency. Like other monetary transaction based systems, a problem this platform faces is accounts and transactions being susceptible to theft and other hacks. Smart ... -
A Serverless Discrete Optimization Service in the Cloud Based on Boolean Circuit Satisfiability
(University of Waterloo, 2023-09-19)This thesis discusses the implementation of a serverless cloud service designed for solving discrete optimization problems encoded as boolean circuit satisfiability. Boolean circuit satisfiability problem involves determining ... -
Static Verification of an Implementation of 5G-AKA
(University of Waterloo, 2023-04-24)Computer-aided cryptography offers a variety of tools that are essential for ensuring the security of cryptographic protocols. These tools can assist in designing the protocol, verifying its correctness during implementation, ... -
Strategic and Stochastic Approaches to Modeling the Structure of Multi-Layer and Interdependent Networks
(University of Waterloo, 2016-08-12)Examples of complex networks abound in both the natural world (e.g., ecological, social and economic systems), and in engineered applications (e.g., the Internet, the power grid, etc.). The topological structure of such ... -
Usability of the Access Control System for OpenLDAP
(University of Waterloo, 2019-09-19)This thesis addresses the usability of the Access Control System of OpenLDAP. OpenLDAP is a open source implementation of the Lightweight Directory Access Protocol (LDAP), which is a protocol that communicates with a ...