Θέματα ασφαλείας και διαχείρισης σε σύγχρονα τηλεπικοινωνιακά δίκτυα

Abstract

This thesis concerns with security management in personal communications taking place over public networks and especially secure device pairing among devices which are either co-located or interconnected over a public telecommunications network. Telecommunications security is a major issue for all communications among very important persons (businessmen, government executives, financial executives etc.) as well as for personal communications of every citizen, who have the right for privacy in their communications and security when transferring information over public networks. Security becomes an even major issue in wireless environments, like mobile networks, WiFi hotspots and Bluetooth communications, where user communications take place over insecure broadcast channels. There is a long list of possible attacks in telecommunications, the most common being eavesdropping. The most serious attack though is when a Man in the Middle (MITM) where the attacker intercepts any signalling and/or user data exchanged and has the ability to eavesdrop, inject/modify/delete any signalling or user data exchanged between them. Encryption is the only way to overcome such problems. This thesis addresses the issue of secure key exchange over public networks and uncontrolled wireless environments in order to ensure secure device pairing through encryption of any forthcoming exchange over the channel. We present a novel method for the secure establishment of a symmetric encryption key that is used for the encryption of the relevant session, making use of the data channel for signalling purposes also. The method can be used to ensure privacy of user communications, i.e. secure data exchange or secure xix device pairing. A symmetrical encryption key is established through the use of asymmetric cryptography, the integrity of which is validated visually or vocally by the participating user(s) before any communication takes place. The method is appropriate for secure device pairing and for securing privacy of telecommunications among any two parties. Moreover this thesis concerns with Grid networks management, addressing the issue of harmonization of trouble tickets exchanged among the participating network entities that form the Grid. Whenever a problem arises in any of the participating institutions of the Grid, its Network Operations Centre (NOC) opens up a specific form of incident reporting, namely a “trouble ticket” (TT). Ideally, a uniform infrastructure should be put in place for all NOCs in order to provide services to the users of the Grid and to manage the network. In practice though, this is not the case. Unfortunately, different TT systems are used by the participating networks. There is a wide variety of commercial and open source TT systems available, with differentiated functionality among them. In addition to that, in-house developed systems are used, making it even harder to achieve interoperability among the established TT systems of the partners of the Grid. A central NOC is responsible for collecting and handling the TTs received by the participating NOCs. TT load is growing proportionally with the network size and the serviced users of the Grid, and, unfortunately, TT systems producing incidents reports follow the same trend. This leaves the central NOC with a vast amount of different types of TTs from the various NOCs that need immediate attention in order for the Grid to provide services to its users. TT normalization, i.e. transformation to a common format that is reasonable for all parties and copes with service demands in a dynamic and effective way, is of crucial importance for successful management of the Grid. In the present work we define a data model for TT normalization for the participating institutions in a Grid. The model is designed to meet the needs of the Grid, meeting requirements of the multiple TT systems available. It is both effective and comprehensive, as it compensates for the core activities of the NOCs. It is also dynamic as it allows other options to be included in the future, according to demand