Security threats and requirements for Java-based applications in the networked home environment: Master's thesis

Jarkko Holappa

Research output: ThesisMaster's thesisTheses

1 Citation (Scopus)

Abstract

This work presents the networked home environment from the security point of view. Threats, technologies and the special characteristics of the users are examined. 'Common Criteria' is used in this thesis as a security evaluation criterion to construct a protection profile for the software distribution platform of a networked home environment. 'Protection profile' describes the target of the evaluation - the networked home environment and its security environment, along with access control and information flow policies. This environment sets the context for the security requirements that are established as a result of this thesis to counter the threats that are also identified in the protection profile as a part of the security environment. Java is a relatively promising platform for the networked software because of its security model, which has evolved since the first versions of Java. Java's application programming interfaces provide support for widely used cryptographic techniques and public key infrastructure frameworks, including the X.509 authentication framework. Java's security features are applied to the software distribution platform developed at VTT Electronics. The security framework for the platform is developed and presented in this work. 'Home', as a distributed computing environment, presents many new issues when compared to typical corporate office networks. Users are very heterogeneous and their needs differ from one to another. The requirements specification must be done with care, and by using knowledge of the system and existing security techniques to develop a system that provides adequate confidentiality, integrity and availability for its users.
Original languageEnglish
QualificationMaster Degree
Awarding Institution
  • University of Oulu
Supervisors/Advisors
  • Röning, Juha, Supervisor, External person
  • Pyssysalo, Tino, Supervisor, External person
Place of PublicationEspoo
Publisher
Print ISBNs951-38-5865-0
Electronic ISBNs951-38-5866-9
Publication statusPublished - 2001
MoE publication typeG2 Master's thesis, polytechnic Master's thesis

Fingerprint

Distributed computer systems
Application programming interfaces (API)
Access control
Authentication
Electronic equipment
Availability
Specifications

Keywords

  • public key infrastructure
  • security policy
  • Java
  • distributed software
  • protection profile

Cite this

Holappa, Jarkko. / Security threats and requirements for Java-based applications in the networked home environment : Master's thesis. Espoo : VTT Technical Research Centre of Finland, 2001. 119 p.
@phdthesis{4fc4c76786da41cf8e4f956b09ac2c3d,
title = "Security threats and requirements for Java-based applications in the networked home environment: Master's thesis",
abstract = "This work presents the networked home environment from the security point of view. Threats, technologies and the special characteristics of the users are examined. 'Common Criteria' is used in this thesis as a security evaluation criterion to construct a protection profile for the software distribution platform of a networked home environment. 'Protection profile' describes the target of the evaluation - the networked home environment and its security environment, along with access control and information flow policies. This environment sets the context for the security requirements that are established as a result of this thesis to counter the threats that are also identified in the protection profile as a part of the security environment. Java is a relatively promising platform for the networked software because of its security model, which has evolved since the first versions of Java. Java's application programming interfaces provide support for widely used cryptographic techniques and public key infrastructure frameworks, including the X.509 authentication framework. Java's security features are applied to the software distribution platform developed at VTT Electronics. The security framework for the platform is developed and presented in this work. 'Home', as a distributed computing environment, presents many new issues when compared to typical corporate office networks. Users are very heterogeneous and their needs differ from one to another. The requirements specification must be done with care, and by using knowledge of the system and existing security techniques to develop a system that provides adequate confidentiality, integrity and availability for its users.",
keywords = "public key infrastructure, security policy, Java, distributed software, protection profile",
author = "Jarkko Holappa",
note = "Project code: E9SU00411",
year = "2001",
language = "English",
isbn = "951-38-5865-0",
series = "VTT Publications",
publisher = "VTT Technical Research Centre of Finland",
number = "444",
address = "Finland",
school = "University of Oulu",

}

Security threats and requirements for Java-based applications in the networked home environment : Master's thesis. / Holappa, Jarkko.

Espoo : VTT Technical Research Centre of Finland, 2001. 119 p.

Research output: ThesisMaster's thesisTheses

TY - THES

T1 - Security threats and requirements for Java-based applications in the networked home environment

T2 - Master's thesis

AU - Holappa, Jarkko

N1 - Project code: E9SU00411

PY - 2001

Y1 - 2001

N2 - This work presents the networked home environment from the security point of view. Threats, technologies and the special characteristics of the users are examined. 'Common Criteria' is used in this thesis as a security evaluation criterion to construct a protection profile for the software distribution platform of a networked home environment. 'Protection profile' describes the target of the evaluation - the networked home environment and its security environment, along with access control and information flow policies. This environment sets the context for the security requirements that are established as a result of this thesis to counter the threats that are also identified in the protection profile as a part of the security environment. Java is a relatively promising platform for the networked software because of its security model, which has evolved since the first versions of Java. Java's application programming interfaces provide support for widely used cryptographic techniques and public key infrastructure frameworks, including the X.509 authentication framework. Java's security features are applied to the software distribution platform developed at VTT Electronics. The security framework for the platform is developed and presented in this work. 'Home', as a distributed computing environment, presents many new issues when compared to typical corporate office networks. Users are very heterogeneous and their needs differ from one to another. The requirements specification must be done with care, and by using knowledge of the system and existing security techniques to develop a system that provides adequate confidentiality, integrity and availability for its users.

AB - This work presents the networked home environment from the security point of view. Threats, technologies and the special characteristics of the users are examined. 'Common Criteria' is used in this thesis as a security evaluation criterion to construct a protection profile for the software distribution platform of a networked home environment. 'Protection profile' describes the target of the evaluation - the networked home environment and its security environment, along with access control and information flow policies. This environment sets the context for the security requirements that are established as a result of this thesis to counter the threats that are also identified in the protection profile as a part of the security environment. Java is a relatively promising platform for the networked software because of its security model, which has evolved since the first versions of Java. Java's application programming interfaces provide support for widely used cryptographic techniques and public key infrastructure frameworks, including the X.509 authentication framework. Java's security features are applied to the software distribution platform developed at VTT Electronics. The security framework for the platform is developed and presented in this work. 'Home', as a distributed computing environment, presents many new issues when compared to typical corporate office networks. Users are very heterogeneous and their needs differ from one to another. The requirements specification must be done with care, and by using knowledge of the system and existing security techniques to develop a system that provides adequate confidentiality, integrity and availability for its users.

KW - public key infrastructure

KW - security policy

KW - Java

KW - distributed software

KW - protection profile

M3 - Master's thesis

SN - 951-38-5865-0

T3 - VTT Publications

PB - VTT Technical Research Centre of Finland

CY - Espoo

ER -