Designing a Secure Client-Server System

Examensarbete för masterexamen

Please use this identifier to cite or link to this item:
Download file(s):
File Description SizeFormat 
116816.pdfFulltext3.16 MBAdobe PDFView/Open
Type: Examensarbete för masterexamen
Master Thesis
Title: Designing a Secure Client-Server System
Authors: Andersson, Fredrik J
Abstract: This report describes and discusses the design of a client-server system from a security point of view. The main topics are authentication and data security which can be divided into secure transfer and secure storage. Authentication is the act where the server and the user prove their knowledge of a shared secret to each other. The shared secret can be of three different types, something you know, something you have or something you are. When talking about a software system a combination of something you know and something you have, for example a password and a hardware token, is the best choice for a system where high security is important. To be able to authenticate without revealing the secret to the other party or any external party an algorithm that uses techniques from public key cryptography and have a similar design as a Diffie-Hellman Key Exchange is used. Data security is dependent on mainly two properties, confidentiality and integrity, and if both of them can be guaranteed the data is considered secure. Confidentiality is provided by symmetric key encryption and integrity is provided by either a message digest or a MAC.
Keywords: Programvaruteknik;Software Engineering
Issue Date: 2009
Publisher: Chalmers tekniska högskola / Institutionen för data- och informationsteknik (Chalmers)
Chalmers University of Technology / Department of Computer Science and Engineering (Chalmers)
Collection:Examensarbeten för masterexamen // Master Theses

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.