Att skydda sin information mot offline-attacker och stöld kan vara önskvärt, därför kan man använda sig utav filsystemskryptering. Den här studien är en prestandatestning av de tre olika kryptoprogrammen BestCrypt, BitLocker och DiskCryptor, som krypterar filsystemet. Resultaten syftar till att ge en fingervisning av vilket kryptoprogram man bör välja. Detta tydliggjordes när testerna visade att filsystemskryptering påverkar responsen hos Apache och FileZilla och att de påverkades olika mycket beroende av kryptoprogram..

This paper was made together withTechPay AB, by their request.The dissertation has been divided into two separate parts; one of which is fully theoretical, with the focus on the security requirements of a digital cash register, and how to meet these requirements.The second part covers the implementation of anAndroid-oriented Java-library,created with help from the security requirements found in the first part. The purpose of this library is to make it easier to develop a cash register that uses payment terminals from TechPay.This paper also covers different communication protocols, Encryption techniques and recommendations from authorities, banks and Android. This paper also contains a small review of how users are validated in applications on the current market that handles money transactions..

Är det möjligt att förlita sig på att de smarta mobiler som utnyttjar operativsystem bestående av Android, iOS eller Windows Phone, håller informationen skyddad från spridning om enheten blir stulen eller förläggs? Det här arbetet innefattar undersökandet av medföljande krypteringar för skydd av filer och dess innehåll på ett antal smarta mobiler som kör något av operativsystemen Android, iOS eller Windows Phone.En undersökning där resultatet blev att samtliga testade system är tämligen säkra utifall rätt förutsättningar finns tillhands, samt att mest varaktigast krypteringsalgoritmer innehas av Windows Phone i form av algoritmerna HMACSHA1 och HMACSHA256..

This thesis takes its starting point in the 27 Chapter 1, section 1 of the Swedish code of judicial procedure, where the following is found:?objects reasonably presumed important to a criminal investigation or taken from a person through a criminal act or subject to criminal forfeiture may be seized?In this thesis we have investigated what kinds of problems occur when the seized object is part of an investigation of IT-related criminality. We have used methodological investigations of Swedish laws, legal usage, and the preliminary work with laws. Further have three interviews been made with different actors affected by or involved in seize of objects. These persons were a police officer, a public prosecutor, and a person whose object has been seized.The result we present is that there exist three kinds of problems related to objects that are seized within the demarcation of this study.

The purpose of this thesis is to show how to use vulnerability testing to identify and search for security flaws in networks of computers. The goal is partly to give a casual description of different types of methods of vulnerability testing and partly to present the method and results from a vulnerability test. A document containing the results of the vulnerability test will be handed over and a solution to the found high risk vulnerabilities. The goal is also to carry out and present this work as a form of a scholarly work.The problem was to show how to perform vulnerability tests and identify vulnerabilities in the organization's network and systems. Programs would be run under controlled circumstances in a way that they did not burden the network.

The goal of the project was to create an extension to Internet Explorer forStatens Tjänstepensionsverk (SPV) which would give the staff the experience ofSingle sign-on (SSO) to external web service providers as well as manage andupdate their passwords in a secure manner. The survey focused on the providersPalasso, ProCompetence and Wera. The extension was created as a BrowserHelper Object (BHO) with C# in .NET. The solution was implemented as aCOM object in a DLL-file that was running in-process with the browser. Theprogram used a locally stored XML file containing URLs, usernames andencrypted passwords to the providers.

Keywords: ID-method, internet, security, digitzing, bank Background: The digitizing of our society continues to grow and more parts of our lives is spent on the internet. The banks are one of the institutions that is at the forefront of this development since they established themselves on a early basis. The banks meeting points have since this establishment moved from the regular bank office out on the internet. A problem that has occurred during this transfer is the possibility to positive ID a customer in a virtual world. It is essential to offer the customer methods to identify themselves that are both safe and easy to use.

The use of information technology (IT) is exploding. Today, it is in our daily routines to use some kind of information technology. The increase of users increases the number of cyber crimes, ie, crimes that in some way involve IT. As the cyber crimes grow in numbers, the workload for technical investigator increases, these are called digital crime investigators. The thesis is about how police digital crime investigators work and what problems they may encounter during an investigation.

Detta examensarbete är en utvärdering av nätverkssäkerheten hos J BiL AB, både på social och teknisk nivå. Företaget är beroende av säkra Internet-anslutningar för att nå externa tjänster och interna servrar lokaliserade på olika geografiska platser. Företaget har ingen IT-ansvarig som aktivt underhåller och övervakar nätverket, utan konsulterar ett externt dataföretag. Syftet med examensarbetet är att utvärdera säkerheten, upptäcka brister, ge förbättringsförslag och till viss del implementera lösningar. För att undersöka säkerheten har observationer och intervjuer med personalen gjorts och ett flertal attacker mot nätverket har utförts.

Information Technology (IT) makes it possible to electronically distribute data between actorswho are in geographically diverse areas. Nowadays, information is sent less frequently throughtraditional correspondence in favor of faster electronic equivalents via the internet.Despite effective IT environmentand secure Encryption techniques choose some actors to sendinformation through physical delivery. This phenomenon occurs in those working withconfidential information as it is handled by a number of rules and safety regulations.Based on a set of rules and requirements, we have looked over the possibility of sending sensitiveinformation electronically over the internet. The aim was to find general guidelines for howcompanies and organizations should manage and send sensitive information over insecurenetworks. This led us to our research question: How can information be exchanged betweenactors in geographically diverse areas be categorized and encrypted so that it can be transportedover the internet without security or integrity deficiencies?To answer the question, there was a case study at a defense company.

This master thesis has been performed at Sectra Communications AB in Linköping where they manufacture electronic Encryption devices. In cryptology it is essential that an eavesdropper cannot find the plain text. To assure that a system is safe, all devices are thoroughly examined so that they don?t emit any secret information, so called Compromising Emanations (CE). This is done by comparing the secret signal with measured signals on the screen of an oscilloscope, a process that is very time consuming and furthermore, the risk of missing compromising emanations is high.

The number of wireless networks has increased rapidly among both home users and companies in just a few years. That has brought a lot of good things with it, for example the possibility to connect wireless equipment to the network or Internet from an arbitrary position within range of the accesspoint. But since the transmissions take place through the air some new security risks appear. It?s difficult to restrict the signals to a specific space and thereby a lot easier for unauthorized to eavesdrop or disturb the signals compared to a traditional wired network.