Computer Engineering / Bilgisayar Mühendisliği

Permanent URI for this collectionhttps://hdl.handle.net/11147/10

Browse

Filters

2015 - 201922020 - 20232

Settings

Author: search.filters.author.Tomur, EmrahWoS Q: search.filters.wosQuartile.N/A

Search Results

Now showing 1 - 4 of 4
  • Article
    Endüstriyel Nesnelerin İnterneti Uygulamaları için Fpga Destekli ve Bağlam Tabanlı Erişim Kontrol Güvenlik Sistemi
    (2023) Ercan, Ahmet Tuncay; Genç, Didem; Tomur, Emrah
    Endüstri 4.0 ile birlikte üretimin her alanında gittikçe artan bilgisayar destekli sistemlerin yarattığı farklı ve karmaşık ağ topolojileri, artan veri miktarı, firmaların güvenlik ihtiyaçlarını artırmaktadır. Bundan dolayı farklı endüstriyel sektörlerde kullanılan farklı cihaz ve veri kullanımı şirketler, kendi kritik akıllı üretim sistemlerine yönelik güvenilir bir risk yönetim sistemine ihtiyaç duymaktadır. İşletmeler bu yüzden sahip oldukları Endüstriyel Kontrol ve Bilişim Sistemlerini korumayı amaçlarlar. Bu çalışmada üretim alanında kullanılabilecek, endüstriyel cihazlar ve/veya bunlara bağlı sensörlerin erişim kontrolü bağlamında güvenlik ihtiyaçlarını karşılayacak ve kenar bilişim kapsamında çalışacak FPGA (Alanda Programlanabilir Kapı Dizileri) destekli bir güvenlik platformu tasarlanmış ve çalışma yöntemi açıklanmıştır. Akıllı üretim cihazlarının bulunduğu bir imalathane ortamında çalışan cihaz, sensor, akıllı kontrol kutusu ve ağ geçidi gibi bileşenler üzerinde bağlam-tabanlı bir erişim denetim sistemi kullanımı gösterilmiş ve örnek bir çoklu kimlik doğrulama yöntemi tasarlanmıştır.
  • Conference Object
    Citation - WoS: 2
    Citation - Scopus: 3
    Secure Iot Update Using Blockchain
    (IEEE, 2021) Kaptan, Melike; Tomur, Emrah; Ayav, Tolga; Erten, Yusuf Murat
    In this study a platform is devised to send automatic remote updates for embedded devices. In this scenario there are Original Equipment Manufacturers (OEMs), Software suppliers, blockchain nodes, Gateways and embedded devices. OEMs and software suppliers are there to keep their software on Inter Planetary File System (IPFS) and send the meta-data and hashes of their software to the blockchain nodes in order to keep this information distributed and ready to be requested and used. There are also gateways which are the members of the blockchain and the IPFS network. Gateways are responsible for asking for a specific update for specific devices from IPFS database using the meta-data kept on the blockchain, and they will send those hashed secure updates to the devices. In order to provide a traceable data keeping platform, gateway update operations are handled as transactions in a second blockchain network which is the clockchain of the gateways. The system was implemented as of the two separate blockchain networks and it has been shown that, despite the calculation overhead of the member devices, by separating the functions between the two blockchain networks a more reliable and secure platform can be achieved.
  • Conference Object
    Citation - WoS: 1
    Citation - Scopus: 3
    Context-Aware Operation-Based Access Control for Internet of Things Applications
    (Institute of Electrical and Electronics Engineers Inc., 2019) Genç, Didem; Tomur, Emrah; Erten, Yusuf Murat
    Recently, interest of both the academic and industrial world in Internet of Things (IoT) has been increasing and this trend requires development of new security approaches addressing potential weaknesses in this domain. Despite the presence of many studies directed towards security of IoT applications, they are mostly adoption of current methods to IoT scenarios. Yet, IoT applications are comprised of various kinds of different entities including computers, processes, people and services. Therefore, it is inadequate to detect malicious attempts by using conventional security methods, which apply fixed security policies and do not take interaction of things, that is context information, into account. In this study, by considering new security requirements of next generation IoT applications, we propose a fine-grained, dynamic and easily manageable access control model, which is called context-aware operation-based access control.
  • Conference Object
    Citation - WoS: 10
    Citation - Scopus: 16
    A Practical Nfc Relay Attack on Mobile Devices Using Card Emulation Mode
    (Institute of Electrical and Electronics Engineers Inc., 2015) Çavdar, Davut; Tomur, Emrah
    In this study, a practical card-emulated relay attack is implemented on Near Field Communication (NFC) equipped mobile devices. NFC is a promising communication technology which is also used in smart mobile devices. As an effective and flexible communication technology, NFC is frequently used in innovative solutions nowadays such as payments, access control etc. Because of the nature of these transactions, security is a critical issue that should be considered in system design and development phases. Although inherited from Radio Frequency Identification (RFID) technology, NFC security needs, requirements and solutions differ in terms of its usage areas and solutions. Based on these parameters, security precautions in communication layer of RFID technology do not prevent relay attacks occurred in the application layer NFC solutions. This study is conducted to prove relay attack practicability with using only mobile phones for relaying credentials instead of RFID based smart cards in an access control application. The Host Card Emulation (HCE) mode also eases relay attacks in NFC communication. The study explains the conceptual description of proposed relay attack, development and operating logic of mobile applications working based on card emulation mode and server software and also data communication basics between modules and web services descriptions.