Browsing by Author "Sommer, David"

Filter results by typing the first few letters
Now showing 1 - 2 of 2
  • Thumbnail Image
    ItemOpen Access
    Formal security analysis of the Shibboleth Web Single Sign On System using a comprehensive model of the web
    (2020) Sommer, David
    SAML is an open standard that enables information exchange regarding authorization and authentication. A prominent implementation of SAML is Shibboleth. Typically, Shibboleth is used for Web Single Sign On Systems (Web SSO), which enables users to authenticate at multiple services (Relying Parties) using a central identity service (Identity Provider). In this master thesis, a comprehensive formal security analysis for Shibboleth based on the "Web Infrastructure Model" (WIM) is presented. The Web Infrastructure Model is the most comprehensive formal model of the web up to today. The security of Shibboleth with regard to Authentication and Session Integrity is formally proven by using the WIM. During the analysis, some security flaws of Shibboleth were uncovered, which are described in this thesis. Furthermore, mitigations against these attacks are proposed and used for proving the security of Shibboleth. A novel security property, called Single Logout Consistency (SLO Consistency) is defined, which describes the security of the logout flow. This thesis shows that Shibboleth satisfies SLO Consistency as well.
  • Thumbnail Image
    ItemOpen Access
    Stable radial basis function interpolation for multi-physics simulation applications
    (2018) Sommer, David
    In multi-physics simulation applications there is a need for some kind of middleware between distinct simulations. The preCICE project ([4]) aims to provide such a software. One key component of this is to interpolate data from one mesh to another. There are several possibilities for doing this, however in this bachelor thesis I will primarily consider radial basis functions. These have several advantages like for instance being oblivious of topological information of the meshes, thus working on arbitrary point clouds, but also some drawbacks such as bad numerical stability. There is some parameter that can be tuned to trade interpolation accuracy against stability, but recent results showed that there is a way to get good numerical stability and good accuracy at the same time. This thesis will focus on this method for improving numerical stability, the RBF-QR method. An implementation is given in Python and C++ with the latter being able to be used in highly parallel applications.