DOCSLIB.ORG

Domain Name Service Trust Delegation in Cloud Computing: Exploitation, Risks, and Defense

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Domain Name Service Trust Delegation in Cloud Computing: Exploitation, Risks, and Defense Domain Name Service Trust Delegation in Cloud Computing: Exploitation, Risks, and Defense by Craig Laprade B.S. in Computer Science, May 2010, Worcester Polytechnic Institute A Thesis submitted to The Faculty of The School of Engineering and Applied Science of The George Washington University in partial satisfaction of the requirements for the degree of Master of Science January 8, 2021 Thesis directed by H. Howie Huang Professor of Electrical and Computer Engineering © Copyright 2021 by Craig Laprade All rights reserved ii Acknowledgments I would like to acknowledge my wife, Andrea, who supported my research while pursuing lofty academic goals of her own and who tolerated my often lengthy lamentations about the state of internet security. I would also like to acknowledge Dr. H. Howie Huang who provided support and guidance that made this research possible. Lastly, I would like to acknowledge the security community, both personal acquaintances and others, who’s pointed, timely, and often irreverent reports of vulnerabilities help secure the modern internet. iii Abstract Domain Name Service Trust Delegation in Cloud Computing: Exploitation, Risks, and Defense The Domain Name Service (DNS) infrastructure is a global distributed database that links human readable domain names with the Internet Protocol (IP) addresses of the resources that power the internet. With the explosion of cloud computing over the past decade, increasing proportions of organizations’ computing services have moved from on-premise solutions to cloud providers. These services range from complete DNS management to singular services such as E-mail or a payroll application. Each of these outsourced services requires a trust delegation, that is, the owning organization needs to advertise to the world, often by DNS records, that another organization can act authoritatively on its behalf. What occurs when these trust delegations are misused? In this work, I explore the methods that can be used to exploit DNS trust delegation and then examine the top 1% of the most popular domains in the world for the presence of these exploitable vulnerabilities. Finally, I conclude with methods of defense against such attacks and the publishing of a novel tool to detect these vulnerabilities. iv Table of Contents Acknowledgments .................................. iii Abstract ........................................ iv List of Figures .................................... vii List of Tables ..................................... viii 1 Introduction .................................... 1 1.1 Trust in Cloud Architectures . .2 1.2 Trust Delegation & Exploitation . .2 1.3 Experiment Overview . .3 2 Literature Review ................................. 5 2.1 Academic Writings . .5 2.2 Reports from Industry . .8 2.3 Datasets . 10 2.3.1 Rapid7 OpenData . 11 2.3.2 SecurityTrails . 11 2.3.3 Majestic Million . 11 3 Trust Delegation ................................. 13 3.1 DNS Overview . 13 3.2 Trust Delegation . 15 3.3 Vulnerability Classification . 17 4 Exploitation .................................... 19 4.1 Types of Exploitation . 19 4.1.1 Canonical Name Record (CNAME) . 19 4.1.2 Name Server Record (NS) . 20 4.1.3 Mail Record (MX) . 22 4.1.4 Cloud Service . 23 4.2 Impacts of Exploitation . 25 4.2.1 Phishing . 25 4.2.2 Cross-Origin Resource Sharing (CORS) . 27 4.2.3 Cookie Based Single Sign On (SSO) . 28 4.2.4 Encryption . 29 4.2.5 Disinformation . 30 5 Methodology ................................... 32 5.1 Process Overview . 32 5.1.1 Algorithm . 35 5.2 Systems Overview . 36 v 5.2.1 Obstacles . 36 5.3 Execution . 37 5.3.1 Exceptions . 39 6 Results ....................................... 40 6.1 Overview . 40 6.2 Trends . 42 6.2.1 Education Domains . 42 6.2.2 News and Media . 44 6.2.3 Pantheon: The Emerging Attack Surface . 45 6.2.4 Microsoft Azure . 45 6.2.5 Artifacts of Development . 47 6.3 High Severity Findings . 47 6.3.1 alert.tsa.dhs.gov . 48 6.3.2 vaccinesuat.cdc.gov . 49 6.3.3 <subdomain>.<political party>.<tld> . 49 7 Defense ...................................... 52 7.1 Overview . 52 7.2 Existing Solutions . 52 7.2.1 DNSSEC . 52 7.2.2 NSEC . 53 7.2.3 Specific Value Record Verification . 56 7.2.4 Domain Attack Surface Monitoring . 56 7.3 Proposed Solutions . 57 7.3.1 Apex Domain Verification . 57 7.3.2 Assessment via TrustBreaker . 58 8 Conclusion ..................................... 60 8.1 Summary . 60 8.2 Emerging Attack Surface . 60 8.3 Future Work . 60 8.4 Conclusion . 62 Bibliography ..................................... 63 vi List of Figures 2.1 Patrik Hudák’s Results (CNAME Vulnerability in OpenData)[14] . .8 2.2 Hackerone Public Subdomain Takeover Reports[26] . 10 3.1 DNS Hierarchy . 14 3.2 DNS Lookup Process . 14 3.3 DNS Delegation Process . 16 4.1 CNAME Takeover . 20 4.2 NS Takeover . 21 4.3 MX Takeover . 23 4.4 Cloud Asset Takeover . 24 4.5 Common Phishing . 26 4.6 CORS Attack . 28 4.7 Cookie-based SSO Session Hijack . 29 4.8 Let’s Encrypt Certificate Granting Process . 30 5.1 Process Flow . 34 5.2 Redirector Architecture . 38 6.1 Severity Distribution . 41 6.2 Site TLD Breakdown . 41 6.3 Representation of TLDs . 42 6.4 Percent Vulnerable by TLD . 43 6.5 Site Category Distribution . 44 6.6 Vulnerability Type Distribution . 46 6.7 US Political Party Webpage on July 14, 2020 . 51 7.1 eda.doc.gov Effective DNSSEC Usage . 55 vii List of Tables 1.1 Top 10 Majestic Million Domains . .4 3.1 DNS record Types . 15 3.2 Vulnerability Classification . 18 7.1 DNSSEC Record Types . 54 viii Chapter 1: Introduction What is in a name? For most of us, the value of our name is based on the merit of our past deeds. For commercial entities, the value of their name and that of their brands are based on the quality of their products, which is linked to their financial survival. For Non-Governmental Organizations (NGOs), the value of their name, through past deeds, is linked to sustaining donations and grants. What about civil authorities? If their name was maligned would they be as effective as if it was not? Now imagine that any third party can conduct actions on behalf of any number of organizations with irreverence. This is a reality in today’s internet enabled by an overcomplicated web of trust exacerbated by the rapid adoption of cloud computing. Attackers can identify broken trust relationships between organizations, often the result of the ever increasing cyclic rate of DevOps, and assume the privileges of one of these organizations[14]. They then possess the ability to act authoritatively on behalf of that organization. This can be used for actions ranging from phishing, security policy bypass, to even brutally effective disinformation campaigns that can have real-world kinetic consequences. In this work I examine trust relationships in the modern internet through the Domain Name System (DNS). I start in Chapter 2 by reviewing the previously published literature, both within the research community as well as from industry. In Chapter 3 I conduct an overview of how these DNS trust relationships are formed, the trust delegation that is conducted via DNS, and intended state of these relationships. Then in Chapter 4, I examine the process for discovering and exploiting these broken trust relationships. From there, I examine how the breaking of this trust, through negligence or malice, can lead to devastating actions by arbitrary and malicious third parties. This work culminates in Chapter 6 with an examination of the top 1% most popular domains globally for trust vulnerabilities and proposed defense strategies against malicious exploitation in Chapter 7. 1 1.1 Trust in Cloud Architectures Trust is the paramount principle that makes cloud computation possible. Organizations, both private and public, trust their sensitive data and mission critical tasks to be executed by cloud service providers at countless data-centers around the world. The complexity of these systems is often lost on the layperson interacting with these very services. For example, how often does a user know that their mobile banking application is actually hosted in the Amazon Web Services (AWS) cloud or that a social media referral system is really a Heroku application? These services are indistinguishable by design from the organizations’ own integral services, just as the myriad of parts made by subcontractors in modern cars are largely indistinguishable from the car brand to the driver. The user of the mobile banking application and the driver of a car are both often none the wiser to.
Load more

Recommended publications
  • Free Ssl Certificate Auto Renew
    Free Ssl Certificate Auto Renew someIs Lawerence Changchun multistorey and junkets or aggravating his shoplifter when so maulswhilom! some Is Andres idealizers untrusty urged when eastwards? Brewster Worth disports Emmit clinically? stagnated Where you may experience technologies for auto renewal validation to free ssl certificate auto renew it! At those, it seems that my certificates were properly installed. Watch for headings inside the exchange server to renew and affordable and grab the popular certificate. Do not available free ssl is not personal blog or you mentioned about website security https appears on that the auto renew free ssl certificate. Dns zone and auto renew ssl manually stop following error that with free ssl certificate auto renew it is it. More info about bringing your users report frustration with auto renew free ssl certificate is way is hella easy credentials ini file with auto renew and you will vary in. Why Do I measure an SSL Certificate Renewal? Just stimulate the help with. Encrypt terms and free ssl certificate auto renew free icons and auto? In the details for everyone, all that is complete automation schedule it may be getting renewed before asking the search engine ranking factors into the address. Or foliage could call us. Content to auto renew free ssl certificate again to auto renew free to do this if pat teacher sets of the bank and certificate? Hi Robert, Can accept tell for your bishop, I did trying just not work. To wheat the Let's Encrypt SSL certificate we need to robe the let's encrypt client software.
    [Show full text]
  • Quarterly Enterprise Software Market Review 1Q 2019
    Quarterly Enterprise Software Market Review 1Q 2019 Boston San Francisco 200 Clarendon Street, Floor 45 601 Montgomery Street, Suite 2010 Boston, MA 02116 San Francisco, CA 94111 Peter M. Falvey Michael H.M. Shea Christopher J. Pingpank Michael S. Barker Managing Director Managing Director Managing Director Managing Director 617.896.2251 617.896.2255 617.896.2218 415.762.8101 [email protected] [email protected] [email protected] [email protected] Jeffrey G. Cook Brad E. McCarthy Misha Cvetkovic Principal Principal Vice President 617.896.2252 617.896.2245 415.762.8104 [email protected] [email protected] [email protected] www.shea-co.com Member FINRA & SIPC Copyright ©2019 Shea & Company Overview People ▪ Industry Expertise ▪ Process Excellence 1 2 24 15+ >70 Firm focused exclusively Offices in Boston and San Professionals focused on Years of experience Transactions completed on enterprise software Francisco the software industry amongst our senior representing billions of bankers dollars in value Mergers & Acquisitions Private Placements & Capital Raising Corporate Strategy ■ Sell-side and buy-side M&A advisory ■ Late-stage venture, growth equity and buyouts ■ Corporate development advisory ■ Divestitures ■ Recapitalizations ■ Balance sheet and capital structure review ■ Restructuring ■ IPO advisory ■ Fairness opinions has received an investment from has received an investment from Superior Outcomes has been acquired by has acquired Shea & Company has advised on important transactions representing billions of dollars in
    [Show full text]
  • Guide to the Open Cloud Open Cloud Projects Profiled
    Guide to the Open Cloud Open cloud projects profiled A Linux Foundation publication January 2015 www.linuxfoundation.org Introduction The open source cloud computing landscape has changed significantly since we published our first cloud guide in October 2013. This revised version adds new projects See also the rise of Linux container and technology categories that have since technology with the advent of Docker gained importance, and in some cases and its emerging ecosystem. You will be radically change how companies approach hard pressed to find an enterprise Linux building and deploying an open source distribution that isn’t yet working on Docker cloud architecture. integration and touting its new container strategy. Even VMware vSphere, Google In 2013, many cloud projects were still Cloud Platform, and Microsoft Azure are working out their core enterprise features rushing to adapt their cloud platforms to the and furiously building in functionality. And open source Docker project. enterprises were still very much in the early stages of planning and testing their public, This rapid pace of innovation and resulting private or hybrid clouds–and largely at the disruption of existing platforms and vendors orchestration layer. can now serve as a solid case study for the role of open source software and Now, not only have cloud projects collaboration in advancing the cloud. consistently (and sometimes dramatically) grown their user and developer Other components of the cloud infrastructure communities, lines of code and commits have also followed suit, hoping to harness over the past year, their software is the power of collaboration. The Linux increasingly enterprise-ready.
    [Show full text]
  • Global Artificial Intelligence Industry Whitepaper
    Global artificial intelligence industry whitepaper Global artificial intelligence industry whitepaper | 4. AI reshapes every industry 1. New trends of AI innovation and integration 5 1.1 AI is growing fully commercialized 5 1.2 AI has entered an era of machine learning 6 1.3 Market investment returns to reason 9 1.4 Cities become the main battleground for AI innovation, integration and application 14 1.5 AI supporting technologies are advancing 24 1.6 Growing support from top-level policies 26 1.7 Over USD 6 trillion global AI market 33 1.8 Large number of AI companies located in the Beijing-Tianjin-Hebei Region, Yangtze River Delta and Pearl River Delta 35 2. Development of AI technologies 45 2.1 Increasingly sophisticated AI technologies 45 2.2 Steady progress of open AI platform establishment 47 2.3 Human vs. machine 51 3. China’s position in global AI sector 60 3.1 China has larger volumes of data and more diversified environment for using data 61 3.2 China is in the highest demand on chip in the world yet relying heavily on imported high-end chips 62 3.3 Chinese robot companies are growing fast with greater efforts in developing key parts and technologies domestically 63 3.4 The U.S. has solid strengths in AI’s underlying technology while China is better in speech recognition technology 63 3.5 China is catching up in application 64 02 Global artificial intelligence industry whitepaper | 4. AI reshapes every industry 4. AI reshapes every industry 68 4.1 Financial industry: AI enhances the business efficiency of financial businesses
    [Show full text]
  • A Community of Users on Secure, Safe and Resilient Societies
    A Community of Users on Secure, Safe and Resilient Societies (CoU) Mapping Horizon H2020 and EU-Funded Capacity-Building Projects under 2016-2018 Programmes - October 2019 3 A Community of Users on Secure, Safe and Resilient Societies Mapping Horizon 2020 and EU-funded Capacity-Building Projects under 2016-2018 Programmes October 2019 Community of Users (CoU) VI Mapping - Inners.indd 3 30/10/2019 13:37:24 A Community of Users on Secure, Safe and Resilient Societies (CoU) 4 Mapping Horizon 2020 and EU-funded Capacity-Building Projects under 2016-2018 Programmes - October 2019 Contents 1. EXECUTIVE SUMMARY ..................................................................8 2. OVERVIEW OF TASKS AND OBJECTIVES ...................................................9 2.1 Background .............................................................................9 2.2 Objectives ..............................................................................9 2.3 Logistics ...............................................................................10 2.4 Knowledge transfer .....................................................................10 2.5 Who are the users? ......................................................................12 3. POLICY BACKGROUND .................................................................13 3.1 General framework .....................................................................13 3.2 EU Civil Protection Mechanism and related international policies .............................14 3.3 Critical Infrastructure Protection
    [Show full text]
  • Cloudspectator.Com 02
    HOSTING MARKET ANALYSIS WORLDWIDE MANAGED VS UNMANAGED WORDPRESS HOSTING www.cloudspectator.com HOSTING MARKET ANALYSIS 1.0 INTRODUCTION www.cloudspectator.com You’ve got a serious 02 online business to run? First impressions are everything. what’s the difference? Simply Regardless of whether you’re a said, managed hosting offloads a startup, small business owner, variety of technical tasks to the freelance developer, sys admin, service provider so business agency or full-blown enterprise owners can focus on the things it’s critical that your online that really matter, which is presence resonates with your growing the business and customers, so they remain increasing profits and margins. engaged with your business. However, finding a hosting plan Building and maintaining a that best meets the needs of your professional website alone is no business is not always easy. easy task and the underlying Search engine results provide a infrastructure that powers the wide range of managed and website adds even more unmanaged options and the complexity. Many website owners overwhelming amount of choices simply do neither have the time can be dizzying. nor interest in managing and securing infrastructure. This hosting market analysis is focusing on websites powered by Hosting providers have started to WordPress and is meant to address this problem by offering provide guidance how owners various types of managed hosting and decision makers can find the services, in addition to existing perfect hosting plan for their unmanaged hosting plans. But businesses. 1.0 INTRODUCTION WORLDWIDE WORLDWIDE WordPress Catering for all sorts of industries, WordPress is the most popular content management system (CMS) 33% in the world and has become a powered by major part of the internet since its WordPress.
    [Show full text]
  • Recommendations of the ITLC Enterprise Cloud Strategy Committee
    Recommendations of the ITLC Enterprise Cloud Strategy Committee December 2017 Committee Membership Chair Douglas McCrea New Brunswick Chancellor’s Office Executive Sponsor William Lansbury Office of Information Technology Project Manager Albert Vasquez Office of Information Technology Active Members Mary Ann Chianelli Galen Collier Office of Information Technology Office of Advanced Research Computing Kevin Dowlin Andrew Page Newark Provost’s Office Office of Information Technology Tina Pappas/Jon Oliver Tibor Purger School of Communication and Information Rutgers University Libraries Bruce Rights Arnaldo Rodriguez Office of Information Technology New Jersey Medical School Leon Silver Rutgers University Foundation 1 Forward from Committee Chair The technology world bombards consumers, technologists, and organizational leadership alike with a never-ending stream of all things “cloud.” A procession of vendors race to produce cloud-based solutions and offer enticing rates to migrate to the cloud. It is hard not to feel far behind in the ever-escalating and hype-driven world of technology related to the cloud; a world that offers scalability, agility, and is seemingly far more cost-effective than traditional technology. Faced with large capital investments looming in the future, some institutions have even adopted large-scale all-in migrations to the cloud termed “lift and shift” in order to take advantage of these new technologies. While attending conferences, many of us have listened to speakers tout their embrace of the cloud and how it revolutionized their processes. Armed with this knowledge and feeling far behind, the committee set out to build a strategy to tackle the ostensibly lowest hanging fruit: Capital expenditures in the form of Infrastructure as a Service (IaaS).
    [Show full text]
  • The List of 1000 Slack Communities
    1 The List of 1000 Slack Communities Slack keeps growing like crazy with new ways of using the app besides team communications. We at Standuply did some research about that and composed a list of 1000 Slack communities. It’s fascinating to see the rise of Slack communities. Here are our findings: ● in 9 months the number of Slack communities grew by 2.5 times; ● the total number of their members is more than 1.000.000 people; ● Bootstrap chat grew from 3500 to 15000 members in less than a year. Standuply.com - automated daily standup meetings in Slack 2 Table of contents 1. IT-Talks 2. Product Talks 3. Programming Talks 4. Hardware Talks 5. Finance and Marketing Talks 6. Local Talks 7. Miscellaneous This list is brought to you by Standuply.com —The Slack bot for remote Agile teams that automatically runs stand up and retrospective meetings in Slack. 1. IT-Talks Big Data ● Watson Developer Community (WВC) (2908): IBM Watson developers ● Data Discourse (1528): Talks about Big Data ● DeveloperWorks Open (dW Open) (754): IBM developers within educational portal ● Dataparis (323): Place for geeks of Big Data ● R-Team for Data Analysis (130): Global chat for learning and exploring the R data analysis tool ● Data Quest (n/a): Slack chat where data scientists from all over the world connect Bots ● Bot Developer Hangout (5000): Community of developers for Slack on Slack ● Botmakers (3307): Bot fans who make and share online bots for Twitter, Slack, and other networks ● Motion AI (1864): Chatbots community around Motion.ai ● Mycroft AI (899): Open
    [Show full text]
  • Phase II – Summary Report
    CMS Assessment – Phase II – Summary Report List of Appendices Appendix A: Acquia-Wisc-Multi-Proposal Appendix B: Acquia-Wisc-Pricing Appendix C: ADI-IA-UserInterfaceDevelopment-Estimate Appendix D: Blackmesh Quote 1604-000945 Appendix E: Followup COOP Information Datacenter Tiers Appendix F: Pantheon Presentation – U. Wisc Feb3 Appendix G: Site Information Collected from Network Flows Appendix H: WiscWeb CMS Service Description Appendix I: Requirements Per Tiers Appendix J: WiscWebDirective_9Sep2015 Appendix K: ProposalItemizedTables Appendix L: Harvard University CMS Homepage Appendix M: University of Iowa CMS Homepage Appendix N: Stanford University CMS Hompage Appendix O: Library of Things Proposal Status Appendix P: WordPress Consortium Proposal 6/21/2016 Appendix A: Acquia-Wisc-Multi-Proposal Acquia Proposal Enterprise Cloud Platform Thad Martin, Director – Higher Education, West Acquia in Higher Education § Acquia is the enterprise company behind Drupal, founded by its original creator with over 750 employees and customers like Tesla, Whole Foods, Pfizer, Motorola and the Weather Channel. § Higher Education is our largest vertical by number of customers. Over 550 higher education clients – including institutions like UCLA, California State, Arizona Iowa, and Kent State § Dedicated team started in 2013 and broadened in 2014 to work strategically with institutions. § Acquia’s oldest and a key strategic vertical (Bentley was our first customer in 2007) § Many of Acquia’s team have deep backgrounds in higher education. Support & Technology for the University’s most visible sites § Platform as a Service – focusing developer efforts Main .EDU sites on Acquia Cloud with included functionality and tools § Univ of Minnesota (http://umn.edu) § 24/7 Critical response for ANY issue – both with the § CalState – Long Beach (http://csulb.edu) - Also Drupal Application or the Acquia Platform itself Northridge, LA, Stanislaus and San Francisco State.
    [Show full text]
  • 8 Amazing Drupal Launches
    8 AMAZING DRUPAL LAUNCHES STORIES FROM TOP DRUPAL AGENCIES & DEVELOPERS getpantheon.com LAUNCHING WEBSITES IS DECEPTIVELY COMPLEX. Perhaps that’s why 60% of projects launch late. Sure, scope creep and last-minute feature requests share some of the blame. But let’s be honest: building and launching websites is hard, and the status quo for tools to do it isn’t nearly good enough. Beyond trying to meet feature requirements for the site itself, companies are left holding the bag when it comes to workflow, developer collaboration, and of course getting the final product online in a secure and scalable way. This creates stress and confusion, diverts resources, and all too frequently leads to blown deadlines and project delays. This clearly isn’t the future. What if launching Drupal sites could be less labor, and more love? That’s why I teamed up with top Drupal thought leaders in website infrastructure and built Pantheon. Our customers say Pantheon completes Drupal. It’s the fastest, most efficient way to build, launch, and manage Drupal sites. Not only do sites built & launched on Pantheon finish on time-but they’re beating the clock. In this book, a few top agencies and developers share their launch success stories. — Zack Rosen, CEO and Co-Founder of Pantheon 2 8 Amazing Drupal Launches getpantheon.com 8 AMAZING DRUPAL LAUNCHES: 1. OPEN ME Design & build a mission-critical website in 2 months, start to finish. 2. ARIZONA STATE UNIVERSITY 2,000+ sites, all hosted and supported by ASU 3. FORUM OF REGIONAL ASSOCIATIONS OF GRANTMAKERS Launched 17 websites on a single distribution—without using Multisite.
    [Show full text]
  • Beginners Guide to Wordpress – Mark Zinzow
    A Beginner's Guide to WordPress (and Website/CMS/Hosting Planning Considerations) APCUG Noon CST 5/4/19 Mark S. Zinzow Slideshare.net/msz Topics 1. Content Management Systems 2. Why Choose WordPress, or Not? 3. Free or Cheap Web Hosting and Domain registration, & Software Expenses 4. WordPress Jargon 5. How to Create a WordPress site 6. WordPress Plugins 7. WordPress Help, Tutorials, Documentation, etc. 8. General Data Protection Regulation - GDPR Content Management Systems (CMS) “A CMS is a software tool that allows you to create, edit, and publish content. While early CMS software was used to manage documents and local computer files, most CMS systems are now designed exclusively to manage content on the Web.” https://techterms.com/definition/cms Tiki is a CMS/Groupware which offers a large number of features "out-of-the- box" arguably more than any other Open Source Web Application. It can be overwhelming, even to an experienced Drupal is an open-source user or administrator. Tiki has all the Open Real Estate is free platform and content classic CMS and portal features of other Joomla is an award- management system for applications, but also includes features software for building building dynamic web sites not available anywhere else. Tiki is highly websites of real estate winning content offering a broad range of configurable and modular; all features are agencies and realtors. It is management system features and services including optional and can be administered through user administration, publishing Tiki's browser-based interface. based on Yii CMF - one of (CMS), which enables you to build Web sites workflow, discussion the fast working modern capabilities, news aggregation, https://sitemagic.org/ and powerful online metadata functionalities using https://typo3.org/ frameworks.
    [Show full text]
  • Phd Thesis Prince Singh
    An Integration Platform for Synchromodal Transport Prince Mayurank Singh AN INTEGRATION PLATFORM FOR SYNCHROMODAL TRANSPORT Prince Mayurank Singh AN INTEGRATION PLATFORM FOR SYNCHROMODAL TRANSPORT PROEFSCHRIFT ter verkrijging van de graad van doctor aan de Universiteit Twente, op gezag van de rector magnificus, prof. dr. T. T. M. Palstra, volgens besluit van het College voor Promoties in het openbaar te verdedigen op woensdag 18 September 2019 om 12:45 uur door Prince Mayurank Singh geboren op 20 November 1987 te Prayagraj, India Dit proefschrift is goedgekeurd door: promotor prof. dr. ir. R. J. Wieringa copromotor dr. M. J. van Sinderen DSI Ph.D. Thesis Series No. 19-014 Digital Society Institute. P.O. Box 217, 7500 AE, Enschede, The Netherlands SIKS Dissertation Series No. 2019-26. The research reported in this thesis has been carried out under the auspices of SIKS, the Dutch Research School for In- formation and Knowledge Systems. The research reported in this thesis has been partially funded by the Dutch Institute for Advanced Logistics (DI- NALOG), under the project Synchro- modalIT. Printed by: Ipskamp Printing, Enschede, (NL). ISBN: 978-90-365-4821-2 ISSN: 2589-7721 DOI: 10.3990/1.9789036548212 https://doi.org/10.3990/1.9789036548212 ©2019 Prince Mayurank Singh, The Netherlands. All rights reserved. No parts of this thesis may be reproduced, stored in a retrieval system or transmitted in any form or by any means without permission of the author. Alle rechten voorbehouden. Niets uit deze uitgave mag worden vermenigvuldigd, in enige vorm of op enige wijze, zonder voorafgaande schriftelijke toestemming van de auteur.
    [Show full text]