Investigating stress in security guards on the University of Witwatersrand campus

Carter-Brown, Siobhan Anne.

27 October 2006

Faculty of Phychology School of Human and Community Development 0202399x siobhanob@telkom.sa.net / This report describes an investigation into the levels and symptoms of stress in a sample of security guards on the University of the Witwatersrand Campus. Stress is an integral facet of life that has deep reaching implications for an individual’s functioning in the world. Although the presence of stress can assist an individual in performing, stress can unbalance a person’s equilibrium and lead to physical, psychological and behavioural symptoms that burden them. Data from 11 security guards on the University of Witwatersrand campus was collected by means of a semi-structured interview and an orally administered, structured checklist (the SSCL). Results from both data sets are provided and discussed. The data collected from each method was compared to determine which is more appropriate for tapping into the construct of stress in this population.

Stress

Security

Guards

Security assemblages: enclaving, private security, and new materialism in suburban Johannesburg

Clarke, Paul T

27 July 2016

A research report submitted in partial satisfaction of the requirements of the degree Master of Arts in Anthropology March 2016 / This research report explores how private security is materially assembled in suburban Johannesburg. Based on ethnographic fieldwork within a private security company operating across the northern suburbs of Greater Johannesburg, it examines how the materiality of security is intimately intertwined with shaping the socio-spatial terrain of the city. Using a new materialist “assemblage” theory proposed by Jane Bennett, it contends although the materials of private security are designed to protect and exclude, they often work rather differently on the ground, resulting in strange new ways of seeing, moving, and relating in the city.

Private security services

Precarious work : a case study of security guards in Johannesburg.

Sefalafala, Thabang

29 June 2012

This study explores the nature of working conditions and lived experiences of private security guards in Johannesburg. It draws on the conceptions of precariousness developed by Standing (2011), Barchiesi (2011a) and Candeias (2004) to understand precariousness in post-apartheid South Africa. The study is based on a combined approach using 24 in-depth unstructured interviews with security guards and the Gauteng Decent Work Survey of over 1 200 security guards. An analysis of the findings is framed under the nine themes of decent work identified by the International Labour Organization (ILO). The findings indicate that the nine themes do not capture the meaning of being a security guard. This is illustrated by themes such as boredom, the uniform and public perceptions, and the crisis of recognition. Similar to Ally’s (2009:88) argument about domestic workers in post-apartheid South Africa, The study found that outsourced security guards can be regarded as amongst the most exploited, oppressed and vulnerable workers. They experienced work as a precarious activity characterised by tensions, uncertainty, and tremendous insecurity. The findings also illustrate Barchiesi’s (2011a) rejection of the centrality of employment as a way of guaranteeing social inclusion and a decent life. Security guards felt that their participation in the labour market was a main reason for their relative material deprivation and not a way out of poverty. The poor are not only those without work, but also those who earn wages. The findings confirm the radical position on the discourse of decent work whose proponents argue that jobs are utterly precarious and decent work under capitalism is not feasible. The simultaneous reality of insecure work, declining benefits and the escalating costs of social reproduction make the point that security guards in Johannesburg experience work and life as a process of ‘double precariousness’ (Candeias, 2004:1). However, Security guards cannot be regarded as ‘victimized subjects with compromised capacity’ (Ally, 2009:88). Precariousness does not encourage passivity, but has the potential to promote agency and innovative livelihood strategies. These strategies include: walking long distances, occupying deserted buildings to save money, and participating in community-based social protection schemes.

Security guards

Work

Pull the Rug from Under: Malicious Reconfiguration of Executing Program in FPGA and its Defense

Michael C. Glapa (5930636)

10 June 2019

The Field Programmable Gate Array (FPGA) has been used for decades in embedded applications where custom hardware is not practical or feasible. However, thanks to increases in size and compute capabilities, the FPGA has become more attractive as an option to supplement a general-purpose Central Processing Unit (CPU) for accelerating complex computations used for encryption, machine learning, and many other applications. Although FPGAs have already appeared in embedded Systems-on-Chip (SoC) and cloud environments, the reconfigurable nature of FPGAs creates security vulnerabilities not found in more traditional accelerators like Graphics Processing Units (GPU). In this paper, we describe a vulnerability in an Altera Cyclone V SoC and demonstrate an attack that exploits this vulnerability. We propose a hardware modification that would provide a defense against this attack, and we implement a Linux kernel module to demonstrate a proof-of-concept for this hardware solution.

Computer Engineering

Security

FPGA

Anomaly detection with applications in environmental and cyber security

Locke, Ronald Taylor

January 2012

Thesis (Ph.D.)--Boston University / PLEASE NOTE: Boston University Libraries did not receive an Authorization To Manage form for this thesis or dissertation. It is therefore not openly accessible, though it may be available by request. If you are the author or principal advisor of this work and would like to request open access for it, please contact us at open-help@bu.edu. Thank you. / Two approaches to detecting anomalous behavior within a sequence of random observations are presented. One approach is stochastic in nature, using large deviations techniques to form a Hoeffding decision test. Scenarios in which sequential observations can be considered independent and identically distributed (iid) or adhere to a first-order Markov chain are both considered. The Markovian case is explored further and asymptotic performance results are developed for using the generalized likelihood ratio test (GLRT) to identify a Markov source. After a presentation of binary and multi-class Support Vector Machines (SVM), a deterministic anomaly detection method based on the so-called one-class SVM is also presented. The presented methodologies are then applied to detection and localization of Chemical, Biological, Radiological, or Nuclear (CBRN) events in an urban area using a network of sensors. In contrast to earlier work, these approaches do not solve an inverse dispersion problem but rely on data obtained from a simulation of the CBRN dispersion to obtain descriptors of sensor measurements under a variety of CBRN release scenarios. To assess the problem of environmental monitoring, CBRN event-free conditions are assumed to be iid and a corresponding stochastic anomaly detector is relied on to detect a CBRN event. Conditional on such an event, subsequent sensor observations are assumed to follow a Markov process. Accordingly, the presented Markov source identification methodology is used to map sensor observations to a source location chosen out of a discrete set of possible locations. A multi-class SVM approach to CBRN localization is also developed, and the two techniques are compared using three-dimensional CBRN release simulations. Also addressed is the problem of optimally placing sensors to minimize the localization probability of error. The anomaly detection approaches are then applied to detection of data exfiltration-style attempts on a network server. Two one-class SVM approaches are presented. In both, data packet transmissions are captured and compiled into network flows. In a flow-by-flow network anomaly detector, features are extracted from individual flows and their novelty is tested. If a flows features differ too greatly from nominal flow features, as determined by the SVM, that flow is declared an anomaly. In a network-wide anomaly detector, the novelty of a time sequence of flows is tested. The stochastic anomaly detectors are applied to sequences of flows as well, under the contexts of subsequent network flows either being iid or following a Markov process. These techniques are evaluated on simulated network traffic. / 2031-01-01

Computer security

Cybersecurity

Model Counting Modulo Theories

Phan, Quoc-Sang

January 2015

This thesis is concerned with the quantitative assessment of security in software. More specifically, it tackles the problem of efficient computation of channel capacity, the maximum amount of confidential information leaked by software, measured in Shannon entropy or R²nyi's min-entropy. Most approaches to computing channel capacity are either efficient and return only (possibly very loose) upper bounds, or alternatively are inefficient but precise; few target realistic programs. In this thesis, we present a novel approach to the problem by reducing it to a model counting problem on first-order logic, which we name Model Counting Modulo Theories or #SMT for brevity. For quantitative security, our contribution is twofold. First, on the theoretical side we establish the connections between measuring confidentiality leaks and fundamental verification algorithms like Symbolic Execution, SMT solvers and DPLL. Second, exploiting these connections, we develop novel #SMT-based techniques to compute channel capacity, which achieve both accuracy and efficiency. These techniques are scalable to real-world programs, and illustrative case studies include C programs from Linux kernel, a Java program from a European project and anonymity protocols. For formal verification, our contribution is also twofold. First, we introduce and study a new research problem, namely #SMT, which has other potential applications beyond computing channel capacity, such as returning multiple-counterexamples for Bounded Model Checking or automated test generation. Second, we propose an alternative approach for Bounded Model Checking using classical Symbolic Execution, which can be parallelised to leverage modern multi-core and distributed architecture. For software engineering, our first contribution is to demonstrate the correspondence between the algorithm of Symbolic Execution and the DPLL(T ) algorithm used in state-of-the-art SMT solvers. This correspondence could be leveraged to improve Symbolic Execution for automated test generation. Finally, we show the relation between computing channel capacity and reliability analysis in software.

005.3

Computing ; Software ; Security

Computational verification of security requirements

Bibu, Gideon Dadik

January 2014

One of the reasons for persistence of information security challenges in organisations is that security is usually seen as a technical problem. Hence the emphasis on technical solutions in practice. However, security challenges can also arise from people and processes. We therefore approach the problem of security in organisations from a socio-technical perspective and reason that the design of security requirements for organisations has to include procedures that would allow for the design time analysis of the system behaviour with respect to security requirements. In this thesis we present a computational approach to the verification and validation of elicited security requirements. This complements the existing approaches of security requirements elicitation by providing a computational means for reasoning about security requirements at design time. Our methodology is centered on a deontic logic inspired institutional framework which provides a mechanism to monitor the permissions, empowerment, and obligations of actors and generates violations when a security breach occurs. We demonstrate the functionality of our approach by modelling a practical scenario from health care domain to explore how the institutional framework can be used to develop a model of a system of interacting actors using the action language InstAL. Through the application of the semantics of answer set programming (ASP), we demonstrate a way of carrying out verification of security requirements such that it is possible to predict the effect of certain actions and the causes of certain system states. To show that our approach works for a number of security requirements, we also use other scenarios to demonstrate the analysis of confidentiality and integrity requirements. From human factor point of view compliance determines the effectiveness of security requirements. We demonstrate that our approach can be used for management of security requirements compliance. By verifying compliance and predicting non-compliance and its consequences at design time, requirements can be redesigned in such a way that better compliance can be achieved.

658.4

Verification ; Security ; Requirements

µLeech: A Side-Channel Evaluation Platform for Next Generation Trusted Embedded Systems

Moukarzel, Michael A

10 September 2015

"We propose a new embedded trusted platform module for next generation power scavenging devices. Such power scavenging devices are already in the current market. For instance, the Square point-of-sale reader uses the microphone/speaker interface of a smartphone for both communications and to charge up the power supply. While such devices are already widely deployed in the market and used as trusted devices in security critical applications they have not been properly evaluated yet. Our trusted module is a dedicated microprocessor that can preform cryptographic operations and store cryptographic keys internally. This power scavenging trusted module will provide a secure cryptographic platform for any smartphone. The second iteration of our device will be a side-channel evaluation platform for power scavenging devices. This evaluation platform will focus on evaluating leakage characteristics, it will include all the features of our trusted module, i.e. complicated power handling including scavenging from the smartphone and communications through the microphone/speaker interface. Our design will also included the on-board ports to facilitate easy acquisition of high quality power signals for further side-channel analysis. Our evaluation platform will provide the ability for security researchers to analyze leakage in next generation mobile attached embedded devices and to develop and enroll countermeasures."

Performance

Design

Verification

Security

Noninterference in Concurrent Game Structures

Mardziel, Piotr

02 May 2007

Noninterference is a technique to formally capture the intuitive notion of information flow in the context of security. Information does not flow from one agent to another if the actions of the first have no impact on the future observations of the second. Various formulations of this notion have been proposed based on state machines and the removal of actions from action sequences. A new model known as the concurrent game structure [CGS] has recently been introduced for analysis multi-agent systems. We propose an alternate formulation of noninterference defined for systems modeled by CGS's and analyze the impact of the new approach on noninterference research based on existing definitions.

security

confidentiality

noninterference

Spontaneous anonymous group cryptography and its applications.

January 2004

Fung Kar-Yin. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2004. / Includes bibliographical references (leaves 72-81). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iii / Chapter 1 --- Introduction --- p.1 / Chapter 1.1 --- Development of Cryptography --- p.1 / Chapter 1.2 --- Group Cryptography --- p.3 / Chapter 1.3 --- Spontaneous Anonymous Group Signature --- p.4 / Chapter 1.4 --- Blind Signature --- p.5 / Chapter 1.5 --- Blind SAG Signature --- p.6 / Chapter 1.6 --- Organization of This Thesis --- p.6 / Chapter 2 --- Background Study --- p.7 / Chapter 2.1 --- Six Primitives in Cryptography --- p.7 / Chapter 2.1.1 --- Symmetric Encryption --- p.8 / Chapter 2.1.2 --- Asymmetric Encryption --- p.8 / Chapter 2.1.3 --- Digital Signature --- p.9 / Chapter 2.1.4 --- Hash Function --- p.9 / Chapter 2.1.5 --- Digital Certificate --- p.10 / Chapter 2.1.6 --- Proof of Knowledge --- p.10 / Chapter 2.2 --- Euler Totient Function --- p.11 / Chapter 2.3 --- One-Way Function --- p.12 / Chapter 2.3.1 --- One-Way Trapdoor Function --- p.13 / Chapter 2.3.2 --- Discrete Logarithm Problem --- p.13 / Chapter 2.3.3 --- RSA Problem --- p.14 / Chapter 2.3.4 --- Integer Factorization Problem --- p.15 / Chapter 2.3.5 --- Quadratic Residuosity Problem --- p.15 / Chapter 2.3.6 --- Schnorr's ROS assumption --- p.16 / Chapter 2.4 --- Bilinear Pairing --- p.16 / Chapter 2.4.1 --- Weil Pairing --- p.18 / Chapter 2.4.2 --- Tate Pairing --- p.18 / Chapter 2.5 --- Gap Diffie-Hellman Group --- p.19 / Chapter 2.5.1 --- GDH --- p.19 / Chapter 2.5.2 --- Co-GDH --- p.20 / Chapter 2.6 --- Random Oracle Model --- p.21 / Chapter 2.6.1 --- Random Permutation --- p.23 / Chapter 2.6.2 --- Lunchtime Attack --- p.23 / Chapter 2.6.3 --- Back Patch --- p.23 / Chapter 2.6.4 --- Rewind Simulation --- p.24 / Chapter 2.7 --- Generic Group Model --- p.24 / Chapter 3 --- Digital and Threshold Signatures --- p.26 / Chapter 3.1 --- Introduction --- p.26 / Chapter 3.2 --- Notion of Attacks and Security in Signature --- p.28 / Chapter 3.2.1 --- Types of Signatures --- p.29 / Chapter 3.3 --- Threshold Signature --- p.31 / Chapter 3.4 --- Properties in Threshold Signatures --- p.31 / Chapter 4 --- Blind Signature --- p.33 / Chapter 4.1 --- Introduction --- p.33 / Chapter 4.1.1 --- Security Requirements --- p.35 / Chapter 4.2 --- Transferred Proof of Knowledge --- p.36 / Chapter 4.3 --- RSA Based Schemes --- p.37 / Chapter 4.3.1 --- Chaum's RSA Scheme --- p.37 / Chapter 4.3.2 --- Abe's RSA Scheme --- p.38 / Chapter 4.4 --- Discrete Logarithm Based Schemes --- p.39 / Chapter 4.4.1 --- Schnorr Blind Signature --- p.39 / Chapter 4.4.2 --- Okamoto-Schnorr Blind Signature --- p.40 / Chapter 4.5 --- Bilinear Mapping Based Schemes --- p.40 / Chapter 5 --- Spontaneous Anonymous Group Signature --- p.42 / Chapter 5.1 --- Introduction --- p.42 / Chapter 5.2 --- Cramer-Damgard-Schoemaker (CDS) SAG Signature --- p.44 / Chapter 5.2.1 --- (1´ةn)-CDS type SAG Signature --- p.44 / Chapter 5.2.2 --- "(t, n)-CDS type SAG Signature" --- p.45 / Chapter 5.3 --- Ring-type SAG Signature Schemes --- p.46 / Chapter 5.3.1 --- Rivest-Shamir-Tauman --- p.46 / Chapter 5.3.2 --- Abe's 1-out-of-n Ring Signature --- p.49 / Chapter 5.4 --- Discussions --- p.51 / Chapter 6 --- Blind SAG Signature --- p.53 / Chapter 6.1 --- Introduction --- p.53 / Chapter 6.2 --- Security Definitions --- p.54 / Chapter 6.2.1 --- Security Model --- p.55 / Chapter 6.3 --- "(1,n)-Ring Structured Blind SAG Signature" --- p.57 / Chapter 6.3.1 --- Signing Protocol --- p.58 / Chapter 6.3.2 --- Verification Algorithm --- p.58 / Chapter 6.4 --- CDS-type Blind SAG Signature --- p.59 / Chapter 6.4.1 --- "(l,n)-CDS-type" --- p.59 / Chapter 6.5 --- "(t,n)-CDS-type" --- p.60 / Chapter 6.5.1 --- Signing Protocol --- p.61 / Chapter 6.5.2 --- Verification Algorithm --- p.61 / Chapter 6.6 --- Security Analysis --- p.62 / Chapter 6.7 --- Applications to Credential System --- p.67 / Chapter 7 --- Conclusion --- p.69 / A --- p.71 / Bibliography --- p.81

Cryptography

Computer security