• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 6540
  • 1926
  • 919
  • 814
  • 686
  • 370
  • 179
  • 161
  • 154
  • 105
  • 93
  • 81
  • 79
  • 76
  • 76
  • Tagged with
  • 14795
  • 2965
  • 2025
  • 1871
  • 1447
  • 1375
  • 1343
  • 1298
  • 1258
  • 1163
  • 1152
  • 1145
  • 1073
  • 1030
  • 947
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
561

A structured approach to network security protocol implementation

Tobler, Benjamin January 2005 (has links)
The implementation of network security protocols has not received the same level of attention in the literature as their analysis. Security protocol analysis has successfully used inference logics, like GNY and BAN, and attack analysis, employing state space examination techniques such as model checking and strand spaces, to verify security protocols. Tools, such as the multi-dimensional analysis environment SPEAR II, exist to help automate security protocol specification and verification, however actual implementation of the specification in executable code is a task still largely left to human programmers. Many vulnerabilities have been found in implementations of security protocols such as SSL, PPTP and RADIUS that are incorporated into widely used operating system software, web servers and other network aware applications. While some of these vulnerabilities may be a result of flawed or unclear specifications, many are the result of the failure of programmers to correctly interpret and implement them. The above indicates a gap between security protocol specifications and their concrete implementations, in that there are methodologies and tools that have been established for developing the former, but not the latter. This dissertation proposes an approach to bridging this gap, describes our implementation of that approach and attempts to evaluate its success. The approach is three-fold, providing different measures to improve current ad-hoc implementation approaches: 1. From Informal to Formal Specifications: If a security protocol has been specified using informal standard notation, it can be converted, using automatic translation, to a formal specification language with well defined semantics. The formal protocol specification can then be analysed using formal techniques, to verify that the desired security properties hold. The precise specification of the protocol behaviour further serves to facilitate the concrete implementation of the protocol in code.
562

Assessing the role of social security in alleviating poverty in Mzingazi community

Mthiyane, Dumisile Nokuphiwa, Ndlovu, N.B. January 2017 (has links)
A dissertation submitted in partial fulfillment of the requirements for the Degree of Master of Art Social Work in the Department of Social Work, Faculty of Art at the University of Zululand, 2017. / The study assessed the impact and role of the social security grants in alleviating poverty in Mzingazi community
563

Sécurité et protection de la vie privée dans les systèmes embarqués automobiles / Security and privacy in automotive on-board networks

Schweppe, Hendrik 08 November 2012 (has links)
L'équipement électronique de bord est maintenant devenue partie intégrante de l'architecture réseau des véhicules. Elle s’appuie sur l'interconnexion de microcontroleurs appelés ECUs par des bus divers. On commence maintenant à connecter ces ECUs au monde extérieur, comme le montrent les systèmes de navigation, de divertissement, ou de communication mobile embarqués, et les fonctionnalités Car2X. Des analyses récentes ont montré de graves vulnérabilités des ECUs et protocoles employés qui permettent à un attaquant de prendre le contrôle du véhicule. Comme les systèmes critiques du véhicule ne peuvent plus être complètement isolés, nous proposons une nouvelle approche pour sécuriser l'informatique embarquée combinant des mécanismes à différents niveaux de la pile protocolaire comme des environnements d'exécution. Nous décrivons nos protocoles sécurisés qui s'appuient sur une cryptographie efficace et intégrée au paradigme de communication dominant dans l'automobile et sur des modules de sécurité matériels fournissant un stockage sécurisé et un noyau de confiance. Nous décrivons aussi comment surveiller les flux d'information distribués dans le véhicule pour assurer une exécution conforme à la politique de sécurité des communications. L'instrumentation binaire du code, nécessaire pour l’industrialisation, est utilisée pour réaliser cette surveillance durant l’exécution (par data tainting) et entre ECUs (dans l’intergiciel). Nous évaluons la faisabilité de nos mécanismes pour sécuriser la communication sur le bus CAN aujourd'hui omniprésent dans les véhicules. Une preuve de concept montre aussi la faisabilité d'intégrer des mécanismes de sécurité dans des véhicules réels. / Electronic equipment has become an integral part of a vehicle's network architecture, which consists of multiple buses and microcontrollers called Electronic Control Units (ECUs). These ECUs recently also connect to the outside world. Navigation and entertainment system, consumer devices, and Car2X functions are examples for this. Recent security analyses have shown severe vulnerabilities of exposed ECUs and protocols, which may make it possible for attackers to gain control over a vehicle. Given that car safety-critical systems can no longer be fully isolated from such third party devices and infotainment services, we propose a new approach to securing vehicular on-board systems that combines mechanisms at different layers of the communication stack and of the execution platforms. We describe our secure communication protocols, which are designed to provide strong cryptographic assurances together with an efficient implementation fitting the prevalent vehicular communication paradigms. They rely on hardware security modules providing secure storage and acting as root of trust. A distributed data flow tracking based approach is employed for checking code execution against a security policy describing authorized communication patterns. Binary instrumentation is used to track data flows throughout execution (taint engine) and also between control units (middleware), thus making it applicable to industrial applications. We evaluate the feasibility of our mechanisms to secure communication on the CAN bus, which is ubiquitously implemented in cars today. A proof of concept demonstrator also shows the feasibility of integrating security features into real vehicles.
564

Blockchain-Based Security Framework for the Internet of Things and Home Networks

Diego Miguel Mendez Mena (10711719) 27 April 2021 (has links)
During recent years, attacks on Internet of Things (IoT) devices have grown significantly. Cyber criminals have been using compromised IoT machines to attack others, which include critical internet infrastructure systems. Latest attacks increase the urgency for the information security research community to develop new strategies and tools to safeguard vulnerable devices at any level. Millions of intelligent things are now part of home-based networks that are usually disregarded by solutions platforms, but not by malicious entities.<br>Therefore, the following document presents a comprehensive framework that aims to secure home-based networks, but also corporate and service provider ones. The proposed solution utilizes first-hand information from different actors from different levels to create a decentralized privacy-aware Cyber Threat Information (CTI) sharing network, capable of automate network responses by relying on the secure properties of the blockchain powered by the Ethereum algorithms.
565

A Virtual Hydroelectric Power System for Distributable Industrial Control System Security Research

Mudd, David Brian 15 August 2014 (has links)
Cyber security for industrial control systems (ICS) has been a rapidly growing area of interest and research for the last several years. The lack of an easily distributable platform on which ICS components can be built for use in security testing and result comparison among researchers presents a major issue. This thesis details the use of a virtual testbed environment to build a representative virtual hydroelectric power system (VHPS). The VHPS generates realistic Modbus/TCP network traffic between two separate ICS devices, a Master and a Slave, located on separate VMs. For security testing purposes, a method of session hijacking has been implemented as well as a Function Code Scan attack and a Setpoint Manipulation attack. The virtual environment, the VHPS, and the attacks have been packaged into an LXDE-based Fedora Spin VM for easy distribution.
566

Intangible security : choice of law rules for intangible secured financing under the Uniform commercial code

Bartleman, Laurent William. January 2005 (has links)
No description available.
567

Spaces and geographers of the "Smart Border" : technologies and discourses of Canada's post 911 borders

Gordon, Aaron Andrew. January 2006 (has links)
No description available.
568

Discovery and Evaluation of Finite State Machines in Hardware Security

Geist, James 01 January 2023 (has links) (PDF)
In the decades since the invention of the integrated circuit (IC), IC's have become ubiquitous, complex, and networked. High transistor density and the low cost of production at scale have made it economically feasible to use complex custom IC's in almost any engineering application. While IC's provide a powerful tool for solving many engineering problems, the low cost comes from outsourcing production and reusing existing design components. Both of these dependencies introduce security risk; unwanted functionality may be inserted either from opaque third party libraries used in a design or by any outside vendor involved in the fabrication process. As it is far easier to verify that specified functionality works as intended than to discover unwanted functionality, verifying that a design has not been tampered with is an important, difficult problem. In stateful designs, Finite State Machines (FSM's) choreograph the operation of the design. With knowledge of the primary inputs and the current state, an FSM instructs other subsystems what to do next. Given this central role, an FSM is an obvious target for malicious exploitation. A bad actor can add states to an FSM that may only be entered via a non-obvious sequence of inputs; these states may then leak information via a side channel, or corrupt operation of the device in a denial of service attack. Such exploitation can be avoided both proactively and reactively. This dissertation introduces methods for discovering, extracting, modifying, and analyzing FSM's in post-compilation netlists. Such netlists may be acquired either in house directly after a design is compiled, or recovered by microscopy techniques post-fabrication. This dissertation introduces several methods applicable to the problem. In order to study FSM's in a netlist, the FSM's must first be located. One method to find FSM's is to search for the control signals which drive it. A proposed algorithm for discovering control signals, RELIC-FUN, provides more accurate results than other algorithms on specific designs. Once an FSM is discovered, state transition enumeration is key to comparing the FSM's behavior to the original design. This dissertation introduces two new tools, RECUT and REFSM-SAT, which provide significantly better performance than existing enumeration algorithms. Noting that FSM's, both structurally and semantically, are graph theoretical constructs, a new graphical environment, NetViz, is introduced. NetViz is an environment for hardware security which allows chaining of analysis algorithms and graphical display of, and interaction with, analysis results. Finally, an existing logic locking algorithm, SANSCrypt, is shown to be insecure due to structural FSM analysis techniques.
569

A Semi-Autonomous Credit/Debit Card Transaction Fraud Defense Framework for Online Merchants

Laurens, Roy 01 January 2023 (has links) (PDF)
The majority of online credit/debit card fraud research focuses on the defense by back-end entities, such as card issuer or processor (i.e., payment processing company), and overlooks the fraud defense initiated by online merchants. This is problematic because the merchants – especially online merchants – are the ones generally held responsible for covering any loss due to transaction fraud. Thus they have a great incentive to detect and defend against card fraud. But at the same time, compared with card issuers, they also lack access to large samples needed for data mining (such as existing purchase data of a cardholder). This dissertation presents a novel semi-autonomous framework for online merchants to defend against such fraud by utilizing three interrelated components: a supervised classifier based on existing fraud pattern and our newly developed DNS fingerprinting, an unsupervised anomaly detection method using diversity index, and a novel soft descriptor based verification system. The classifier and the anomaly detection work together to allow our framework to detect known fraud patterns and adapt to the previously undetected patterns. Afterward, suspicious transactions can be autonomously verified by requesting the customer to provide a unique identifier that was previously embedded in the soft descriptor during the card transaction processing. This verification process greatly improves fraud detection accuracy without adding a burden on most legitimate customers. Our framework can be readily implemented and we have deployed several aspects of our framework at a real-world e-commerce Merchant website, with the real testing results explained in this dissertation.
570

Decentralization and Violence

Norat, Alexander 01 January 2022 (has links) (PDF)
How does the political environment that a group operates affect whether they engage in terrorism? My research is concerned with how political opportunities, which I conceptualize in terms of political decentralization, affect how groups engage with the state, and whether they will engage in terrorism. Previous research has indicated that decentralization can reduce violence but can pose stability problems in other countries. I hypothesize that states with higher levels of decentralization will have lower levels of violence. I believe this works by allowing minority groups more access to power. Because they have access to political power, there is less incentive to use violence to achieve their political goals. This project is tested with a large-N study of democratic countries. I also engaged in two case studies focused on Northern Ireland and Spain, looking at the IRA and ETA, respectively. These two case studies trace the effect of changing levels of centralization on the behavior of minority groups. This study finds that political opportunities often lead to less violence in the long-term. Decentralization is one way of achieving this. However, sometimes decentralization may not work because it could take away rights from minorities; while in other cases, even after decentralization begins to take place, it can take a while for changes to take hold. Both the Northern Ireland and Spanish cases show that it is not always so simple as just saying decentralization will take place, or that it has begun.

Page generated in 0.0508 seconds