Global ETD Search

671	Practical data integrity protection in network-coded cloud storage. January 2012 (has links) 近年雲存儲發展迅速，它具彈性的收費模式還有使用上的便利性吸引了不少用家把它當作一個備份的平台，如何保障雲端上資料的完整性也就成了一項重要的課題。我們試著探討如何能有效地在客戶端檢查雲端上資料的完整性，並且在探測到雲存儲節點故障以後如何有效地進行修復。抹除碼(Erasure codes)透過產生冗餘，令編碼過後的資料能允許一定程度的缺片。雲端使用者可以利用抹除碼把檔案分散到不同的雲節點，即使其中一些節點壞了用戶還是能透過解碼餘下的資料來得出原檔。我們的研究是基於一種叫再造編碼(Regenerating code)的新興抹除碼。再造編碼借用了網絡編碼(Network coding)的概念，使得在修復錯誤節點的時候並不需要把完整的原檔先重構一遍，相比起一些傳統的抹除碼（如里德所羅門碼Reed-Solomoncode）能減少修復節點時需要下載的資料量。其中我們在FMSR這門再造編碼上實現了一個能有效檢測錯誤的系統FMSR-DIP。FMSR-DIP的好處是在檢測的時候只需要下載一小部份的資料，而且不要求節點有任何的編碼能力，可以直接對應現今的雲存儲。為了驗證我們系統的實用性，我們在雲存儲的測試平台上運行了一系列的測試。 / To protect outsourced data in cloud storage against corruptions, enabling integrity protection, fault tolerance, and efficient recovery for cloud storage becomes critical. To enable fault tolerance from a client-side perspective, users can encode their data with an erasure code and stripe the encoded data across different cloud storage nodes. We base our work on regenerating codes, a recently proposed type of erasure code that borrows the concept of network coding and requires less repair traffic than traditional erasure codes during failure recovery. We study the problem of remotely checking the integrity of regenerating-coded data against corruptions under a real-life cloud storage setting. Specifically, we design a practical data integrity protection (DIP) scheme for a specific regenerating code, while preserving the intrinsic properties of fault tolerance and repair traffic saving. Our DIP scheme is designed under the Byzantine adversarial model, and enables a client to feasibly verify the integrity of random subsets of outsourced data against general or malicious corruptions. It works under the simple assumption of thin-cloud storage and allows different parameters to be fine-tuned for the performance-security trade-off. We implement and evaluate the overhead of our DIP scheme in a cloud storage testbed under different parameter choices. We demonstrate that remote integrity checking can be feasibly integrated into regenerating codes in practical deployment. / Detailed summary in vernacular field only. / Chen, Chuk Hin Henry. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2012. / Includes bibliographical references (leaves 38-41). / Abstracts also in Chinese. / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Preliminaries --- p.4 / Chapter 2.1 --- FMSR Implementation --- p.4 / Chapter 2.2 --- Threat Model --- p.6 / Chapter 2.3 --- Cryptographic Primitives --- p.7 / Chapter 3 --- Design --- p.8 / Chapter 3.1 --- Design Goals --- p.8 / Chapter 3.2 --- Notation --- p.9 / Chapter 3.3 --- Overview of FMSR-DIP --- p.11 / Chapter 3.4 --- Basic Operations --- p.11 / Chapter 3.4.1 --- Upload operation --- p.11 / Chapter 3.4.2 --- Check operation --- p.13 / Chapter 3.4.3 --- Download operation --- p.15 / Chapter 3.4.4 --- Repair operation --- p.16 / Chapter 4 --- Implementation --- p.17 / Chapter 4.1 --- Integration of DIP into NCCloud --- p.17 / Chapter 4.2 --- Instantiating Cryptographic Primitives --- p.18 / Chapter 4.3 --- Trade-off Parameters --- p.19 / Chapter 5 --- Security Analysis --- p.22 / Chapter 5.1 --- Uses of Security Primitives --- p.22 / Chapter 5.2 --- Security Guarantees --- p.23 / Chapter 5.2.1 --- Corrupting an AECC Stripe --- p.23 / Chapter 5.2.2 --- Picking Corrupted Bytes for Checking --- p.25 / Chapter 5.2.3 --- Putting It All Together --- p.26 / Chapter 6 --- Evaluations --- p.27 / Chapter 6.1 --- Running Time Analysis --- p.27 / Chapter 6.2 --- Monetary Cost Analysis --- p.30 / Chapter 6.3 --- Summary --- p.33 / Chapter 7 --- Related Work --- p.34 / Chapter 8 --- Conclusions --- p.37 / Bibliography --- p.38 Cloud computing--Security measures Computer networks--Security measures
672	Secure computer entertainments. / CUHK electronic theses & dissertations collection January 2009 (has links) Computer entertainment is a big business today. Due to the availability of broadband network connections, the Internet is already a platform for many high quality multimedia applications. For example, online theaters and multi-player online games (MOG) are two of the most popular multimedia applications on the Internet. Although the Internet provides us a very convenient channel for data dissemination, its open architecture leads to many security issues. The security problems are especially complicated for computer entertainment applications since we must address both efficiency and security at the same time. In this thesis, we tackle four security issues in different aspects of computer entertainment applications. Specifically, the issues are (1) "to provide secure multimedia streaming while allowing proxy caching by untrusted third parties", (2) "to detect cheating in MOGs other than using conventional labor-intensive methods", (3) "to synchronize game clients in highly-interactive MOGs while resisting cheating in both the application and protocol level", and (4) "to exchange messages in peer-to-peer (P2P) MOGs so that distributed simulation is allowed but information exposure is mitigated". For each of the above issues, we present an effective solution that preserves the architecture of that particular multimedia application and also is feasible and efficient to deploy on the Internet. / Yeung, Siu Fung. / Adviser: John C. S. Lui. / Source: Dissertation Abstracts International, Volume: 70-09, Section: B, page: . / Thesis (Ph.D.)--Chinese University of Hong Kong, 2009. / Includes bibliographical references (leaves 137-142). / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Electronic reproduction. [Ann Arbor, MI] : ProQuest Information and Learning, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstracts in English and Chinese. / School code: 1307. Computer games Computer networks--Security measures
673	Cyber Power and the International System Lonergan, Shawn William January 2017 (has links) This dissertation is comprised of three separate papers that address how cyber power contributes to national power and the implications for international security posed by cyber operations. The first paper, “Cyber Power and International Stability: Assessing Deterrence and Escalation in Cyberspace,” posits that there are unique attributes that define the cyber domain and that have direct implications on deterrence and escalation dynamics between state actors. The second paper, “Arms Control and Confidence Building Measures for the Cyber Domain,” explores at various mechanisms that states have traditionally used to foster stability and prevent inadvertent conflict and assesses their applicability to controlling cyber operations. Finally, “The Logic of Coercion in Cyberspace” delves into the role of cyber operations as both inadvertent and deliberate signals and assesses their utility as a coercive instrument of statecraft. Political science Security, International Cyberspace--Political aspects Internet--Security measures
674	Preservation of privacy in sensitive data publishing. / 隱私保護數據發佈 / Yin si bao hu shu ju fa bu January 2008 (has links) Li, Jiexing. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2008. / Includes bibliographical references (leaves [105]-110). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iv / Chapter 1 --- Introduction --- p.1 / Chapter 1.1 --- Problem Statement --- p.1 / Chapter 1.2 --- Contributions --- p.3 / Chapter 1.3 --- Thesis Organization --- p.5 / Chapter 2 --- Background Study --- p.7 / Chapter 2.1 --- Generalization Algorithms --- p.7 / Chapter 2.2 --- Privacy Principles --- p.10 / Chapter 2.3 --- Other Related Research --- p.11 / Chapter 3 --- Anti-Corruption Privacy Preserving Publication --- p.13 / Chapter 3.1 --- Motivation --- p.13 / Chapter 3.2 --- Problem Settings --- p.14 / Chapter 3.3 --- Defects of Generalization --- p.18 / Chapter 3.4 --- Perturbed Generalization --- p.23 / Chapter 3.5 --- Modeling Privacy Attacks --- p.26 / Chapter 3.5.1 --- Corruption-Aided Linking Attacks --- p.26 / Chapter 3.5.2 --- Posterior Confidence Derivation --- p.28 / Chapter 3.6 --- Formal Results --- p.30 / Chapter 3.7 --- Experiments --- p.34 / Chapter 3.8 --- Summary --- p.37 / Chapter 4 --- Preservation of Proximity Privacy --- p.39 / Chapter 4.1 --- Motivation --- p.39 / Chapter 4.2 --- Formalization --- p.40 / Chapter 4.2.1 --- Privacy Attacks --- p.41 / Chapter 4.2.2 --- "(ε, m)-Anonymity" --- p.42 / Chapter 4.3 --- Inadequacy of the Existing Methods --- p.44 / Chapter 4.3.1 --- Inadequacy of Generalization Principles --- p.45 / Chapter 4.3.2 --- Inadequacy of Perturbation --- p.49 / Chapter 4.4 --- "Characteristics of (Epsilon, m) Anonymity" --- p.51 / Chapter 4.4.1 --- A Reduction --- p.51 / Chapter 4.4.2 --- Achievable Range of m Given e1and e2 --- p.53 / Chapter 4.4.3 --- Achievable e1 and e2 Given m --- p.57 / Chapter 4.4.4 --- Selecting the Parameters --- p.60 / Chapter 4.5 --- Generalization Algorithm --- p.61 / Chapter 4.5.1 --- Non-Monotonicity and Predictability --- p.61 / Chapter 4.5.2 --- The Algorithm --- p.63 / Chapter 4.6 --- Experiments --- p.65 / Chapter 4.7 --- Summary --- p.70 / Chapter 5 --- Privacy Preserving Publication for Multiple Users --- p.71 / Chapter 5.1 --- Motivation --- p.71 / Chapter 5.2 --- Problem Definition --- p.74 / Chapter 5.2.1 --- K-Anonymity --- p.75 / Chapter 5.2.2 --- An Observation --- p.76 / Chapter 5.3 --- The Butterfly Method --- p.78 / Chapter 5.3.1 --- The Butterfly Structure --- p.78 / Chapter 5.3.2 --- Anonymization Algorithm --- p.83 / Chapter 5.4 --- Extensions --- p.89 / Chapter 5.4.1 --- Handling More Than Two QIDs --- p.89 / Chapter 5.4.2 --- Handling Collusion --- p.91 / Chapter 5.5 --- Experiments --- p.93 / Chapter 5.6 --- Summary --- p.101 / Chapter 6 --- Conclusions and Future Work --- p.102 / Chapter A --- List of Publications --- p.104 / Bibliography --- p.105 Data protection Computer security
675	Protecting the protector : exploring work-related challenges experienced by contract security guards employed by a security company in Johannesburg. Sibanyoni, Nkosinathi Samuel 04 September 2014 (has links) The high levels of crimes in society have led people to seek assistance outside public law enforcement agencies such as police and the army, to private law enforcement agencies such as the private security industry. Security guards are involved in providing protection to people, properties and their valuables and in South Africa, they intervene in high crime and violence situations, resulting in their working environment being dangerous and unpredictable. The study aimed to understand some of the factors contributing to the work-related challenges encountered by contract security guard officers. The study utilised a qualitative research design in exploring the narrations of 14 contract security guards, identified and selected using a non-probability purposive sampling procedures. For triangulation purposes, two key informants namely: senior supervisor and a site manager were interviewed. Semi-structured interview schedules were conducted, where in-depth one-on-one interviews were audio-recorded, transcribed into verbatim and subsequently analysed using thematic content analysis. The results revealed that economic factors such as poverty and unemployment contribute to one becoming a security guard officer. Furthermore, factors such as low wages, long working hours, lack of respect, safety, lack of water and sanitation facilities were identified as challenges encountered by security guard officer in the industry. The results also showed that the identified challenges impact on the work discipline and work motivation of security guards, their family responsibilities and to their occupational wellbeing. Recommendations emanating from the study included the involvement of occupational social workers in the private security industry, for the developing of interventional programmes in enhancing the effective use of coping strategies by security guards, and the collaboration between security companies and security guards within the contractual service negotiations process with clients. Occupational experiences Occupational challenges Security-company Contract security guards
676	Capturing and Analyzing Network Traffic from Common Mobile Devices for Security and Privacy Overton, Billy 01 May 2014 (has links) Mobile devices such as tablets and smartphones are becoming more common, and they are holding more information. This includes private information such as contacts, financial data, and passwords. At the same time these devices have network capability with access to the Internet being a prime feature. Little research has been done in observing the network traffic produced by these mobile devices. To determine if private information was being transmitted without user knowledge, the mobile capture lab and a set of procedures have been created to observe, capture and analyze the network traffic produced by mobile devices. The effectiveness of the lab and procedures has been evaluated with the analysis of four common mobile devices. The data analyzed from the case studies indicates that, contrary to popular opinion, very little private information is transmitted in clear text by mobile devices without the user’s knowledge. security mobile traffic analysis traffic capture Information Security Systems Architecture
677	An Analysis of Faculty and Staff's Identification of Malware Threats Quesinberry, Malora 01 August 2016 (has links) This document presents findings related to faculty and staff member’s ability to identify malware threats. This study involved discovering the most common incidents of malware threats to higher education systems. From this research, eight categories of malware were identified to be the most common threats to higher education systems. This document also describes the impact of malware intrusions on higher education systems to emphasis the importance of recognizing malware threats. Faculty and staff members at a midsize southeastern university were presented with realistic scenarios to determine the ability to identify malware threats. The results indicate malware categories such as virus, Trojan, browser hijacker, adware, and ransomware were identifiable by faculty and staff. Additionally, the findings demonstrate malware threats in the worm, spyware, and rootkit categories were difficult for faculty and staff members to identify. A recommendation for educating faculty and staff members to better identify malware threats in the less identified categories was proposed to help mitigate future malware intrusions. Future recommendations include investigating new types of malware risks and students’ awareness, or recognition of malware threats and solutions for mitigating these risks. information technology information security security awareness Technology and Innovation
678	A Slight Re-telling of the David and Goliath Story: Surprising Power Dynamics in Proxy Relationships Wang, Ruiyang 01 January 2019 (has links) This thesis discusses how local forces, despite being the weaker actor in a proxy relationship, manipulate external powers’ support to pursue their own objectives. Three factors – practical advantage, relative will, and diverging objectives – explain this counterintuitive power dynamic. First, local forces have better local knowledge, more extensive networks, and greater legitimacy, which give them leverage and make them desirable partners. Second, local forces' involvement is often existential rather than selective; unlike external powers, local forces are thus unconstrained by domestic political vulnerabilities. This enables them to close the significant power gap with external powers. Third, local forces' objectives may diverge from their sponsors', creating incentives for exploitation and manipulation of external support to pursue their own agenda, regardless of the external powers’ interests. These three factors effectively explain the dynamic between the Soviet Union and Cuba during the Angolan civil war and the relationship between the U.S. and the Kurds in the fight against ISIS. Cuba mostly operated within the Soviet strategic parameters, while at the same time manipulating Soviet support to forward its own interests in Africa. The Kurds manipulated U.S. support while fighting ISIS to acquire territories and to pursue autonomy and independence, goals inconsistent with US interests. Further research is still needed to identify under what conditions local partners will wield this counterintuitive power, since there also are cases in which this does not take place. Intervention Proxy Relationship Power Dynamics Security Defense and Security Studies
679	Smartphone User Privacy Preserving through Crowdsourcing Rashidi, Bahman 01 January 2018 (has links) In current Android architecture, users have to decide whether an app is safe to use or not. Expert users can make savvy decisions to avoid unnecessary private data breach. However, the majority of regular users are not technically capable or do not care to consider privacy implications to make safe decisions. To assist the technically incapable crowd, we propose a permission control framework based on crowdsourcing. At its core, our framework runs new apps under probation mode without granting their permission requests up-front. It provides recommendations on whether to accept or not the permission requests based on decisions from peer expert users. To seek expert users, we propose an expertise rating algorithm using a transitional Bayesian inference model. The recommendation is based on aggregated expert responses and their confidence level. As a complete framework design of the system, this thesis also includes a solution for Android app risks estimation based on behaviour analysis. To eliminate the negative impact from dishonest app owners, we also proposed a bot user detection to make it harder to utilize false recommendations through bot users to impact the overall recommendations. This work also covers a multi-view permission notification design to customize the app safety notification interface based on users' need and an app recommendation method to suggest safe and usable alternative apps to users. Smartphone Security Privacy Recommendation Crowdsourcing Information Security Theory and Algorithms
680	La sûreté réelle pour autrui / Security for others Prévot, Chantal 07 December 2017 (has links) L’arrêt de la Cour de cassation du 2 décembre 2005 a énoncé qu’une sûreté réelle consentie pour garantir la dette d’un tiers n’implique aucun engagement personnel à satisfaire à l’obligation d’autrui et n’est dès lors pas un cautionnement,lequel ne se présume pas.La formule de la Cour de cassation,conduit à rejeter toute analogie entre les sûretés réelles pour autrui et le cautionnement personnel.Elle invite également, à ne pas appliquer aux sûretés réelles pour autrui, le régime du cautionnement, car différence de nature, signifie aussi différence de régime. Mais le législateur par sa réforme du droit des procédures collectives a réajusté la solution de la Haute Juridiction. En effet, la jurisprudence postérieure à l’arrêt du 2 décembre 2005, a très souvent manqué de nuance. Les solutions apportées aux différends litiges, résultent le plus souvent d’un raisonnement purement déductif, de la solution tirée de l’arrêt du 2 décembre 2005, de la Haute Juridiction.Les textes qui mentionnent le cautionnement personnel sont systématiquement écartés, au constituant de sûretés réelles pour autrui. Il faudrait maintenant que l’amorce annoncée par le législateur en droit des procédures collectives permette à la jurisprudence d’affiner sa solution. Le droit des procédures collectives de 2008, et de 2014 met en évidence la nécessité de faire apparaître dans la science juridique,la catégorie des sûretés pour autrui, et la catégorie des sûretés pour soi-même. Les sûretés pour autrui, qu’elles soient personnelles ou réelles, devraient obéir à un régime partiellement, puis totalement commun, ce qui signifie finalement qu’il n’y a pas une totale différence de nature entre le cautionnement personnel et les sûretés réelles pour autrui. Les sûretés réelles pour autrui devraient avoir un rôle fondamental dans la vie économique.Pour cela,il faut s’écarter du débat de la nature purement réelle ou mixte des sûretés réelle pour autrui, et s’orienter principalement sur la personne de la caution réelle,qui en l’état actuel de notre droit positif et en tant que tiers à la dette n’est pas protégée.La caution personnelle et la caution réelle sont des sûretés identiques,car elles sont avant tout des garanties de la dette d’autrui, elles sont l’accessoire de la dette du débiteur principal.La seule différence entre ces deux sûretés pour autrui réside dans l’étendue de leur engagement. La caution réelle étant un tiers à la dette et n’étant pas le débiteur, le seul droit des sûretés réelles ne peut répondre que partiellement à la technique de la garantie réelle pour autrui.Car il y a une différence entre celui qui garantit sa propre dette par des sûretés réelles appelé le débiteur,de celui qui garantit la dette d’un tiers par des sûretés réelles appelé la caution réelle. Il serait intéressant pour protéger la caution réelle,d’envisager la création d’une sûreté unique pour garantir réellement la dette d’autrui, en s’inspirant du succès du droit des sûretés Canadien et Américain qui sont des droits souples, réfléchis, modernes et uniformes. La sûreté réelle pour autrui française doit être efficace juridiquement et économiquement pour toutes les parties du contrat. La caution réelle qui engage son unique bien pour garantir la dette d’autrui prend un risque important tout comme la caution personnelle. L’avant-projet de réforme de sûretés de 2017, réintroduit dans un article 2291 le cautionnement réel comme étant une variété de cautionnement. Mais l’avant-projet de réforme de 2006 avait déjà essayé d’introduire le cautionnement réel dans un article 2285, comme étant une variété de cautionnement qui n’avait pas été retenu. Un régime primaire devrait donc être consacré aux garanties pour autrui;puis un droit spécial serait réservé au cautionnement personnel et à la sûreté réelle pour autrui.Cette solution est claire et précise et mettrai enfin un terme à l’amalgame créé par le mécanisme de la garantie réelle pour autrui, par la jurisprudence et la doctrine. / A collateral debt can be garantee personnaly or on sombody else property. The collateral guarantor which commits its only property to guarantee a debt takes a huge risk just like a personal guarantee. The pre reform of securities of 2017, reintroduced in an article 2291 the collateral garantee on property, like in the pre reform of safeties of 2006 in its article 2285, as being a variety of personal garantee. The article 2285 of the 2006 pre reform of securities has not been retained by law. To solve the problem on the protection of the collateral porperty garantor, a primary solution is to establish common rules for both collateral garantees, personal and on properties. And, the special rules of the personal garantee and the collateral garantee on goods. This solution will put an end on the conflict created by the search of the real qualification of the collateral guarantee. Sûreté réelle Personne Cautionnement Security Person Security bond 346.03 PRE

Search results