Cloverfield and the monstrosity of postmodernity

Leung, Hannah W.

January 2009

Honors Project--Smith College, Northampton, Mass., 2009. / Includes bibliographical references (p. 49-52).

Law and counterterror policy during the Bush administration : a strategic assessment /

Glabe, Scott L.,

January 1900

Thesis (M.S.)--Missouri State University, 2008. / "December 2008." Includes bibliographical references (leaves 80-89). Also available online.

Crisis management the effective use of image restoration strategies when an organization/individual is faced with a crisis /

Martin, Anthony Lewis.

January 2005

Thesis (M.S.)--West Virginia University, 2005. / Title from document title page. Document formatted into pages; contains iv, 74 p. : ill. Includes abstract. Includes bibliographical references (p. 64-74).

The missing piece why intelligence reform failed after 9/11 /

Lotrionte, Catherine B.

January 2008

Thesis (Ph. D.)--Georgetown University, 2008. / Includes bibliographical references.

New York City police officer's experiences of the September 11, 2001 terrorist attacks

Irvine, Cecile S.

Unknown Date

Thesis (Ph.D.)--Duquesne University, 2005. / Title from document title page. Abstract included in electronic submission form. Includes bibliographical references (p. 180-184) and index.

Competing frames? : the war on terror in campaign rhetoric /

Kaufman, Heather L.

January 2007

Thesis (M.A.)--Indiana University, 2007. / Title from screen (viewed on June 6, 2007) Department of Sociology, Indiana University-Purdue University Indianapolis (IUPUI) Includes vita. Includes bibliographical references (leaves 117-122)

Ανάλυση επιθέσεων πλαγίου καναλιού σε κρυπτοσύστημα AES με χρήση προσομοιωτή επεξεργαστή

Καλόγριας, Απόστολος

07 June 2010

Ένας από τους πιο ευρέως γνωστούς αλγορίθμους κρυπτογράφησης είναι ο AES (Advanced Encryption Standard). Το πρότυπο κρυπτογράφησης AES περιγράφει μια διαδικασία κρυπτογράφησης ηλεκτρονικής πληροφορίας βασισμένη στην λογική της κωδικοποίησης ομάδων δεδομένων με κάποιο μυστικό κλειδί. Μέχρι τον Μάιο του 2009, οι μόνες επιτυχημένες δημοσιευμένες επιθέσεις ενάντια στο πρότυπο AES ήταν επιθέσεις πλάγιου-καναλιού σε συγκεκριμένες εφαρμογές. Η βασική ιδέα των επιθέσεων πλαγίου καναλιού είναι ότι κάποιος μπορεί να παρατηρήσει έναν αλγόριθμο ο οποίος εκτελείται σε ένα σύστημα επεξεργασίας και να εξάγει μερικές ή πλήρεις πληροφορίες για την κατάσταση του αλγορίθμου ή το κλειδί. Ένας συγκεκριμένος τύπος επιθέσεων πλάγιου καναλιού, cache επιθέσεις, βασίζεται στην παρακολούθηση της συμπεριφοράς της μνήμης cache των συστημάτων (την μετακίνηση των δεδομένων μέσα και έξω από την μνήμη cache). Σε αυτή την διπλωματική αναπτύχθηκε ένα πρόγραμμα κρυπτογράφησης/αποκρυπτογράφησης AES και μελετήθηκε η συμπεριφορά διάφορων μνημών cache μέσω ενός προσομοιωτή επεξεργαστή (Simplescalar) κατά την διάρκεια εκτέλεσής του. Σκοπός της διπλωματικής εργασίας ήταν να δείξουμε ότι το κρυπτοσύστημα AES είναι ευάλωτο σε επιθέσεις πλαγίου καναλιού κρυφής μνήμης. / AES (Advanced Encryption Standard) is one of the most popular cryptographic algorithms. AES describes a process of electronic data encryption based on encrypting data using a secret key. Up to May 2009, the only successful published attacks against AES were side-channel attacks. The main concept of side-channel attacks is that someone can observe an algorithm that is being implemented in a system and gain information about the state of the algorithm or the secret key. One particular type of side-channel attacks, cache-based attacks, is based on observing the behavior of the system’s cache memory (tha data that moves in and out of the cache memory). In this thesis an algorithm AES (encryption/decryption) was developed and we examined the behavior of different cache memories using a simulator (Simplescalar) while this algorithm was processing trying to figure out if AES is vulnerable to cache-based side channel attacks. This thesis shows if AES is vulnerable against cache-based side channel attacks.

Κρυπτογραφία

005.8

Advanced Encryption Standard (AES)

Cryptography

Side channel

Cache attacks

Crime in the rural district of Stellenbosch : a case study

Davids, Arlene Joy

12 1900

Thesis (MA)--University of Stellenbosch, 2004. / ENGLISH ABSTRACT: One of the most distressing criminal activities has been the attacks on farmers since 1994 and for many years now our farming community has been plagued by these senseless acts of brutality. Since the early nineties there has been a steady increase in the occurrence of farm attacks in our country and the rising incidence of violent crimes on farms and smallholdings in South Africa has become a cause for great concern. The farming community in South Africa has a very significant function in the economy of the country as producers of food and providers of jobs and other commodities required by various other industries, such as the mining industry. They render an indispensable service to our country and therefore we have to ensure that this community receives the necessary safeguarding that is so desperately needed at this time. Farm attacks are occurring at alarming rates in South Africa, the Western Cape, and recently also in the Stellenbosch district. The phenomenon of farm attacks needs to be analysed in the context of the crime situation in general. The underlying reasons for crime are diverse and many, and need to be taken into account when interpreting the causes of crime in South Africa. To ensure that this research endeavour has practical value for the various parties involved in protecting rural communities, crime hotspots and circumstances in which crime occur were identified and used as a tool to provide the necessary protection and mobilisation of forces for these areas. The study focused on different theories in explaining the crime phenomenon. Information from the Stellenbosch SAPS was used to analyse the study area and to identify areas that can be classified as possible hotspots in the study area. Demographic and socio-economic determinants shed light upon the social structure in the study area and various environmental determinants were also used to generate a broader understanding to the social pandemic. / AFRIKAANSE OPSOMMING: Sedert 1994 is plaasaanvalle een van die mees ontstellende kriminele aktiwiteite van ons era. Die landbougemeenskap word al jare lank geteister deur hierdie sinnelose aktiwiteite. Sedert die vroeë negentigerjare is daar ’n stewige toename in die voorkoms van plaasaanvalle asook toenemende insidente van geweldsmisdade, wat tot groot kommer lei. Die landbougemeenskap in Suid-Afrika het ’n baie belangrike funksie in die ekonomie, aangesien hulle voedselvervaardigers is, werksgeleenthede skep en industrieë van sekere kommoditeite voorsien. Hulle lewer ’n onmiskenbare diens aan die land en daarom verdien hierdie gemeenskap die nodige beveiliging. Die aantal plaasaanvalle in Suid-Afrika, die Wes-Kaap en onlangs ook die Stellenboschomgewing, is skokkend. Hierdie fenomeen moet binne die konteks van algemene misdaad geanaliseer word. Die onderliggende redes wat aanleiding gee tot plaasaanvalle is divers, maar moet almal in gedagte gehou word wanneer die oorsake vir misdaad ondersoek word. Om te verseker dat hierdie navorsingspoging praktiese waarde toon vir diegene betrokke, behoort gebiede waar misdaad seëvier geïdentifiseer te word en dan gebruik te word om die nodige beskerming aan en mobilisering van polisiemagte binne hierdie gebiede te bied. Die studie fokus op verskillende teorieë wat gebruik kan word om die voorkoms van misdaad te verklaar. Inligting is van die Stellenbosch-polisiediens verkry om die voorkoms van misdaad in die studiegebied te verklaar en om probleemgebiede te identifiseer. Demografiese en sosio-ekonomiese veranderlikes kan lig werp op die sosiale struktuur van die studiegebied en kennis van omgewingsveranderlikes dra ook by tot ’n beter begrip van hierdie sosiale pandemie.

Crime -- South Africa -- Stellenbosch

Theses -- Geographic analysis

Dissertations -- Geographic analysis

Méthodes formelles pour l'extraction d'attaques internes des Systèmes d'Information / Formal methods for extracting insider attacks from Information Systems

Radhouani, Amira

23 June 2017

La sécurité des Systèmes d’Information (SI) constitue un défi majeur car elle conditionne amplement la future exploitation d’un SI. C’est pourquoi l’étude des vulnérabilités d’un SI dès les phases conceptuelles est cruciale. Il s’agit d’étudier la validation de politiques de sécurité, souvent exprimées par des règles de contrôle d’accès, et d’effectuer des vérifications automatisées sur des modèles afin de garantir une certaine confiance dans le SI avant son opérationnalisation. Notre intérêt porte plus particulièrement sur la détection des vulnérabilités pouvant être exploitées par des utilisateurs internes afin de commettre des attaques, appelées attaques internes, en profitant de leur accès légitime au système. Pour ce faire, nous exploitons des spécifications formelles B générées, par la plateforme B4MSecure, à partir de modèles fonctionnels UML et d’une description Secure UML des règles de contrôle d’accès basées sur les rôles. Ces vulnérabilités étant dues à l’évolution dynamique de l’état fonctionnel du système, nous proposons d’étudier l’atteignabilité des états, dits indésirables, donnant lieu à des attaques potentielles, à partir d’un état normal du système. Les techniques proposées constituent une alternative aux techniques de model-checking. En effet, elles mettent en œuvre une recherche symbolique vers l’arrière fondée sur des approches complémentaires : la preuve et la résolution de contraintes. Ce processus de recherche est entièrement automatisé grâce à notre outil GenISIS qui a montré, sur la base d’études de cas disponibles dans la littérature, sa capacité à retrouver des attaques déjà publiées mais aussi des attaques nouvelles. / The early detection of potential threats during the modelling phase of a Secure Information System (IS) is required because it favours the design of a robust access control policy and the prevention of malicious behaviours during the system execution. This involves studying the validation of access control rules and performing vulnerabilities automated checks before the IS operationalization. We are particularly interested in detecting vulnerabilities that can be exploited by internal trusted users to commit attacks, called insider attacks, by taking advantage of their legitimate access to the system. To do so, we use formal B specifications which are generated by the B4MSecure platform from UML functional models and a SecureUML modelling of role-based access control rules. Since these vulnerabilities are due to the dynamic evolution of the functional state, we propose to study the reachability of someundesirable states starting from a normal state of the system. The proposed techniques are an alternative to model-checking techniques. Indeed, they implement symbolic backward search algorithm based on complementary approaches: proof and constraint solving. This rich technical background allowed the development of the GenISIS tool which automates our approach and which was successfully experimented on several case studies available in the literature. These experiments showed its capability to extract already published attacks but also new attacks.

Attaques internes

B

Preuve

Résolution de contraintes

Model-Checking

Atteignabilité

Insider attacks

B-Method

Proof

Constraint solving

Model-Checking

Reachability

004

Security in Cloud Storage : A Suitable Security Algorithm for Data Protection

Oduyiga, Adeshola Oyesanya

January 2018

The purpose of this thesis work was to conduct a general research on existing security techniques and come up with a considerable algorithm for data security in cloud storage. Cloud storage is an infrastructure or is a model of computer data storage in which the digital data is stored in logical pools. It unifies object storage for both developers and enterprises, from live applications data to cloud archival. It help to save valuable space on PC computers or mobile devices and provides the easy storage and access of data anywhere in the world. However, just as the benefits of cloud computing abounds, so also are the risks involved. If data are not well secured or encrypted before deployment for storage in the cloud, in case of negligence on the side of the developers, then hackers can gain unauthorized access to the data. The behavior of existing security algorithms on data were studied, the encryption and decryption process of the each algorithm on data was studied and also their weaknesses against attacks. Apart from data encryption, security policies also plays an important roll in cloud storage which was also covered in this report. The research work was conducted through the use of online publications, literature review, books, academic publications and reputable research materials. The study showed that regardless of the challenges in cloud storage, there is still a suitable algorithm for protecting data against attack in the cloud.

Security-in-cloud-storage

DES

3DES

Blowfish

RC5

AES

Attacks-on-cloud-facilities

Data-Encryption-Standard

Data-protection.

Software Engineering

Programvaruteknik