Global ETD Search

181	Sécurisation de l'Internet des objets / Securing the Internet of things Hammi, Mohamed Tahar 17 September 2018 (has links) L'Internet des Objets ou en anglais the Internet of Things (IoT) représente aujourd'hui une partie majeure de notre vie quotidienne. Des milliards d'objets intelligents et autonomes, à travers le monde sont connectés et communiquent entre eux. Ce paradigme révolutionnaire crée une nouvelle dimension qui enlèveles frontières entre le monde réel et le monde virtuel. Son succès est dû à l’évolution des équipements matériels et des technologies de communication notamment sans fil. L’IoT est le fruit du développement et de la combinaison de différentes technologies. Il englobe presque tous les domaines de la technologie d’information (Information Technology (IT)) actuels.Les réseaux de capteurs sans fil représentent une pièce maîtresse du succès de l'IoT. Car en utilisant des petits objets qui sont généralement limités en terme de capacité de calcul, de mémorisation et en énergie, des environnements industriels, médicaux, agricoles, et autres peuvent être couverts et gérés automatiquement.La grande puissance de l’IoT repose sur le fait que ses objets communiquent, analysent, traitent et gèrent des données d’une manière autonome et sans aucune intervention humaine. Cependant, les problèmes liés à la sécurité freinent considérablement l’évolution et le déploiement rapide de cette haute echnologie. L'usurpation d’identité, le vols d’information et la modification des données représentent un vrai danger pour ce système des systèmes.Le sujet de ma thèse consiste en la création d'un système de sécurité permettant d’assurer les services d’authentification des objets connectés, d’intégrité des données échangées entres ces derniers et de confidentialité des informations. Cette approche doit prendre en considération les contraintes des objets et des technologies de communication utilisées. / Internet of Things becomes a part of our everyday lives. Billions of smart and autonomous things around the world are connected and communicate with each other. This revolutionary paradigm creates a new dimension that removes boundaries between the real and the virtual worlds. Its success is due to the evolution of hardware and communication technologies, especially wireless ones. IoT is the result of the development and combination of different technologies. Today, it covers almost all areas of information technology (IT).Wireless sensor networks are a cornerstone of IoT's success. Using constrained things, industrial, medical, agricultural, and other environments can be automatically covered and managed.Things can communicate, analyze, process and manage data without any human intervention. However, security issues prevent the rapid evolution and deployment of this high technology. Identity usurpation, information theft, and data modification represent a real danger for this system of systems.The subject of my thesis is the creation of a security system that provides services for the authentication of connected things, the integrity of their exchanged data and the confidentiality of information. This approach must take into account the things and communication technologies constraints. Internet des objets, IdO Sécurité Authentification Confidentialité Blockchain Réseau capteur sans fil OCARI Internet of things, IoT Security Authentication Confidentiality Blockchain Wireless sensor network OCARI
182	Databáze specifikací bezpečnostních protokolů / Specifications Database of Security Protocols Ondráček, David January 2008 (has links) Original protocols, which were created during early development of computer networks, no longer provide sufficient security. This is the reason why new protocols are developed and implemented. The important component of this process is formal verification, which is used to analyze the developed protocols and check whether a successful attack is possible or not. This thesis presents selected security protocols and tools for their formal verification. Further, the selected protocols are specified in LySa calculus and results of their analysis using LySatool are presented and discussed.
183	Entre utilité et risques d'atteinte à la vie privée : pratiques, préoccupations et enjeux concernant les applications de suivi du cycle menstruel Rudaz, Pauline 08 1900 (has links) Les applications de suivi du cycle menstruel sont aujourd’hui utilisées par des millions de personnes dans le monde. Elles permettent de soutenir et d’aider le suivi des menstruations, de garder des traces des cycles précédents, et de rapporter une variété de symptômes reliés. Les usager·ère·s de ces applications partagent avec les entreprises propriétaires des données sensibles et personnelles sur leur corps et sur leurs ressentis. Cependant, certaines de ces applications partagent ces données avec des tiers. En utilisant ces outils numériques, les usager·ère·s composent donc entre deux éléments en tension : d’un côté, l’utilité de ces applications, et de l’autre, des risques d’atteinte à leur vie privée à travers l’usage de leurs données. Ce mémoire analyse les pratiques et les discours permettant aux usager·ère·s de composer avec cette tension ainsi que les préoccupations qui y sont reliées au prisme des théories féministes sur les données, et sur la surveillance. Pour ce faire, j’ai réalisé plusieurs entrevues semi-dirigées collectives, des focus groups de 2 à 3 participant·e·s, avec des personnes menstruées, qui utilisent une application de suivi menstruel. La recherche fait ressortir que les usager·ère·s ne considèrent pas forcément les données sur les menstruations qu’elles partagent comme des données intimes et personnelles, et que certain·e·s ne savent pas vraiment à quels usages peuvent servir ces données, ce qui soulève des questions quant au consentement éclairé et valide lors de l’usage de ces applications. La plupart des personnes, bien que dérangées par la surveillance de leurs données de suivi menstruel, l’acceptent dans leurs pratiques quotidiennes, au même titre que la surveillance numérique générale. Selon les personnes interrogées, ces applications sont utiles et pratiques au niveau individuel, mais elles peuvent aussi avoir une utilité à un niveau collectif, dans ce qu’elles peuvent accomplir pour la recherche sur les menstruations, la valorisation du ressenti des femmes et de leur bien-être, des éléments que la discussion collective a permis de mettre de l’avant. / Period tracking applications are now used by millions of people around the world. They support and assist in tracking menstrual cycles, keeping track of previous cycles, and reporting a variety of related symptoms. Users of these applications share sensitive and personal data about their bodies and feelings with the companies that own them. However, some of these applications share their users’ data with third parties. By using these digital tools, users need therefore to deal with two elements in tension: on the one hand, the usefulness of these applications, and on the other, the risks of invasion of their privacy through the use of their data. This thesis analyzes the practices and discourses that allow users to deal with this tension and the concerns related to it using the perspective of data feminism theory and feminist surveillance studies. I conducted several semi-structured group interviews, focus groups of 2-3 participants, with menstruating individuals who use a menstrual tracking application. The research highlights that users do not necessarily consider the menstrual data they share as intimate and personal, and that some of them do not really know how these data can be used, which raises questions about informed and valid consent to use these applications. Most people, while bothered by the monitoring of their menstrual data, accept it as part of their daily practices, along with general digital monitoring. According to the interviewees, these applications are useful and practical on an individual level, but they can also be useful on a collective level, in what they can accomplish for research on menstruation, valuing women's feelings and well-being, issues that the collective discussion brought forward. applications de suivi menstruel femtech vie privée confidentialité utilité données tension surveillance consentement fémisime menstrual tracking apps privacy confidentiality data consent feminism menstruation
184	An employee assistance program: A study of its scope, use, behavioral change, volunteerism, and confidentiality Tompkins, Lynn Michael 01 January 2003 (has links) (PDF) The purpose of the study was to determine if one company-sponsored EAP and health program influences some behaviors and lifestyle choices of employees when off the job. This study compared the perceptions of employees and management regarding what is within the “legitimate” (job-related) EAP scope. During the past four decades the Employee Assistance Program (EAP) has increased in number and scope such that an estimated 50 percent of working Americans currently have access to an EAP. Designed originally to treat alcoholic workers, they now address other behavioral health problems such as drugs, family, emotional, financial and legal difficulties. In concert with EAPs, other initiatives have proliferated at the work site including health and wellness programs and drug testing policies. These convergent forces have served to create a blurring of the distinction between personal prerogatives regarding health and the work domain. What was once the province of the community—health care—has now shifted to the employer. This trend places EAP mental health practitioners, in particular, in the dual relationship of serving both client and company. Other issues which come to light include privacy, confidentiality, personal responsibility, paternalism, and de facto reinforcement of company-imposed values on the individual regarding lifestyle, fitness and even family life. The employees of a public utility in central California were surveyed. The entire population of 2,030 received the questionnaire; 575 people responded (28.3%). The findings were that all dimensions of EAP services were perceived to be job-related by a majority of the respondents. No more than 40 percent of the respondents felt that any single service was not job-related. That maximum was regarding smoking cessation. Although behavior had changed on some of the individuals as a result of EAP participation, the accompanying findings that those services were job-related nullified the distinction between behaviors at work and behaviors off the job. This raises the question of why employees think that EAP services are job-related. That and other aspects of EAP use patterns are discussed. Occupational psychology Behavioral sciences Influence Employee assistance programs Studies Psychology Behavioral change Confidentiality Employee assistance program Social control Volunteerism Education Psychology
185	Operational Factors Affecting the Confidentiality of Proprietary Digital Assets Massimino, Brett J. 14 October 2014 (has links) No description available. Business Administration Information Security Intellectual Property Breach Digital Economy Supply Chain Management Confidentiality Asset Protections Software Development Worker Behaviors Behavioral Operations Management Data Protection Big Data
186	Understanding Conceptions about Digital Threats : Assessing Public Knowledge of Cyber Threats / Kartläggning av uppfattningen om digitala hot : Fastställning av allmänhetens förståelse för hot inom cybervärlden Aljic, Almir January 2022 (has links) As technology and Internet use continue to grow globally, cybersecurity has become an increasingly important topic to ensure the safety of individual consumers online. It is a growing cause for concern that cyber attacks are on the rise, as has been the case during the global pandemic. Cybersecurity awareness among the general population is of utmost importance to mitigate and prevent cyber attacks. One of the primary purposes of this study was to identify the existence and measure the extent of knowledge gaps between experts and non-experts, within the field of cybersecurity. This was done by evaluating how experts and non-experts rate the severity of different vulnerabilities. Through extensive collaboration with a technology startup within the f ield of digital design and e-commerce, four vulnerabilities were identified in the startup’s IT environment. These vulnerabilities were simplified and described in four separate scenarios, for the sake of being digestible for a nonexpert audience. The scenarios were used to construct an extensive survey, which asked participants how they would rate the severity of each scenario, using a 1-5 Likert scale. Severity was measured using three vulnerability metrics, including Attack Complexity (AC), Remediation Level (RL) and Confidentiality (C). In many cases, experts and non-experts rated the severity of the studied vulnerabilities similarly. However, the results of this study primarily showed that there doesexiststatistically significant differences intheperceivedseverity between the groups. Using expert responses as a baseline, it was possible to identify for which metrics and in which contexts the lack of cybersecurity awareness existed among non-experts. This lack of awareness was equated with the existence of a knowledge gap. For future work, it would be of great interest to further analyze the extent of and how to reduce this knowledge gap. / I takt med att den internetbaserade teknologiska användningen fortsätter att öka på global skala blir cybersäkerhet desto viktigare för att skydda konsumenter från cyberangrepp online. Under pandemins gång har antalet cyberattacker ökat markant och detta är högst oroväckande. Allmänhetens medvetenhet kring cybersäkerhet är av yttersta vikt för att mitigera och förhindra cyberattackerna. Ett av dem främsta syftena med denna studie var att undersöka eventuella kunskapsskillnader mellan experter och ickeexperter inom cybersäkerhetsområdet. Detta undersöktes genom att evaluera hur experter och icke-experter bedömer allvaret i olika cybersäkerhetsbrister. Genom ett gediget samarbete med en startup inom digital design och ehandel, identifierades fyra separata säkerhetsbrister i företagets IT system. Dessa brister förklarades på en översiktlig nivå i olika scenarier, för att underlätta förståelsen bland icke-experter. Dessa scenarier användes därefter till att utveckla en omfattande undersökningsenkät, vars syfte var att undersöka hur deltagare bedömer allvaret i scenarierna utifrån en 1-5 Likertskala. Allvaret beräknades genom att deltagarna bedömde tre olika sårbarhetsaspekter för varje scenario: cyberattackens komplexitet (AC), åtgärdhetens komplexitet (RL) och konfidentialitet (C). I många fall gjorde experter och icke-experter en likvärdig bedömning kring allvaret i dem undersökta cybersäkerhetsbristerna. Emellertid fanns det i andra sammanhang uppenbara och statistiskt säkerställda skillnader i bedömningarna mellan grupperna. Genom att använda experternas bedömning som måttstock, visade studien i vilka sammanhang och för vilka sårbarhetsaspekter icke-experter saknade en gedigen medvetenhet kring. Denna bristfälliga medvetenhet likställdes med att en kunskapslucka existerade mellan grupperna. Inför framtida forskning är det av stort intresse att undersöka omfattningen av och metoder att reducera denna kunskapslucka. Cybersecurity CybersecurityAwareness Vulnerability VulnerabilityMetrics Vulnerability Severity AttackComplexity RemediationLevel Confidentiality Cybersäkerhet medvetenhet kring cybersäkerhet sårbarhet cybersårbarhet cybersäkerhetsbrist bedömningavcybersäkerhet sårbarhetsaspekt sårbarhetsskala cyberattackers komplexitet konfidentialitet Computer and Information Sciences Data- och informationsvetenskap
187	Betydelsen av informationsdelning i arbetet med barn och unga : En kvalitativ intervjustudie med skolkuratorer, socialsekreterare och poliser Anttila, Maria, Blomqvist, Josefine January 2024 (has links) In October 2022, the Swedish government announced a political agreement named the Tidö Agreement which presented multiple collaborative projects aimed at facing current societalissues in Sweden. In the agreement, a suggestion regarding increased information sharingbetween professionals in work with children and youth was presented as a part of the crimeprevention work. The aim of this qualitative study is to describe and analyze the role ofinformation sharing when working with children and youth, based on the experience of school counselors', social workers' and police officers'. Data collected from two semi-structured focus group interviews with seven professionals have been thematically analyzed, using Danermark’s (2007) theory of cooperation. The results indicate that political decisionsthat are perceived as difficult to interpret for professionals are used restrictively. In additionto the design of the laws, the respondents request guidance in how existing laws should beapplied, rather than new laws being established. Cooperation between school counselors',social workers' and police officers' seem to be limited by external factors, and multiplebarriers hinders a well-functioning cooperation. An overall conclusion is that politicaldecisions have a clear impact on practical work, and information sharing cannot be solelyreduced to positive or negative aspects. Information sharing confidentiality professionals organizational culture politics legislation collaboration the best interest of the child Informationsdelning sekretess yrkesverksamma organisationskultur politik lagstiftning samverkan barnets bästa Social Work Socialt arbete
188	A Comprehensive and Comparative Examination of Healthcare Data Breaches: Assessing Security, Privacy, and Performance Al Kinoon, Mohammed 01 January 2024 (has links) (PDF) The healthcare sector is pivotal, offering life-saving services and enhancing well-being and community life quality, especially with the transition from paper-based to digital electronic health records (EHR). While improving efficiency and patient safety, this digital shift has also made healthcare a prime target for cybercriminals. The sector's sensitive data, including personal identification information, treatment records, and SSNs, are valuable for illegal financial gains. The resultant data breaches, increased by interconnected systems, cyber threats, and insider vulnerabilities, present ongoing and complex challenges. In this dissertation, we tackle a multi-faceted examination of these challenges. We conducted a detailed analysis of healthcare data breaches using the VERIS (Vocabulary for Event Recording and Incident Sharing) dataset. We delve into the trends of these breaches, investigate the attack vectors, and identify patterns to inform effective mitigation strategies. We conducted a spatiotemporal analysis of the VERIS and the Office of Civil Rights (OCR) datasets. We explored the geographical and temporal distribution of breaches and focused on the types of targeted assets to decipher the attackers' motives. Additionally, we conducted a detailed analysis of hospitals' online presence, focusing on their security and performance features. By comparing government, non-profit, and private hospitals in the U.S., we examined their security practices, content, and domain attributes to highlight the differences and similarities in the digital profiles of these hospital types. Furthermore, we expand our scope to include a comparative sector-based study investigating data breaches across various critical sectors. This broader view provides a contextual understanding of the healthcare sector's unique vulnerabilities compared to other sectors. Overall, this dissertation contributes fundamental insights into healthcare data breaches and hospitals' digital presence and underscores the urgent need for enhanced understanding and implementation of robust security measures in this vitally important sector, striving for a balance between technological advancement and data security. Web security SSL Certificates Healthcare Data Breaches Measurement Data Confidentiality Data Security Data Analysis Computer Sciences Health Information Technology Information Security
189	Balancing Availability and Confidentiality in IT Systems Used for Defence Marhold, Anton January 2024 (has links) The increasing digitization within the defence sector makes the business more vulnerable to potential attacks, threatening sensitive information and system functionality. Balancing the requirements of availability and confidentiality is crucial for ensuring secure and reliable IT systems. This study examines the trade-offs between these two aspects within the context of the Swedish defence sector and requirements engineering. By analyzing relevant standards, guidelines, and frameworks, and conducting interviews with personnel working on projects for the Swedish Defence Materiel Administration (FMV), this research explores real-world practices in achieving a balance between availability and confidentiality. The findings highlight the complexity of balancing these aspects and underscore the importance of understanding the specific system, its function, and operational context, along with adapting to evolving threats and requirements. The study suggests that FMV’s methods could be improved. / Den ökande digitaliseringen inom försvaret gör verksamheten mer sårbar för potentiella attacker, vilket hotar känslig information och systemfunktionalitet. Att balansera kraven på tillgänglighet och konfidentialitet är avgörande för säkra och tillförlitliga IT-system. Denna studie undersöker avvägningarna mellan dessa två aspekter inom ramen för den svenska försvarssektorn och kravhantering. Genom att analysera relevanta standarder, riktlinjer och ramverk, samt intervjua personal som arbetar med projekt för Försvarets Materielverk (FMV), utforskar denna avhandling praktiska tillämpningar för att uppnå en balans mellan tillgänglighet och konfidentialitet. Resultaten belyser komplexiteten i att balansera dessa aspekter och betonar vikten av att förstå det specifika systemet, dess funktion och operativa kontext, samt att anpassa sig till föränderliga hot och krav. Studien föreslår att FMV:s metoder skulle kunna förbättras. IT security IT systems defence availability confidentiality requirements engineering IT-säkerhet IT-system försvaret tillgänglighet konfidentialitet kravhantering Computer and Information Sciences Data- och informationsvetenskap
190	Sekretessens roll i det brottsförebyggande arbetet : En kvalitativ studie i hur sekretessen mellan socialtjänsten och polismyndigheten påverkar detbrottsförebyggande arbetet i Borås / The role of confidentiality in crime prevention work : A study of how confidentiality affects cooperation between social services and the police authority in Borås municipality Sandberg, Daniel, Martinsson, Johanna January 2024 (has links) Samverkan är en institutionaliserad del av myndigheters dagliga arbete och lyfts fram som en central del för att kunna lösa komplexa utmaningar som myndigheterna ofta inte kan hantera på egen hand. Myndigheter som polismyndigheten och socialtjänsten präglas även av strikt sekretess som i ett flertal fall skulle kunna utmana samverkan genom att uppgifter som hade kunnat föra myndigheternas arbete framåt inom det brottsförebyggande arbetet inte får lämnas ut. Den organiserade brottligheten i Sverige har under de senaste åren ökat och har således intensifierat myndigheternas arbete för att kunna bekämpa den nedåtgående trenden. Syftet med denna studie var att undersöka i vilken utsträckning sekretessen påverkar samverkan mellan polismyndigheten och socialtjänsten för att motverka ungdomskriminaliteten. Detta genomfördes genom att utgå från socialt kapital, aktörsfokuserad perspektiv och samverkansperspektiv. Studiens genomfördes genom kvalitativa intervjuer med två representanter från polismyndigheten, tre från socialtjänsten och med två lektorer med bred kunskap kring sekretess och polisiärt arbete som undervisar på Högskolan i Borås. Samtliga intervjuer genomfördes på plats med undantag för intervjuerna med lektorerna som genomfördes via den digitala plattformen ZOOM. Resultatet visade att samverkan fungerar på ett effektivt sätt mellan myndigheterna tack vare nära och kontinuerlig kontakt. Det fanns även en stark tillit mellan myndigheterna som resulterade i att myndighetspersonalen kunde föra en mer öppen dialog med varandra än vad vi först antog. Studien visar på att även om sekretessen i sig inte är ett påtagligt hinder mellan myndigheterna så framkommer trots detta en osäkerhet och rädsla bland individerna inom myndigheterna för att dela med sig av känsliga uppgifter. Det framgår även att det kan vara problematiskt att veta vilka lagar och riktlinjer tjänstemännen ska förhålla sig till när det kommer till sekretess samt hur lagen ska tolka, Således framgick en viss kunskapsbrist när tjänstemännen tvingas förhålla sig till lagar som lämnar mycket tolkningsutrymme. / Cooperation is an institutionalized part of the authorities' daily work and is highlighted as a central part of being able to solve complex challenges that the authorities often cannot handle on their own. Authorities such as the police and social services are also characterized by strict secrecy, which in several cases could challenge cooperation by not divulging information that could have advanced the authorities' work in crime prevention. Organized crime in Sweden has increased in recent years and the authorities have thus intensified the work of the authorities in order to combat the downward trend. The purpose of this study was to investigate the extent to which secrecy affects the collaboration between the police authority and social services to counter youth crime. This was carried out by starting from social capital, an actor-focused perspective and a collaboration perspective. The study was conducted through qualitative interviews with two representatives from the police authority, three from social services and with two lecturers with broad knowledge of secrecy and police work who teach at the University of Borås. All interviews were conducted on site, with the exception of the interviews with the lecturers, which were conducted via the digital platform ZOOM. The result showed that collaboration works efficiently between the authorities thanks to close and continuous contact. There was also a strong trust between the authorities which resulted in the authority staff being able to have a more open dialogue with each other than we first assumed. The study shows that even if secrecy in itself is not a tangible obstacle between the authorities, there is nevertheless an insecurity and fear among the individuals within the authorities to share sensitive information. It also appears that it can be problematic to know which laws and guidelines the civil servants must relate to when it comes to confidentiality and how the law must be interpreted. Thus, a certain lack of knowledge emerged when the civil servants are forced to relate to laws that leave a lot of room for interpretation. Collaboration Confidentiality Risk zone Borås Police Authority Social services Crime Recruitment Samverkan Sekretess Riskzon Borås Polismyndigheten Socialtjänsten Kriminalitet Rekrytering Public Administration Studies Studier av offentlig förvaltning

Search results