Global ETD Search

351	Segurança da informação: uma abordagem sobre proteção da privacidade em internet das coisas Machado Junior, Dorival Moreira 18 June 2018 (has links) Submitted by Filipe dos Santos (fsantos@pucsp.br) on 2018-08-22T12:14:10Z No. of bitstreams: 1 Dorival Moreira Machado Junior.pdf: 9885723 bytes, checksum: ec4db9d9ab0bfb009be6157700e49790 (MD5) / Made available in DSpace on 2018-08-22T12:14:10Z (GMT). No. of bitstreams: 1 Dorival Moreira Machado Junior.pdf: 9885723 bytes, checksum: ec4db9d9ab0bfb009be6157700e49790 (MD5) Previous issue date: 2018-06-18 / The concept of Internet of Things (IoT) refers to a network of objects capable of generating, collecting, and exchanging data between them. This interconnection of intelligent objects tends to provide improvements in the well-being of people so that the more “things” acquiring or generating data, the better may be the result propitiated by IoT. On the other side, privacy is best guarded in the face of the minimum supply of data or personal information. They are contrary paths that characterize a paradox. With this, studies are needed that point out possibilities that favor the growth of IoT and at the same time do not let privacy be totally succumbed to technological evolution. The user permeates both factors, being situated in the center. This paradox as well as the lack of documentation and standardization in terms of privacy protection in IoT becomes the research problem. The hypothesis suggests the need for a standard that allows such protection. The scope of standardization of the Internet is very extensive, it is necessary to determine the limits of performance of this thesis. For this, the mapping of the mechanism by which the rules and standards of the Internet are established, as well as defining a standard scenario of IoT applicable in any environment in which it is inserted. Once these parameters were established, it was possible to continue through a critical exploratory analysis of the context that is considered emerging mainly by the lack of documentation regarding the protection of privacy in IoT. As a result, a directing to privacy protection in IoT was systematized. This has as characteristics: to be applicable specifically to the IoT environment; Have as basic principles consider all user data as private as well as adopt a restrictive policy. It is also characterized by a step of human validation, in which it is required that the user allows the sharing of their data, as well as establish the trust to the device to link, that is, the destination of the data. In this way, the user is instigated to have science of their data in question beyond the destination of these. At the end, the conclusion is made by analyzing the security objectives of other models justifying the contrary or favorable opinion for application in IoT / O conceito de Internet of Things (IoT) refere-se a uma rede de objetos com capacidade para gerar, coletar e trocar dados entre si. Esta interconexão de objetos inteligentes tende a proporcionar melhorias no bem-estar das pessoas de modo que quanto mais “coisas” adquirindo ou gerando dados, melhor pode ser o resultado propiciado pela IoT. Por outro lado, tem-se que a privacidade é melhor resguardada diante do fornecimento mínimo de dados ou informações pessoais. São caminhos contrários que caracterizam um paradoxo. Com isto, são necessários estudos que apontem possibilidades que favoreçam o crescimento da IoT e ao mesmo tempo não deixe que a privacidade seja totalmente sucumbida à evolução tecnológica. O usuário permeia ambos os fatores, ficando situado ao centro. Este paradoxo bem como a falta de documentação e padronização em termos de proteção da privacidade na IoT torna-se o problema de pesquisa. A hipótese sugere a necessidade de um padrão que possibilite tal proteção. A abrangência de padronização da Internet é muito extensa, fazendo-se necessário determinar os limites de atuação desta tese. Para isto, fez-se o mapeamento do mecanismo pelo qual as regras e padrões da Internet são estabelecidos, bem como definindo um cenário padrão de IoT aplicável em qualquer ambiente em que for inserido. Uma vez estabelecidos estes parâmetros, pôde-se prosseguir através de uma análise exploratória crítica ao contexto que é considerado emergente principalmente pela falta de documentação no que diz respeito à proteção da privacidade na IoT. Como resultado foi sistematizado um direcionamento para proteção da privacidade na IoT por meio de um paradigma. Este tem como características: ser aplicável especificamente ao ambiente de IoT; ter como princípios considerar todos os dados de usuário como privados, bem como adotar uma política restritiva. Caracteriza-se também por uma etapa de validação humana, na qual é requerido que o usuário permita o compartilhamento de seus dados, bem como estabeleça a confiança no dispositivo vinculado, isto é, o destino dos dados. Deste modo, o usuário é instigado a ter ciência de seus dados em uso bem como o destino destes. Ao final, faz-se a conclusão analisando os objetivos de segurança de outros modelos justificando o parecer contrário ou favorável para aplicação na IoT Internet das coisas Privacidade Computadores - Medidas de segurança Proteção de dados Internet of things Privacy Computer security Data protection CNPQ::ENGENHARIAS
352	Protection of Personal Data in Blockchain Technology : An investigation on the compatibility of the General Data Protection Regulation and the public blockchain / Personuppgiftsskyddet i Blockkedjeteknik : En utredning om förenligheten av dataskyddsförordningen och den publika blockkedjan Wallace, Amelia January 2019 (has links) On 25 May 2018 the General Data Protection Regulation, GDPR, came into force in the EU. The regulation strengthened the rights of the data subjects’ in relation to the data controllers and processors and gave them more control over their personal data. The recitals of the GDPR state that it was the rapid development in technology and globalisation that brought new challenges for the protection of personal data. Private companies and public authorities where making use of personal data on an unprecedented scale in order to pursue their own activities. The protection should be technologically neutral and not dependant on the technique used. This leads to questions on whether the protection that is offered through the GDPR is de facto applicable on all technologies. One particular technology which has caught interest of both private companies and public authorities is the blockchain. The public distributed blockchain is completely decentralized, meaning it is the users who decide the rules and its content. There are no intermediaries in power and the transactions of value or other information is sent peer to peer. By using asymmetric cryptography and advanced hash algorithms the transactions sent in the blockchain are secured. Whilst the interest and use of blockchain is increasing and the GDPR attempting to be applicable on all techniques, the characteristics of the public blockchain must be analysed under the terms of the GDPR. The thesis examines whether natural persons can be identified in a public blockchain, who is considered data controller and data processor of a public blockchain and whether the principles of the GDPR can be applied in such a decentralised and publicly distributed technology. / Den 25 maj 2018 tradde den nya dataskyddsforordningen, GDPR, i kraft i EU vilken slog hardare mot personuppgiftsansvariga och personuppgiftsbitraden an vad det tidigare dataskyddsdirektivet gjort. Med reformen ville EU starka personuppgiftsskyddet genom att ge de registrerade mer kontroll over sina personuppgifter. I skalen till forordningen anges att det var den snabba tekniska utvecklingen och globaliseringen som skapat nya utmaningar for skyddet da privata foretag och offentliga myndigheter anvander personuppgifter i en helt ny omfattning idag. Skyddet bor saledes vara teknikneutralt och inte beroende av den teknik som anvands. Detta oppnar upp for fragor om huruvida skyddet som GDPR erbjuder faktiskt ar applicerbart pa samtliga tekniker. En sarskild teknologi som fangat intresse hos saval privatpersoner som foretag och offentliga myndigheter ar blockkedjan. Den oppet distribuerade blockkedjetekniken ar helt decentraliserad, vilket innebar att det ar dess anvandare som styr och bestammer over innehallet. Nagra mellanman finns inte, utan vardetransaktioner och andra overforingar av information sands direkt mellan anvandare. Genom asymmetrisk kryptografi och avancerade hash algoritmer sakras de overforingar som sker via blockkedjan. Nagot som uppmarksammats under den okande anvandningen och intresset for blockkedjan samt ikrafttradandet av GDPR ar hur personuppgifter bor hanteras i en sadan decentraliserad teknologi, dar inga mellanman kan bara ansvaret for eventuell personuppgiftsbehandling. Flera av den publika blockkedjeteknikens egenskaper bor problematiseras, framfor allt dess oppenhet och tillganglighet for varje person i varlden, samt dess forbud mot rattelse och radering av inlagda data. Denna uppsats behandlar fragorna huruvida fysiska personer kan identifieras i en publik blockkedja, vem som kan anses vara personuppgiftsansvarig och personuppgiftsbitrade i en publik blockkedja, samt om de principer och krav som uppstalls i GDPR kan efterlevas i en sadan decentraliserad och oppet distribuerad teknologi. General Data Protection Regulation GDPR Blockchain Transparency Personal Data Dataskyddsförordningen GDPR Blockkedja Transparens Teknikneutralitet Personuppgift Law Juridik
353	Protecting externally supplied software in small computers Kent, Stephen Thomas January 1981 (has links) Thesis (Ph.D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1981. / MICROFICHE COPY AVAILABLE IN ARCHIVES AND ENGINEERING. / Bibliography: leaves 250-252. / by Stephen Thomas Kent. / Ph.D. Minicomputers Programming Data protection Cryptography Computers Access control
354	La vie privée en droit du travail. / Privacy in labour law Morgenroth, Thomas 05 December 2016 (has links) La vie privée est en elle-même, en raison de sa relativité, une notion difficile à saisir. Le droit l’appréhende de différentes façons, tant dans des rapports verticaux, entre puissance publique et citoyens, qu’horizontaux, entre particuliers. De plus, le droit au respect de la vie privée comporte une ambivalence, en ce qu’il confère à l’individu à la fois une liberté de choix et un droit de contrôle. On comprend alors que le droit du travail puisse être mal à l’aise avec cette notion. En effet, la relation de travail présente laspécificité d’introduire un lien de subordination dans un rapport entre personnesprivées. Or, beaucoup de ses dispositions contribuent à protéger la vie privée du salarié. Une gêne se ressent néanmoins à mobiliser le droit au respect de la vie privée, dans sa conception civiliste, centrée sur le secret de la vie privée. De façon paradoxale, la protection du secret de la vie privée du salarié est rarement utilisée en droit du travail. A l’inverse, le droit au respect de la vie privée trouve à s’appliquer en matière de liberté de la vie privée du salarié. Cette dernière tend d’abord à assurer la protection du salarié dans sa vie privée. Cependant, cette liberté s’exprime également dans la vie professionnelle et apparaît alors comme un instrument indispensable de la protection de la personne au travail. Ainsi, le droit au respect de la vie privée du salarié tendinévitablement à élargir son champ à la protection de la liberté de la vie privée. / Because of its relativity, the concept of privacy is a difficult notion to define. French legislation defines it in different ways both between public institutions and citizens as well as among individuals. Moreover, the right to privacy presents an ambivalence as it gives an individual both a freedom of choice and a right of control. Therefore, privacy challenges employment laws which cannot deal satisfactorily with it as work relation has the specificity to create a link of subordination between private individuals. Yet, many of these dispositions contribute to protecting privacy. Though, in its civil law conception, there is some difficulty in resorting to privacy when it focuses on the secret of privacy.Paradoxically, the cases related to this subjective law and employees' privacy secret protection are far and few between. This freedom of privacy tends to ensure employees' protection in their privacy. Nevertheless, this freedom also applies in professional life and consequently appears as an essential instrument of the employee's protection in the workplace. Thus, the right for the employee's privacy to be respected inevitably tends to broaden its scope to the protection of freedom of privacy. Vie privée Droit du travail Secret Liberté Salariés Protection des données Privacy Labour law Lecret Freedom Employees Data protection
355	La protection du consommateur à l'épreuve des technologies de l'information et de la communication : étude du droit ivoirien à la lumière du droit français / The Protection of consumer against the rise of information and communication technologies : study of Ivorian system in the light of French law Alleme, Apo 28 June 2019 (has links) Les technologies de l’information et de la communication (TIC) qui recouvrent l’ensemble des outils et techniques résultant de la convergence des télécommunications ont révolutionné les comportements et les habitudes des consommateurs. Si ces technologies ne se limitent pas au réseau internet c’est la montée d’internet qui a renouvelé la problématique de la protection du consommateur. En réponse, le législateur ivoirien a, à travers la loi de 2016 relative à la consommation, essayé de s’arrimer aux standards internationaux relatifs à la protection du consommateur. Le nouveau dispositif adopté s’ajoute au droit positif ivoirien et au cadre législatif communautaire (UEMOA et CEDEAO). Cependant, le système se révèle insuffisant et, à certains égards, inadapté à la protection du consommateur, notamment dans l’hypothèse d’une vente conclue par le canal des TIC. Ces insuffisances s’observent au moment de la formation et de l’exécution du contrat de vente. Dans ce contexte, le cadre législatif français qui étend ses sources dans le droit communautaire européen peut, à bien d’égards, inspirer le législateur ivoirien. Il ne s’agit pas de transposer intégralement ce système en droit ivoirien. En effet, à l’épreuve des TIC, la protection du consommateur passe par la recherche de nouveaux points d’équilibre entre le consommateur et le professionnel. / Information and communication technologies (ICTs), which encompass all the tools and techniques resulting from the convergence of telecommunications, have revolutionized the behavior and habits of consumers. These technologies are not limited to the Internet, the rise of which has renewed the problem of consumer protection. In response, the Ivorian legislator, through the 2016 law on consumption, tried to be consistent with international standards relating to consumer protection. The new mechanism adopted is in addition to current Ivorian law and the Community legislative framework (UEMOA and ECOWAS). However, the system is proving insufficient and, in some respects, unsuitable for consumer protection, especially in the event of a sale through the ICT channel. These deficiencies occur at the time of the formation and enforcement of the sales contract. In this context, the French legislative framework that extends its sources in European Community law can, in many ways, inspire the Ivorian legislator. It does not entail the total transposition of the French system into the Ivorian law. Actually, with the new challenges of ICTs, the protection of the consumer can only be guaranteed by the search for equilibrium between the consumer and the professional. Consommateur Commerce électronique Paiement électronique Protection des données personnelles RGPD Consumer E-commerce Electronic payment Personal data protection GDPR 340
356	Scalable access control May, Brian, 1975- January 2001 (has links) Abstract not available Computers -- Access control Computer security Data protection Authentication Multiprogramming (Electronic computers)
357	Transmission of copyrighted works over the internet : rights and exceptions Tao, Hong Unknown Date (has links) This thesis examines the balance between copyright owners and users by studying the nature of the rights and exceptions related to transmission of copyrighted works over the internet, focusing on three different jurisdictions: Australia, Japan and the United States.The choice of Japan and the United States is based on consideration of the following elements: 1. Both countries possess advanced information technology; 2. Both countries too the lead in legislating for copyright protection in the digital environment; 3. Both countries have different legal systems. In the matter of statutory reaction of transmission of works over the internet, there is no uniform solution around the world as the divergent laws in the three chosen countries demonstrate. Copyright and electronic data processing Intellectual property United States Intellectual property Japan Intellectual property Australia Data protection Law and legislation Law (0398)
358	Security metric based risk assessment. Khan, Moazzam 30 April 2013 (has links) Modern day computer networks have become very complex and attackers have benefited due to this complexity and have found vulnerabilities and loopholes in the network architecture. In order to identify the attacks from an attacker all aspects of network architecture needs to be carefully examined such as packet headers, network scans, versions of applications, network scans, network anomalies etc. and after the examination attributes playing a significant impact on the security posture of the organization needs to be highlighted so that resources and efforts are directed towards those attributes. In this work we extensively look at network traffic at dormitory network of a large campus and try to identify the attributes that play a significant role in the infection of a machine. Our scheme is to collect as much attributes from the network traffic applying the heuristic of network infection and then devise a scheme called decision centric rank ordering of security metric that gives the priority to the security metrics so that network administrators can channel their efforts in the right direction. Another aspect of this research is to identify the probability of an attack on a communication infrastructure. A communication infrastructure becomes prone to attack if certain elements exist in it, such as vulnerabilities in the comprising elements of the system, existence of an attacker and motivation for him to attack. Focus of this study is on vulnerability assessment and security metrics such as user behavior, operating systems, user applications, and software updates. To achieve a quantified value of risk, a set of machines is carefully observed for the security metrics. Statistical analysis is applied on the data collected from compromised machines and the quantified value of risk is achieved. Prediction. Risk Security metric Wireless communication systems Computer security Data protection
359	Trusted data path protecting shared data in virtualized distributed systems Kong, Jiantao 20 January 2010 (has links) When sharing data across multiple sites, service applications should not be trusted automatically. Services that are suspected of faulty, erroneous, or malicious behaviors, or that run on systems that may be compromised, should not be able to gain access to protected data or entrusted with the same data access rights as others. This thesis proposes a context flow model that controls the information flow in a distributed system. Each service application along with its surrounding context in a distributed system is treated as a controllable principal. This thesis defines a trust-based access control model that controls the information exchange between these principals. An online monitoring framework is used to evaluate the trustworthiness of the service applications and the underlining systems. An external communication interception runtime framework enforces trust-based access control transparently for the entire system. Trusted data path Context flow control Trust-based access control Attribute based access control Security and privacy Data protection Access control
360	Entwicklung und Betrieb eines Anonymisierungsdienstes für das WWW Köpsell, Stefan 10 March 2010 (has links) (PDF) Die Dissertation erläutert, wie ein Anonymisierungsdienst zu gestalten ist, so daß er für den durchschnittlichen Internetnutzer benutzbar ist. Ein Schwerpunkt dabei war die Berücksichtigung einer möglichst holistischen Sichtweise auf das Gesamtsystem "Anonymisierungsdienst". Es geht daher um die ingenieurmäßige Berücksichtigung der vielschichtigen Anforderungen der einzelnen Interessengruppen. Einige dieser Anforderungen ergeben sich aus einem der zentralen Widersprüche: auf der einen Seite die Notwendigkeit von Datenschutz und Privatheit für den Einzelnen, auf der anderen Seite die ebenso notwendige Überwachbarkeit und Zurechenbarkeit, etwa für die Strafverfolgung. Die Dissertation beschäftigt sich mit dem Aufzeigen und Entwickeln von technischen Möglichkeiten, die zur Lösung dieses Widerspruches herangezogen werden können. Anonymisierung Strafverfolgung Internet WWW Datenschutz anonymity service law enforcement Internet WWW data protection ddc:004 rvk:ST 277

Search results