Spelling suggestions: "subject:"database security"" "subject:"catabase security""
11 |
DeRef: a privacy-preserving defense mechanism against request forgery attacks.January 2011 (has links)
Fung, Siu Yuen. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2011. / Includes bibliographical references (p. 58-63). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iv / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Background and Related Work --- p.7 / Chapter 2.1 --- Request Forgery Attacks --- p.7 / Chapter 2.2 --- Current Defense Approaches --- p.10 / Chapter 2.3 --- Lessons Learned --- p.13 / Chapter 3 --- Design of DeRef --- p.15 / Chapter 3.1 --- Threat Model --- p.16 / Chapter 3.2 --- Fine-Grained Access Control --- p.18 / Chapter 3.3 --- Two-Phase Privacy-Preserving Checking --- p.24 / Chapter 3.4 --- Putting It All Together --- p.29 / Chapter 3.5 --- Implementation --- p.33 / Chapter 4 --- Deployment Case Studies --- p.36 / Chapter 4.1 --- WordPress --- p.37 / Chapter 4.2 --- Joomla! and Drupal --- p.42 / Chapter 5 --- Evaluation --- p.44 / Chapter 5.1 --- Performance Overhead of DeRef in Real Deployment --- p.45 / Chapter 5.2 --- Performance Overhead of DeRef with Various Configurations --- p.50 / Chapter 6 --- Conclusions --- p.56 / Bibliography --- p.58
|
12 |
Towards the development of a defensive cyber damage and mission impact methodologyFortson, Larry W., January 1900 (has links)
Thesis (M.S.)--Air Force Institute of Technology, 2007. / AFIT/GIR/ENV/07-M9. Title from title page of PDF document (viewed on: Nov. 29, 2007). "March 2007." Includes bibliographical references (leaves 226-237).
|
13 |
Vulnerability assessment of Java bytecodeShah, Rahul Arvind.. January 2005 (has links) (PDF)
Thesis(M.S.)--Auburn University, 2005. / Abstract. Vita. Includes bibliographic references.
|
14 |
Methods of detecting intrusions in security protocolsSherwood, Robert William. Burmester, Mike. January 2004 (has links)
Thesis (M. S.)--Florida State University, 2004. / Advisor: Dr. Mike Burmester, Florida State University, College of Arts and Sciences, Dept. of Computer Science. Title and description from dissertation home page (viewed Jan. 18, 2005). Includes bibliographical references.
|
15 |
Trust negotiation for open database access control /Porter, Paul A., January 2006 (has links) (PDF)
Thesis (M.S.)--Brigham Young University. Dept. of Computer Science, 2006. / Includes bibliographical references (p. 41-44).
|
16 |
An audit perspective of data qualityRamabulana, Territon 20 November 2014 (has links)
M.Com. (Computer Auditing) / Please refer to full text to view abstract
|
17 |
A critical review of the IFIP TC11 Security Conference SeriesGaadingwe, Tshepo Gaadingwe January 2007 (has links)
Over the past few decades the field of computing has grown and evolved. In this time, information security research has experienced the same type of growth. The increase in importance and interest in information security research is reflected by the sheer number of research efforts being produced by different type of organizations around the world. One such organization is the International Federation for Information Processing (IFIP), more specifically the IFIP Technical Committee 11 (IFIP TC11). The IFIP TC11 community has had a rich history in producing high quality information security specific articles for over 20 years now. Therefore, IFIP TC11 found it necessary to reflect on this history, mainly to try and discover where it came from and where it may be going. Its 20th anniversary of its main conference presented an opportunity to begin such a study of its history. The core belief driving the study being that the future can only be realized and appreciated if the past is well understood. The main area of interest was to find out topics which may have had prevalence in the past or could be considered as "hot" topics. To achieve this, the author developed a systematic process for the study. The underpinning element being the creation of a classification scheme which was used to aid the analysis of the IFIP TC11 20 year's worth of articles. Major themes were identified and trends in the series highlighted. Further discussion and reflection on these trends were given. It was found that, not surprisingly, the series covered a wide variety of topics in the 20 years. However, it was discovered that there has been a notable move towards technically focused papers. Furthermore, topics such as business continuity had just about disappeared in the series while topics which are related to networking and cryptography continue to gain more prevalence.
|
18 |
Packaged software : security and controls audit reviewVan Heerden, Chris 15 September 2015 (has links)
M.Com. / In recent years large organisations that developed mainframe application software in-house are now purchasing software packages to replace these applications. These advanced packages incorporate a high level of integration and include security and control features to ensure that the integrity of input, processing, output and storage are maintained. Computer auditors are required to evaluate these advanced packaged software to ensure that the security and control features are adequate and comply with organisational standards. Furthermore, they must ensure that the integrity of information systems programs and data are maintained ...
|
19 |
Anti-Tamper Databases: Querying Encrypted DatabasesChung, Sun S. 09 January 2006 (has links)
No description available.
|
20 |
Logic programming based formal representations for authorization and security protocolsWang, Shujing, University of Western Sydney, College of Health and Science, School of Computing and Mathematics January 2008 (has links)
Logic programming with answer set semantics has been considered appealing rule-based formalism language and applied in information security areas. In this thesis, we investigate the problems of authorization in distributed environments and security protocol verification and update. Authorization decisions are required in large-scale distributed environments, such as electronic commerce, remote resource sharing, etc. We adopt the trust management approach, in which authorization is viewed as a ‘proof of compliance" problem. We develop an authorization language AL with non-monotonic feature as the policy and credential specification language, which can express delegation with depth control, complex subject structures, both positive and negative authorizations, and separation of duty concepts. The theoretical foundation for language AL is the answer set semantics of logic programming. We transform AL to logic programs and the authorization decisions are based on answer sets of the programs. We also explore the tractable subclasses of language AL. We implement a fine grained access control prototype system for XML resources, in which the language AL¤ simplified from AL is the policy and credential specification language. We define XPolicy, the XML format of AL¤, which is a DTD for the XML policy documents. The semantics of the policy is based on the semantics of language AL. The system is implemented using Java programming. We investigate the security protocol verification problem in provable security approach. Based on logic programming with answer set semantics, we develop a unified framework for security protocol verification and update, which integrates protocol specification, verification and update. The update model is defined using forgetting techniques in logic programming. Through a case study protocol, we demonstrate an application of our approach. / Doctor of Philosophy (PhD)
|
Page generated in 0.0572 seconds