Global ETD Search

1	Analysis and Evaluation of EndpointSecurity Solutions Bouguetaia, Sabria January 2006 (has links) The main objective for this degree project was to analyze the Endpoint Security Solutions developed by Cisco, Microsoft and a third minor company solution represented by InfoExpress. The different solutions proposed are Cisco Network Admission Control, Microsoft Network Access Protection and InfoExpress CyberGatekeeper. An explanation of each solution functioning is proposed as well as an analysis of the differences between those solutions. This thesis work also proposes a tutorial for the installation of Cisco Network Admission Control for an easier implementation. The research was done by reading articles on the internet and by experimenting the Cisco Network Admission Control solution. My background knowledge about Cisco routing and ACL was also used. Based on the actual analysis done in this thesis, a conclusion was drawn that all existing solutions are not yet ready for large-scale use in corporate networks. Moreover all solutions are proprietary and incompatible. The future possible standard for Endpoint solution might be driven by Cisco and Microsoft and a rude competition begins between those two giants. Cisco NAC Microsoft NAP endpoint security AAA server RADIUS
2	Predicting compliance with prescribed organizational information security protocols Shropshire, Jordan Douglas 13 December 2008 (has links) Why do some employees go out of their way to follow prescribed information security protocols, while others all but ignore organizational information security measures? A body of research known as organizational citizenship behavior provides insight into this issue. Theories of organizational citizenship behavior draw mainly from the psychological and sociological disciplines. They are used to explain the behaviors of employees who act in the best interest of the company, even when they don’t have to. Examples of citizenship behaviors include information sharing, voluntary reduction of compensation, and relinquishment of power for the benefit of the organization (Nathanson & Becker 1973). Although organizational citizenship behavior has seen little exposure in the area of organizational information security compliance, it stands to provide exceptional explanatory power in this area. Information security practices, such as creating difficult passwords or conducting virus scans, are generally seen as additional tasks which require extra effort while offering no gains in personal productivity (Shropshire et al., 2006; Warkentin et al., 2004; Warkentin et al., 2006). These activities could be construed as out-of-role-behaviors because employee compliance may not be mandatory. Furthermore, it is difficult to enforce information security standards (Whitman, 2003). Thus, it would appear that those who follow information security protocols are motivated by something other than financial compensation. Currently, there has been little work toward integrating endpoint security with theories of organizational citizenship behavior. This may be due to two reasons: although it embodies a relatively mature stream of research, organizational citizenship behavior has seen little exposure within the information systems context; secondly, the behavioral aspects of endpoint security remain a critical but overlooked aspect of organizational information security. Therefore, the purpose of this research is to develop a theoretical model for predicting individual compliance with organizational information security practices. The results could be used by managers to more accurately predict adherence to information security practices and to better manage and motivate employees. Such a model might also be of utility in the area of employee selection and screening; recent political and economic events have caused an increase in demand for employees who can be trusted to safeguard sensitive information. This study provides a substantial contribution to knowledge by empirically testing a predictive model for information security compliance among employees. The findings associated with this research are offered in the form of recommendations for future theoretical and empirical research. Practical implications for entrepreneurs and policymakers are also discussed. Protocol Compliance End User Behavior Endpoint Security Organizational Citizenship Behavior
3	Agentless endpoint security monitoring framework Ghaleb, Asem 28 May 2019 (has links) Existing endpoint security monitors use agents that must be installed on every computing host or endpoint. However, as the number of monitored hosts increases, agents installation, con figuration and maintenance become arduous and requires more efforts. Moreover, installed agents can increase the security threat footprint and several companies impose restrictions on using agents on every computing system. This work provides a generic agentless endpoint framework for security monitoring of computing systems. The computing hosts are accessed by the monitoring framework running on a central server. Since the monitoring framework is separate from the computing hosts for which the monitoring is being performed, the various security models of the framework can perform data retrieval and analysis without utilizing agents executing within the computing hosts. The monitoring framework retrieves transparently raw data from the monitored computing hosts that are then fed to the security modules integrated with the framework. These modules analyze the received data to perform security monitoring of the target computing hosts. As a use case, a real-time intrusion detection model has been implemented to detect abnormal behaviors on computing hosts based on the data collected using the introduced framework. / Graduate Agentless Agentless monitoring Agentless security monitoring security framework security monitoring framework endpoint security monitoring security monitoring
4	Visualizing Endpoint Security Technologies using Attack Trees Pettersson, Stefan January 2008 (has links) <p>Software vulnerabilities in programs and malware deployments have been increasing almost every year since we started measuring them. Information about how to program securely, how malware shall be avoided and technological countermeasures for this are more available than ever. Still, the trend seems to favor the attacker. This thesis tries to visualize the effects of a selection of technological countermeasures that have been proposed by researchers. These countermeasures: non-executable memory, address randomization, system call interception and file integrity monitoring are described along with the attacks they are designed to defend against. The coverage of each countermeasure is then visualized with the help of attack trees. Attack trees are normally used for describing how systems can be attacked but here they instead serve the purpose of showing where in an attack a countermeasure takes effect. Using attack trees for this highlights a couple of important aspects of a security mechanism, such as how early in an attack it is effective and which variants of an attack it potentially defends against. This is done by the use of what we call defensive codes that describe how a defense mechanism counters a sub-goal in an attack. Unfortunately the whole process is not well formalized and depends on many uncertain factors.</p> endpoint security attack tree memory corruption non-executable memory address randomization system call interception Computer science Datalogi
5	Firewall Dinâmico: uma implementação cliente/servidor Gonsales Panes, Guilherme [UNESP] 29 July 2011 (has links) (PDF) Made available in DSpace on 2014-06-11T19:24:01Z (GMT). No. of bitstreams: 0 Previous issue date: 2011-07-29Bitstream added on 2014-06-13T20:11:43Z : No. of bitstreams: 1 gonsalespanes_g_me_sjrp.pdf: 460030 bytes, checksum: 52240d29e75235682133dfc019184aff (MD5) / A proteção dos perímetros de segurança realizada através de firewalls somente é eficiente quando o cliente se encontra dentro do perímetro protegido por este firewall. Como mobilidade é um item essencial para as empresas, há um grande desafio na proteção destes clientes computacionais (Laptops e PDAs), pois é necessário aplicar a Política de Segurança da empresa independentemente de onde estes equipamentos estejam se conectando já que a segurança dos dados é fator essencial para garantia e continuidade dos negócios. Este trabalho tem como objetivo apresentar uma solução para este problema, de forma a utilizar ferramentas de firewall existentes, independente da plataforma e do software utilizado. Para tanto, desenvolveu-se um software baseado na arquitetura cliente/servidor, que analisa o ambiente em que o equipamento está conectado, através de um Intrusion Detection System (IDS), e baseado nestas informações recebe do Servidor Firewall um conjunto de regras para ser aplicado no firewall nativo do equipamento independentemente do sistema operacional utilizado. Desta forma é possível garantir que, independentemente do ambiente em que o equipamento esteja conectado, não se deixe de aplicar as regras contidas na Política de Segurança da corporação. O software foi desenvolvido em Java utilizando contents web visando portabilidade de plataforma e usabilidade para os administradores. Os testes desenvolvidos demonstram que o software cumpre o papel proposto de gerenciar as regras de firewall de forma coerente com o ambiente de rede conectada à máquina cliente / The protection of the secure areas performed through firewalls is only effective when the client machine is inside the perimeter protected by the firewall. As mobility is an essential item for companies, there is a big challenge in protecting these mobile devices (Laptops and PDAs). It is necessary to apply the Security Policy company regardless of where these devices are to connecting as data security is an essential factor for securing and business continuity. This paper aims to propose a solution to this problem in order to use firewall tools existing, regardless of platform and application software. We have developed a software architecture based on a client / server approach, which analyzes the environment in which the equipment is connected using an Intrusion Detection System (IDS), and based Server receives this information a set of firewall rules for be applied on the native firewall system independent of the equipment operational use. This way it is possible to ensure that, regardless of the environment in which the equipment is connected, not be sure to apply the rules contained in the Security Policy corporation are always in effect. The software was developed in Java using web contents aiming platform portability, and usability for administrators. The performed tests show that the developed software meets the proposed role of managing the firewall rules consistent with the network environment connected to the client machine Computação Firewall EndPoint Security
6	Firewall Dinâmico : uma implementação cliente/servidor / Gonsales Panes, Guilherme. January 2011 (has links) Orientador: Marcos Cavenaghi / Coorientador: Roberta Spolon / Banca: Aparecido Nilceu Marana / Banca: Hélio Crestana Guardia / Resumo: A proteção dos perímetros de segurança realizada através de firewalls somente é eficiente quando o cliente se encontra dentro do perímetro protegido por este firewall. Como mobilidade é um item essencial para as empresas, há um grande desafio na proteção destes clientes computacionais (Laptops e PDAs), pois é necessário aplicar a Política de Segurança da empresa independentemente de onde estes equipamentos estejam se conectando já que a segurança dos dados é fator essencial para garantia e continuidade dos negócios. Este trabalho tem como objetivo apresentar uma solução para este problema, de forma a utilizar ferramentas de firewall existentes, independente da plataforma e do software utilizado. Para tanto, desenvolveu-se um software baseado na arquitetura cliente/servidor, que analisa o ambiente em que o equipamento está conectado, através de um Intrusion Detection System (IDS), e baseado nestas informações recebe do Servidor Firewall um conjunto de regras para ser aplicado no firewall nativo do equipamento independentemente do sistema operacional utilizado. Desta forma é possível garantir que, independentemente do ambiente em que o equipamento esteja conectado, não se deixe de aplicar as regras contidas na Política de Segurança da corporação. O software foi desenvolvido em Java utilizando contents web visando portabilidade de plataforma e usabilidade para os administradores. Os testes desenvolvidos demonstram que o software cumpre o papel proposto de gerenciar as regras de firewall de forma coerente com o ambiente de rede conectada à máquina cliente / Abstract: The protection of the secure areas performed through firewalls is only effective when the client machine is inside the perimeter protected by the firewall. As mobility is an essential item for companies, there is a big challenge in protecting these mobile devices (Laptops and PDAs). It is necessary to apply the Security Policy company regardless of where these devices are to connecting as data security is an essential factor for securing and business continuity. This paper aims to propose a solution to this problem in order to use firewall tools existing, regardless of platform and application software. We have developed a software architecture based on a client / server approach, which analyzes the environment in which the equipment is connected using an Intrusion Detection System (IDS), and based Server receives this information a set of firewall rules for be applied on the native firewall system independent of the equipment operational use. This way it is possible to ensure that, regardless of the environment in which the equipment is connected, not be sure to apply the rules contained in the Security Policy corporation are always in effect. The software was developed in Java using web contents aiming platform portability, and usability for administrators. The performed tests show that the developed software meets the proposed role of managing the firewall rules consistent with the network environment connected to the client machine / Mestre Ciência da computação. Firewall. eng EndPoint Security. eng
7	Determining the performance costs in establishing cryptography services as part of a secure endpoint device for the Industrial Internet of Things Ledwaba, Lehlogonolo P.I. January 2017 (has links) Endpoint devices are integral in the realisation of any industrial cyber-physical system (ICPS) application. As part of the work of promoting safer and more secure industrial Internet of Things (IIoT) networks and devices, the Industrial Internet Consortium (IIC) and the OpenFog Consortium have developed security framework specifications detailing security techniques and technologies that should be employed during the design of an IIoT network. Previous work in establishing cryptographic services on platforms intended for wireless sensor networks (WSN) and the Internet of Things (IoT) has concluded that security mechanisms cannot be implemented using software libraries owing to the lack of memory and processing resources, the longevity requirements of the processor platforms, and the hard real-time requirements of industrial operations. Over a decade has passed since this body of knowledge was created, however, and IoT processors have seen a vast improvement in the available operating and memory resources while maintaining minimal power consumption. This study aims to update the body of knowledge regarding the provision of security services on an IoT platform by conducting a detailed analysis regarding the performance of new generation IoT platforms when running software cryptographic services. The research considers execution time, power consumption and memory occupation and works towards a general, implementable design of a secure, IIoT edge device. This is realised by identifying security features recommended for IIoT endpoint devices; identifying currently available security standards and technologies for the IIoT; and highlighting the trade-offs that the application of security will have on device size, performance, memory requirements and monetary cost. / Dissertation (MSc)--University of Pretoria, 2017. / Electrical, Electronic and Computer Engineering / MSc / Unrestricted UCTD Cryptography Cyber-Physical Systems Industrial Internet of Things Security Endpoint security Performance evaluation
8	Visualizing Endpoint Security Technologies using Attack Trees Pettersson, Stefan January 2008 (has links) Software vulnerabilities in programs and malware deployments have been increasing almost every year since we started measuring them. Information about how to program securely, how malware shall be avoided and technological countermeasures for this are more available than ever. Still, the trend seems to favor the attacker. This thesis tries to visualize the effects of a selection of technological countermeasures that have been proposed by researchers. These countermeasures: non-executable memory, address randomization, system call interception and file integrity monitoring are described along with the attacks they are designed to defend against. The coverage of each countermeasure is then visualized with the help of attack trees. Attack trees are normally used for describing how systems can be attacked but here they instead serve the purpose of showing where in an attack a countermeasure takes effect. Using attack trees for this highlights a couple of important aspects of a security mechanism, such as how early in an attack it is effective and which variants of an attack it potentially defends against. This is done by the use of what we call defensive codes that describe how a defense mechanism counters a sub-goal in an attack. Unfortunately the whole process is not well formalized and depends on many uncertain factors. endpoint security attack tree memory corruption non-executable memory address randomization system call interception Computer Sciences Datavetenskap (datalogi)

Search results