Global ETD Search

41	Protecting sensitive information from untrusted code Roy, Indrajit 13 December 2010 (has links) As computer systems support more aspects of modern life, from finance to health care, security is becoming increasingly important. However, building secure systems remains a challenge. Software continues to have security vulnerabilities due to reasons ranging from programmer errors to inadequate programming tools. Because of these vulnerabilities we need mechanisms that protect sensitive data even when the software is untrusted. This dissertation shows that secure and practical frameworks can be built for protecting users' data from untrusted applications in both desktop and cloud computing environment. Laminar is a new framework that secures desktop applications by enforcing policies written as information flow rules. Information flow control, a form of mandatory access control, enables programmers to write powerful, end-to-end security guarantees while reducing the amount of trusted code. Current programming abstractions and implementations of this model either compromise end-to-end security guarantees or require substantial modifications to applications, thus deterring adoption. Laminar addresses these shortcomings by exporting a single set of abstractions to control information flows through operating system resources and heap-allocated objects. Programmers express security policies by labeling data and represent access restrictions on code using a new abstraction called a security region. The Laminar programming model eases incremental deployment, limits dynamic security checks, and supports multithreaded programs that can access heterogeneously labeled data. In large scale, distributed computations safeguarding information requires solutions beyond mandatory access control. An important challenge is to ensure that the computation, including its output, does not leak sensitive information about the inputs. For untrusted code, access control cannot guarantee that the output does not leak information. This dissertation proposes Airavat, a MapReduce-based system which augments mandatory access control with differential privacy to guarantee security and privacy for distributed computations. Data providers control the security policy for their sensitive data, including a mathematical bound on potential privacy violations. Users without security expertise can perform computations on the data; Airavat prevents information leakage beyond the data provider's policy. Our prototype implementation of Airavat demonstrates that several data mining tasks can be performed in a privacy preserving fashion with modest performance overheads. / text Security Operating systems Java virtual machine Cloud computing Information flow control Access control Differential privacy
42	Material Handling System Design: A Case-Study in Bosch Rexroth Japan Akincilar, Sera, Rad, Cameron January 2013 (has links) In today’s fierce competitive global markets, customers are demanding adjustable lot sizes, shorter lead times, higher quality and flexibility; in short, they want it all. In order to stay competitive in the market, companies need to attain both customer satisfaction and cost reduction in production operations. Material Handling Systems (MHS) is the place to accomplish this goal, since they have a direct impact on production. Therefore, the aim of this study was to design an in-house MHS that could be efficient for the production it serves. With this intention, a case-study has been conducted in Bosch Rexroth Japan. During the study, the information gathered through various sources; interviews, observations and measurements. Further, the gathered data is evaluated according to main pillars of the theoretical framework, which includes design principles and physical elements, information and software, human and management. By analyzing the findings from literature review and empirical study, first problems and challenges related to MHSs are identified. Thereafter, possible features that the system should posses are elicited and a design is built out of the selected features. To conclude, the results show that the success is not solely depending on system’s physical attributes; on the contrary, it is more related to rapid and accurate information sharing within the system. Another vital element is the interaction between system and the people, who are utilizing and operating the system. In general terms, the research took MHS design problems from one-dimensional equipment selection processes and enriches them by adding information sharing, human and management angles to design steps. Material handling system Just- in-time material supply Milkrun AGV Information flow
43	The Extent Of Information Visualisation In Turkish Construction Industry: A Qfd Approach Erdogan, Bilge 01 December 2003 (has links) (PDF) Distances between dispersed locations may be largely overcome through efficient use of modern data transfer and communication systems. Unfortunately the conclusions drawn from research and surveys carried out in the industry show that companies generally fail in using information technologies properly and that there is a significant communication gap - therefore coordination and cooperation gap - between the site offices and the main office due to data transfer lags and lack of visualised information. How information is presented has a great bearing on quality of information and visualisation is one of the most important tools used to improve data presentation. The purpose of this thesis is to evaluate the extent of visualisation as a communication tool in construction industry and to determine potential benefits to be gained through implementation of visualisation. Therefore, available visualisation resources are investigated among Turkish AEC companies. The current status of visualisation use for communication in construction firms is mapped and described. Information flow contents and types are analysed to determine which information in the construction process can be visually represented. Finally, a QFD approach is used for a combined evaluation of the research findings together with the customer needs and requirements expected from visualised information.
44	Modeling Information Flow in Face-to-Face Meetings while Protecting Privacy Rudolph, Larry, Zhenghao, Chen 01 1900 (has links) Social networks have been used to understand how information flows through an organization as well as identifying individuals that appear to have control over this information flow. Such individuals are identified as being central nodes in a graph representation of the social network and have high "betweenness" values. Rather than looking at graphs derived from email, on-line forums, or telephone connections, we consider sequences of bipartite graphs that represent face-to-face meetings between individuals, and define a new metric to identify the information elite individuals. We show that, in our simulations, individuals that attend many meetings with many different people do not always have high betweenness values, even though they seem to be the ones that control the information flow. / Singapore-MIT Alliance (SMA) social networks universal hashing privacy information flow pervasive computing face-to-face meetings models location tracking
45	Information Flow Security in Component-Based Models : From verification to Implementation / Sécurité du flux d'information : de la vérification à l'implémentation Ben Said, Najah 07 November 2016 (has links) La sécurité des systèmes d'information sont primordiales dans la vie d'aujourd'hui, en particulier avec la croissance des systèmes informatiques complexes et fortement interconnectés. Par exemple, les systèmes bancaires ont l'obligation de garantir l'intégrité et la confidentialité de leurs comptes clients. Le vote électronique, des ventes aux enchères et le commerce doit aussi assurer leurs la confidentialité et l'intégrité.Cependant, la vérification de la sécurité et sa mise en œuvre en distribuée sont des processus lourds en général, les compétences de sécurité avancées sont nécessaires puisque les deux configuration de sécurité et l'implementation de systèmes distribué sont complexes et sujette d'erreurs. Avec les attaques de sécurité divers menés par l'environnement Internet, comment pouvons-nous être sûrs que les systèmes informatiques que nous construisons ne satisfont la propriété de sécurité prévu?La propriété de la sécurité que nous étudions dans cette thèse est la non-ingérence, qui est une propriété globale qui permet de suivre les informations sensibles dans l'ensemble du système et de garantir la confidentialité et l'intégrité. La non-ingérence est exprimée par l'exigence selon laquelle aucune information sur des données secrètes est une fuite à travers l'observation de la variation des données publiques. Cette définition est plus subtile qu'une spécification de base de l'accès légitime pour les informations sensibles, ce qui permet d'exploiter et de détecter les dysfonctionnements et malveillants programmes intrusions pour les données sensibles (par exemple, un cheval de Troie qui envoie des données confidentielles aux utilisateurs non fiables). Cependant, comme une propriété globale, la non-interférence est difficile à vérifier et à mettre en œuvre.À cette fin, nous proposons un flux de conception basée sur un modèle qui assure la propriété non-interference dans un logiciel d'application de son modèle de haut niveau conduisant à la mise en œuvre sécurisée décentralisée. Nous présentons la plateforme secureBIP, qui est une extension pour le modèle à base de composants avec des interactions multi-partie pour la sécurité. La non-interference est garantie à l'aide de deux manières pratiques: (1) nous annotons les variables et les ports du modèle, puis selon un ensemble défini de contraintes syntaxiques suffisantes, nous vérifions la satisfaction de la propriété, (2), nous annotons partiellement le modèle, puis en extrayant ses graphes de dépendances de composition nous appliquons un algorithme de synthèse qui calcule la configuration sécurisée moins restrictive du modèle si elle existe.Une fois que la sécurité des flux d'information est établie et la non-interference est établie sur un modèle de haut niveau du système, nous suivons une méthode automatisée pratique pour construire une application distribuée sécurisée. Un ensemble de transformations sont appliquées sur le modèle abstrait de transformer progressivement en bas niveau des modèles distribués et enfin à la mise en œuvre distribuée, tout en préservant la sécurité des flux d'information. La transformations du modèles remplacent coordination de haut niveau en utilisant des interactions multi-partites par des protocoles en utilisant des envoies et reception de messages asynchrone. La distribution est donc prouvé "sécuriser par construction" qui est, le code final est conforme à la politique de sécurité souhaitée. Pour montrer la facilité d'utilisation de notre méthode, nous appliquons et d'expérimenter sur des études et des exemples de cas réels de domaines d'application distincts. / The security of information systems are paramount in today’s life, especially with the growth of complex and highly interconnected computer systems. For instance, bank systems have the obligation to guarantee the integrity and confidentiality of their costumers accounts. The electronic voting, auctions and commerce also needs confidentiality and integrity preservation.However, security verification and its distributed implementation are heavy processes in general, advanced security skills are required since both security configuration and coding distributed systems are complex and error-prone. With the diverse security attacks leaded by the Internet advent, how can we be sure that computer systems that we are building do satisfy the intended security property?The security property that we investigate in this thesis is the noninterference, which is a global property that tracks sensitive information in the entire system and ensures confidentiality and integrity. Non-interference is expressed by the requirement that no information about secret data is leaked through the observation of public data variation. Such definition is more subtle than a basic specification of legitimate access for sensitive information, allowing to exploit and detect malfunctioning and malicious programs intrusions for sensitive data (e.g, Trojan horse that sends confidential data to untrusted users). However as a global property, the noninterference is hard to verify and implement.To this end, we propose a model-based design flow that ensures the noninterference property in an application software from its high-level model leading to decentralized secure implementation. We present the secureBIP framework that is an extension for the component-based model with multyparty interactions for security. Non-interference is guaranteed using two practical manners: (1) we annotate the entire variables and ports of the model and then according to a defined set of sufficient syntactic constraints we check the satisfaction of the property, (2) we partially annotate the model way and then by extracting its compositional dependency graphswe apply a synthesis algorithm that computes the less restrictive secure configuration of the model if it exists.Once the information flow security is established and non-interference is established on an high-level model of the system, we follow a practical automated method to build a secure distributed implementation. A set of transformations are applied on the abstract model to progressively transform it into low-level distributed models and finally to distributed implementation, while preserving information flow security. Model transformations replace high-level coordination using multiparty interactions by protocols using asynchronous Send/Receive message-passing. The distributedimplementation is therefore proven ”secure-by-construction” that is, the final code conforms to the desired security policy. To show the usability of our method, we apply and experiment it on real case studies and examples from distinct application domains. Non-Interference Verification Security Flux d'information Système distribué Security Non-Interference Verification Information flow Distributed systems 004 510
46	Möjligheter som skapas med förbättrad informationsdelning : En fallstudie på Yilport Gävle AB Hellberg, Svante, Tuvér, Elin January 2018 (has links) Rapporten bygger på en fallstudie som gjorts på Yilport Gävle AB och dess försörjningskedja gällande sågat virke. Informationsdelning mellan aktörer i en försörjningskedja är en viktig del i den dagliga verksamheten. Bristande informationsdelning påverkar flera delar i försörjningskedjan som personalplanering och ledtider. Syftet med denna studie är att kartlägga informationsflödet inom en bulk-terminals försörjningskedja och dess tillhörande aktörer, samt att se över vilka möjligheter som skapas om informationsdelning förbättras mellan aktörer i försörjningskedjan. Teoriavsnittet är uppbyggt med sekundärdata som samlats in via litteraturstudier, och de ämnen som behandlas är logistik, försörjningskedja, information, informationsdelning och hållbarhet. Empirin i studien är insamlad via observationer och intervjuer med Yilport Gävle AB, sågverk, speditör och transportör, vilket alla är aktörer i den aktuella försörjningskedjan. Kartläggningen visar att aktörerna i dagsläget enbart delar information till de som står närmast i försörjningskedjan. Genom att använda sig av gemensamma mål och skapa delaktighet kan arbetet med utökad informationsdelning förbättras. Vilket i sin tur skapar möjligheter för kostnadsreducering, minskade ledtider, lägre lagernivåer och effektivare produktionsplanering. Studien lyfter fram hållbarhet som en möjlig förbättring när det kommer till informationsdelning mellan aktörer i en försörjningskedja. Forskning har tidigare inte lyft hållbarhet som ett möjligt förbättringsområde vid förbättrad informationsdelning. / The report is based on a case study conducted at Yilport Gävle AB and its supply chain for saw timber. Information sharing between actors in a supply chain is an important part of the daily activities and if it lacks in any link it will influence, for instance, lead times and staff planning. The purpose of this study is to map the flow of information within a bulk-terminal supply chain and its associated actors, as well as to review what opportunities are created if information sharing is improved between actors in the supply chain. The theory section is structured with secondary data, collected through literature studies and the topics covered are logistics, supply chain, information, information sharing and sustainability. The empirical data in the study is collected through observations and interviews with Yilport Gävle AB, sawmill, freight forwarder and carrier, all of which are actors in the current supply chain. The mapping shows that actors currently share information only to those closest to them in the supply chain. By using common goals and creating participation, the work on expanded information sharing can be improved. This can create opportunities for cost reduction, reduced lead times, lower inventory levels and more efficient production planning. The study highlights sustainability as a possible improvement when it comes to information sharing between actors in a supply chain. Earlier research has not lifted sustainability as a possible improvement area when improving information sharing. Information flow information sharing supply chain sustainability Informationsflöde informationsdelning försörjningskedja hållbarhet Engineering and Technology Teknik och teknologier
47	Augmented Construction : Developing a framework for implementing Building Information Modeling through Augmented Reality at construction sites Carlsén, Adam, Elfstrand, Oscar January 2018 (has links) Construction projects struggle to meet their budgeted cost, time, and quality requirements due to problems with cross-functional communication, which are made worse due to usage of mediums that are unable to handle the increasingly complex information required in the projects. Visualizing Building Information Models (BIM) through Augmented Reality (AR) on construction sites is believed to have the potential to solve many of the construction industry’s current communication problems. However, although academic efforts have been made regarding BIM through AR, contemporary research is limited to clinical trials and concludes that there is a need for studies conducted in real construction environments; even though practical testing has been conducted within the industry. To address this, the purpose of this report was to compile the academic knowledge and retrieve the experience available in the industry, and provide a situation assessment that updates the field of AR and BIM. Two research questions were formed: ‘What are the opportunities of using BIM through AR at construction sites?’ and ‘Which barriers are affecting the adoption of BIM and AR at construction sites, and what concrete measures can be taken?’. To answer the research questions, an exploratory study with abductive approach was used. The knowledge of industry practitioners with experience of BIM through AR testing, the usability of BIM, or the functionality of AR, was collected through 20 semi-structured interviews. These were analyzed using thematic methodology and the findings tested through a workshop at a major Swedish construction firm. The result confirmed that BIM through AR can solve some of the current communication problems within construction, and several barriers affecting the adoption of AR and BIM were found. These could be categorized into the dimensions: Process, User, or Technology. To each barrier a corresponding measure was identified, for instance; anchor the use of AR and BIM strategically, have an active role in AR development, and create organic dispersion of the technology. The results are also visualized in a roadmap depicting the different steps towards fully implemented AR and BIM. The findings contribute to the academia by extending the field of AR and BIM to include the perspectives of industry actors, and moving the focus of AR and BIM research past initial testing to actual implementation and usage of the technology. The main contribution towards managers is a roadmap which provides a sense of direction by being both a tool for assessing their company’s position along the path of AR and BIM implementation, but also provides insight regarding how to progress to the next step towards achieving fully implemented AR and BIM. Augmented Reality Building Information Modeling Construction Information Flow Engineering and Technology Teknik och teknologier
48	Orderprocess- Hur svårt kan det vara? Arvidsson, Erik, Davidsson, Linnéa January 2018 (has links) Purpose: The study aimed to analyze and visualize the flow of information from the arrival of a complex customer order, until complete technical documentation is submitted to production. To answer the purpose, two questions were formulated. 1. How is order flow from order to production ensured in complex customizations? 2. How can the order flow be visualized to create a united picture in a manufacturing company? Method: To answer the two questions of the study, theory has been collected using literature studies. The theory gathered forms the basis of the study's analysis and has therefore focused on order flow, how these can be designed, how the order process goes on and can be managed, and how an order process can be visualized. Theory obtained in literature studies was summarized in a theoretical framework. The study's empirical data collection consisted of a case study focusing on the ordering process that included document studies, interviews and observation. The empirical data pattern was then compared to the theoretical framework. Based on the pattern comparison, question 1 could be answered and the basis for the visualization discussed in question 2. Findings: The outcome of the study's first question shows how order flow can be ensured from orders to production at manufacturing companies engaged in customized production. The order process and its flow of information can be effectively and safely summarized in nine steps, from the creation of standards to manufacturing production orders. Steps one to three are defined as the initial and most critical phase in which the customer is in focus. Steps four to six concern the internal communication between different departments to process and build a correct order. The final phase includes steps from seven to nine and describes the fulfillment of orders prior to production. The reason for visualizing and creating a united picture of the order flow according to question two is affected by the outcome of question one. The study shows that the order flow can be visualized by establishing a flowchart of the activities in the order flow. The design depends on its context and how the activities in the order process are implemented. Based on this, the principle of creating a visual image is general, but with details that are considered case-specific. Implications: The study contributes theoretically based on a general context about how analysis and visualization of information within the order flow can be handled. The report becomes a reference point for securing the order flow as it is based on previous research linked to the report's areas. The study provides practical support with a basis for ensuring and visualizing the order flow of manufacturing companies for customization. Limitations: The study is a one-case-design study in a specific context where general theory and case unique empirical data have been combined, which affects generalisability. This was compensated by the fact that the company in the study represents manufacturing companies of customized products. Context and order process design affect the visualization and limitations in predicting the outcome. Simplification to ensure order processing rather than solving specific problems in the flow has been of interest. / Syfte: Studien syftade till att analysera och visualisera flödet av information från det att en komplex kundorder anländer, till dess att kompletta tekniska underlag överlämnas till produktion. För att besvara syftet formulerades två frågeställningar. 1. Hur säkerställs orderflödet från order till produktion vid komplexa kundanpassningar? 2. Hur kan orderflödet visualiseras för att skapa en gemensam bild i ett tillverkande företag? Metod: För att besvara studiens två frågeställningar har teori samlats in med hjälp av litteraturstudier. Den teori som samlats in ligger till grund för studiens analys och har därför varit inriktad på orderflöde, hur dessa kan utformas, hur orderprocessen går till och kan hanteras samt hur en orderprocess kan visualiseras. Teori som erhölls vid litteraturstudier sammanfattades i ett teoretiskt ramverk. Studiens empiriska datainsamling bestod av en fallstudie med fokus på orderprocessen som inkluderade dokumentstudier, intervjuer och observation. Den empiriska data mönsterjämfördes sedan mot det teoretiska ramverket. Utifrån mönsterjämförelsen kunde frågeställning 1 besvaras och ligga till grund för visualiseringen som behandlas i frågeställning 2. Resultat: Resultatet av studiens första frågeställning visar hur orderflödet kan säkerställas från order till produktion hos tillverkande företag som bedriver kundanpassad produktion. Orderprocessen och dess informationsflöde kan bedrivas på ett effektivt och säkert sätt sammanfattas i nio steg, från skapande av standarder till upprättande av tillverkningsorder. Steg ett till tre definieras som den inledande och mest kritiska fasen där kunden är i fokus. Steg fyra till sex berör den interna kommunikationen mellan olika avdelningar för att behandla och bygga en korrekt order. Sista fasen inkluderar steg sju till nio och beskriver uppfyllande av order inför produktion. Grunden för att visualisera och skapa en gemensam bild av orderflödet enligt frågeställning två påverkas av resultatet av frågeställning ett. Studien visar på att orderflödet kan visualiseras genom upprättande av ett flödesschema över aktiviteterna i orderflödet. Utformandet är beroende av sin kontext och hur aktiviteterna i orderprocessen genomförs. Utifrån detta är principen för upprättande av en visuell bild generell, men med detaljer som anses fallspecifika. Implikationer: Studien bidrar teoretiskt utifrån ett generellt sammanhang kring hur analys och visualisering av information inom orderflödet kan hanteras. Rapporten blir en referenspunkt för säkerställande av orderflödet då den bygger på tidigare forskning kopplat till rapportens områden. Studien bidrar praktiskt med ett underlag för att säkerställa och visualisera orderflödet hos tillverkande företag vid kundanpassning. Begränsningar: Studien är en enfallsstudie i specifik kontext där allmän teori och fallunik empiri har kombinerats vilket påverkar generaliserbarheten. Detta kompenseras med att företaget i studien representerar tillverkande företag av kundanpassade produkter. Kontext och orderprocessens utformning påverkar visualiseringen och begränsningar i att förutsäga resultatet finns. Förenkling till att säkerställa orderhanteringen snarare än att lösa specifika problem i flödet har varit av intresse. Information flow visualization order process customized manufacturing Informationsflöde visualisering orderhantering kundanpassad tillverkning Engineering and Technology Teknik och teknologier
49	A Fine-Grained Dynamic Information Flow Analysis for Android Apps Sankaran, Shyam January 2017 (has links) (PDF) Android has been steadily gaining popularity ever since its launch in 2008. One of the major factors for this is the easy availability of a large variety of apps. They range from simple apps such as calculator apps to apps which can help people maintain their schedules and thus man-age many aspects of their lives. In addition, a lot of free apps are available to the user thanks to the power of in-app purchases and advertisements. However, these also raise many security concerns. Apps are privy to a lot of private information regarding the user, such as his contacts, location, etc. It is essential to ascertain that apps do not leak such information to untrustworthy entities. In order to solve this problem, there have been many static and dynamic analyses which aim to track private data accessed or generated by the app to its destination. Such analyses are commonly known as Information Flow analyses. Dynamic analysis techniques, such as TaintDroid, tracks private information and alerts the user when it is accessed by speci c API calls. However, they do not track the path taken by the information, which can be useful in debugging and validation scenarios. The first key contribution of this thesis is a model to perform dynamic information ow analysis, inspired by FlowDroid and TaintDroid, which can retain path information of sensitive data in an efficient manner. The model instruments the app and uses path-edges to track the information flows during a dynamic run. We describe the data structure and transfer functions used, and the reasons for its design based on the challenges posed by the Android programming model and efficiency requirements. The second key contribution is the capability to trace the path taken by the sensitive information based on the information obtained during the analysis, as well as the capability to compliment static analyses such as FlowDroid with the output of this analysis. The tests conducted on the implemented model using DroidBench and GeekBench 3 show the precision and soundness of the analysis, and a performance overhead of 25% while real-world apps show negligible lag. All leaks seen in DroidBench where successfully tracked and were verified to be true positives. We tested the model on 10 real-world apps where we find on average about 16.4% of the total path-edges found by FlowDroid. Android Apps FlowDroid TaintDroid Computer Science
50	Uplatnění logistiky v období povodní ve vybrané lokalitě / Use of logistics during floods in the chosen locality PETRÁSEK, Martin January 2016 (has links) The main objective of this thesis was analyzing material and information flow during floods in the chosen company. I have chosen company JITEX Písek a.s., which had to face to huge flood in year 2002. The sub-objective was found options of improvement in these flows, which are described in conclusion of this thesis. For gain of important information were used structured interviews with the managers of JITEX like Technical Director and Production Manager. On the basis of the data was a detailed description of the information and material flow and measures, which the company had to accept. Follow evaluation of the impact of the floods on other business activity.

Search results