71 |
Från bläck till klick – en modernisering av ärvdabalkens formkrav? Särskilt om elektronisk underskrift kan förstärka skyddet av testators vilja / A modernized Inheritance Code with electronic signatures?Le, Lilian January 2024 (has links)
This master thesis examines the interpretation of formal requirements when establishing a will according to the Inheritance Code. Chapter 10, paragraph 1 contains the main formal requirements for an ordinary will. The formal requirements are based on principles to preserve the testator’s intent. According to the legislator, the testator’s intent should be considered and preserved to the greatest extent possible, if the testator has established a valid will before deceasing. To gain validity, the will must contain a declaration and the testator’s signature in writing. The signature must also be signed or declared in front of two witnesses. However, the law does not specify any requirements of personal signatures, or if the signature needs to be written by a pen. This opens for a discussion if wills can be signed with electronic signatures. Additionally, the law does not protect a valid will from disappearing since the formal requirements do not require any formal registration that a will exist. Hence, there is a lack of regulation and interoperation of the formal requirements. The purpose of this thesis is to examine if the formal requirements fulfill their essential purposes of the protection of a testator’s intent and if the protection can be enhanced with electronic signatures. The results of the research are as follows: Chapter 10, paragraph 1 does not explicitly prohibit electronic signature, although a personal signature is customary. Advanced electronic signatures, based on EU regulations and the interpretation of Swedish legislation and case law, should not be denied legal effect unless there is a specific national law that requires a personal signature. Although there is no explicit law that prohibits an electronic signature on ordinary wills, the legislator has not commented on this. There is a substantial need for guidance by the legislator on this issue, and guidance whether a copy of a will is equally valid as the original document. In conclusion, the Inheritance Code does not require a personal signature for a valid ordinary will. Protection of the testator’s intent can be enhanced with an electronic registration of the will; however, this requires that the will can be established in an electronic way. Hence, the signature must be an electronic signature. The formal requirements should not extend to a mandatory registration of the will, but the registration should be voluntary.
|
72 |
Corporate Network : Security AspectsNikolov, Nikolay January 2010 (has links)
Every corporation using IT technologies needs a good and carefully secured network design. The IT security is a key factor of a normal functional of the whole corporation and all its sections. There different methods and concepts for providing different level of IT security. Some of them are very important and should be implemented in every corporate network. There are a lot of services providing inside and outside the corporation network. Increasing the number of services like web services, mail services, file services and other, the number of eventual security issues is rising. The security methods of each of provided services are different and it is required a professional with deep knowledge about this service functionality if it is needed to be good applied. Operation system and application hardering are methods which are not so hard for applying, like configuring proxy server or firewalls, but they could increase the security drastic. In a combination with simple configured security devices, the results could be very impressive. Choosing the right methodology and framework of designing a secured network is important part of entire process. With the right methodology designing could be easier and more effective.
|
73 |
Nástroj pro ověřování elektronických podpisů na PDF dokumentech / A tool for validating electronic signatures on PDF documentsSelement, Pavel January 2013 (has links)
The subject of this graduation thesis is to study internal electronic signatures in PDF documents. The thesis introduces general principles of electronic signatures, deals with the internal structure of PDF documents including the connection of electronic signatures and describes the process of verifying an electronic signature. An integral part of this thesis is an implementation of an application, which performs verification of electronic signatures in a PDF document. The aim of this application is to verify the digital signature embedded in a PDF document according to the current legislation of the Czech Republic, while allowing users to change extensively the rules for evaluating the validity of the signature. Powered by TCPDF (www.tcpdf.org)
|
74 |
Secure Management System for UPnP Digital Home NetworkLu, Yu-Chun 16 August 2010 (has links)
The rapid development in wireless network technology, together with the extensive progress in the digital home hardware and software, have allowed every family to enjoy the conveniences of these new technologies. In particular, the UPnP network technologies link various digital home devices together, coming alone with seamless connection and configuration-less environment. These benefits make it very easy for users to enjoy their digital home devices. However, related security issues have begun to surface one after another. Under a UPnP network environment, users¡¦ identity are not distinguished and therefore, they can not authorize the usage of those devices, services and content. Devices with similar types of service and content lack of integration, it is inconvenient when users need to search or access. In addition, there seems to be a lack of proper handling mechanisms when these devices, services, and content encounter anomaly problems and errors. Lastly, family users will also inevitably have connection requirements between homes but unfortunately, the current UPnP network environment is unable to provide convenient and secured home-to-home content exchange mechanisms.
To address the issues mentioned above, this study surveyed the UPnP network environment from a fresh perspective. And through virtual resources, central control network framework and fault tolerance design, it further provides abilities to do related resource authentication, authorization, auditing, and fault handling. It also uses PKI framework to provide the authentication and secure connection between homes. Lastly, we designed and implemented a secure Management System for a UPnP digital home network. It provides secure and convenient home network environment that is compatible with UPnP/UPnP AV standards. On the user¡¦s control aspect, we provided user authentication, authorization, and auditing functionalities. On the home resource management aspect, we provided networks, devices, services, and content which can be controlled and managed. And we also provide integrated and customized entries for service and content. We have a management system with smart and user friendly features. On the anomaly management aspect, we provide fault detection, handling, and basic fault tolerance mechanism. Lastly, we provide trusted homes mechanism, supporting secure user roaming outside their homes, allowing content sharing between trusted homes, and ensuring that users roaming in other locations may still access specific content in their homes.
|
75 |
Visually sealed and digitally signed electronic documents: Building on Asian tradition.Liu, Yin - Miao January 2004 (has links)
E-commerce has developed through the use of digital signatures, employing various forms of Public Key Infrastructure (PKI) to ensure the secure usage of digital signatures. Digital signatures are designed to facilitate the functions of traditional seals and handwritten signatures for the purposes of authentication, data integrity, and non-repudiation within the e-commerce environment. Historically, the authenticity of documentation has always been verified by the application of a recognisable visual stimulus to the document; however, the current digital signature regime overlooks the importance of this analogous sense of visualisation. One of the primary problems with existing digital signatures is that a digital signature does not "feel" like, or resemble, a traditional seal to the human observer, as it does not have a personal, recognisable, or aesthetic sense of visualisation. Currently, digital signatures, such as the OpenPGP (Pretty Good Privacy) digital signature, are attached to the end of an electronic document as a stream of printable ASCII characters. (RFC2440) This appears to the average user as a long, incomprehensible string of random characters offering no sense of identity or ownership by simple visual inspection. Additionally, digital signatures change each time they are applied, in contrast to traditional seals that remain consistent personal identifiers associated with individual signatories. The goal of this research is to promote enhancements to existing digital signature schemes in order to bridge the cultural gap between traditional seals and digital signatures. Culturally friendly features integrated into the digital signature have the potential to increase user acceptability of global e-commerce. This research investigates traditional seal cultures within the context of modern digital signatures, identifying the need to develop a new, culturally friendly, visualised digital signature scheme. The principles behind digital signatures are reviewed and the essential roles and responsibilities of a PKI are addressed. A practical analysis of PKI implementation is also essential. Taiwan is selected as the focus of this research since its heritage is deeply rooted in, and strongly adheres to the Chinese seal culture. The Taiwanese government is in the process of adapting the traditional seal certificate system to the electronic digital signature system. Therefore it is pertinent to review the PKI implementation and digital signatures applications in Taiwan in this study. The purpose of this research is to make the intangible digital signature virtually tangible; i.e., to incorporate visualisation into the current digital signature practice. This research defines new private extensions to the X.509 v3 certificate, recommending that conforming visualised digital signature applications should then be developed to generate and/or recognise visual digital certificates in support of the proposed visualised digital signature scheme. The processes of visualised digital signature creation and of verification through the application of the visualised digital certificate are then explained. This is accompanied by a model of system analysis for developers of conforming implementations of this specification. This allows developers the freedom to select appropriate developing tools. An analysis of this research evaluates the quality of integrity, security, interoperability, performance, and flexibility offered by this proposal.Future directions for furthering research development conclude this dissertation.
|
76 |
Evaluation de la confiance dans les architectures de sécurité / Trust evaluation in security architecturesOrfila, Jean-Baptiste 03 July 2018 (has links)
Dans un monde de plus en plus connecté, la question de la confiance dans les sys-tèmes d’information qui nous entourent devient primordiale, et amène naturellement à des interrogations quant à leur sécurité. Les enjeux de cette dernière concernent autant la confidentialité des données individuelles que la protection des architectures critiques, notamment déployées dans le domaine de l’énergie et du transport. Dans cette thèse, nous abordons trois problématiques liées aux architectures de sécurité des systèmes d’information. Tout d’abord, nous proposons une architecture pour un module de rupture protocolaire, fournissant une protection face aux attaques utilisant le réseau comme vecteur. Grâce à l’isolation et le filtrage des échanges qu’il réalise, nous montrons que ce nouvel équipement est particulièrement adapté à la sécurisation des systèmes de contrôle-commandes. Nous abordons ensuite le thème de la sécurité des utilisateurs finaux ou objets connectés, par la définition d’une Infrastructure de Gestion de Clefs (IGC) centrée sur ces derniers, dénommée LocalPKI. Elle repose sur l’utilisation de certificats auto-signés, et son objectif est d’allier la simplicité des IGC pair-à-pair avec la sécurité des IGC hiérarchiques.Enfin, nous nous intéressons à l’amélioration du mécanisme des ancres de confiance pour les autorités de certification, utilisé par exemple dans PKIX et LocalPKI. A cet égard, nous commençons par définir des protocoles multi-parties permettant de calculer des produits scalaires et matriciels, préservant la confidentialité des données. Nous montrons finalement comment les appliquer dans le cadre de l’agrégation de confiance, et par conséquent à la réputation des autorités de certification / In a increasingly connected world, trust in information systems is essential. Thus, many questions about their security arise. Topics of these questions include individual data confidentiality as well as protection of Industrial Critical Systems(ICS). For instance, ICS are deployed in sectors including energy or transportation where security is of high importance. In this thesis, we address three problems related to the security architecture of information systems. We first propose an architecture for a protocol splitting device. This provides protection against networkattacks by isolating and filtering data exchanges. We show that this new security equipment is well suited for ICS. Then, we focus on end-user security. We define a user-centric Public Key Infrastructure (PKI) called LocalPKI. By using self-signed certificates, this infrastructure combines the user-friendliness of PGP-based PKI and the security of hierarchical PKI. Finally, we improve the trust anchormechanism. It is employed by Certification Authorities (CA) and especially used in PKIX or LocalPKI. In that respect, we first define multi-party protocols to securely compute dot and matrix products. Then, we explain how to apply them on trust aggregations and thus on the reputation of certification authorities.
|
77 |
Uma arquitetura para autenticação de dispositivos móveis através de uma infra-estrutura de chave pública. / An architecture for authentication of mobile devices through a public key infrastructure.CAMINHA, Jean. 20 August 2018 (has links)
Submitted by Johnny Rodrigues (johnnyrodrigues@ufcg.edu.br) on 2018-08-20T20:19:30Z
No. of bitstreams: 1
JEAN CAMINHA - DISSERTAÇÃO PPGEE 2006..pdf: 1518338 bytes, checksum: e7ba2faff350c19009f55c5eec73fc4a (MD5) / Made available in DSpace on 2018-08-20T20:19:30Z (GMT). No. of bitstreams: 1
JEAN CAMINHA - DISSERTAÇÃO PPGEE 2006..pdf: 1518338 bytes, checksum: e7ba2faff350c19009f55c5eec73fc4a (MD5)
Previous issue date: 2006-12-22 / A identificação de objetos que participam de uma arquitetura de processamento
de dados é uma preocupação relevante para a segurança das informações e fator
decisivo para a utilização de serviços que utilizam dados sensíveis. Este trabalho propõe
uma arquitetura para a autenticação de dispositivos móveis utilizando a Infra-estrutura
de Chave Pública (PKI) e o Protocolo de Iniciação de Sessões (SIP) de modo a
minimizar as limitações de armazenamento e processamento destes aparelhos. / The identification of objects that participates of architecture of data processing is
a concern for information security and decisive factor for services that need manipulate
sensible data. This work considers architecture for mobile devices authentication
through in a Public Key Infrastructure and the Session Initiation Protocol (SIP) as a way
to minimize storage and processing limitations of those devices.
|
78 |
Superando os riscos da seguran?a baseada em per?metro - Uma abordagem com identifica??o federada atrav?s de certificados digitais A3/ICP-Brasil e SAMLSouza, Wellington Silva de 18 February 2013 (has links)
Made available in DSpace on 2014-12-17T14:56:15Z (GMT). No. of bitstreams: 1
WellingtonSS_DISSERT.pdf: 5097418 bytes, checksum: 0861f0beded3a7d7e387f3b5d7f448ed (MD5)
Previous issue date: 2013-02-18 / The traditional perimeter-based approach for computer network security (the castle
and the moat model) hinders the progress of enterprise systems and promotes, both in
administrators and users, the delusion that systems are protected. To deal with the new
range of threats, a new data-safety oriented paradigm, called de-perimeterisation , began
to be studied in the last decade. One of the requirements for the implementation of the
de-perimeterised model of security is the definition of a safe and effective mechanism for
federated identity. This work seeks to fill this gap by presenting the specification, modelling
and implementation of a mechanism for federated identity, based on the combination
of SAML and X.509 digital certificates stored in smart-cards, following the A3 standard
of ICP-Brasil (Brazilian official certificate authority and PKI) / A vis?o tradicional de seguran?a em redes de computadores, baseada em per?metro
(modelo do castelo e fosso ), al?m de entravar a evolu??o dos sistemas corporativos,
cria, tanto em administradores quanto usu?rios, a falsa ilus?o de prote??o. Para lidar com
a nova gama de amea?as, um novo paradigma orientado ? seguran?a intr?nseca dos dados,
chamado deperimetriza??o , come?ou a ser estudado na ?ltima d?cada. Um dos requisitos
para a implanta??o do modelo deperimetrizado de seguran?a ? a defini??o de um
mecanismo seguro e eficaz de identifica??o federada. Este trabalho busca preencher essa
lacuna, apresentando a especifica??o, modelagem e implementa??o de um mecanismo de
identifica??o federada, baseado na conjun??o do protocolo SAML e certificados digitais
X.509 armazenados em cart?es-inteligentes, padr?o A3/ICP-Brasil
|
79 |
Refined Access Control in a Distributed Environment / Finkornig åtkomstkontroll i en distribuerad miljöBoström, Erik January 2002 (has links)
In the area of computer network security, standardization work has been conducted for several years. However, the sub area of access control and authorization has so far been left out of major standardizing. This thesis explores the ongoing standardization for access control and authorization. In addition, areas and techniques supporting access control are investigated. Access control in its basic forms is described to point out the building blocks that always have to be considered when an access policy is formulated. For readers previously unfamiliar with network security a number of basic concepts are presented. An overview of access control in public networks introduces new conditions and points out standards related to access control. None of the found standards fulfills all of our requirements at current date. The overview includes a comparison between competing products, which meet most of the stated conditions. In parallel with this report a prototype was developed. The purpose of the prototype was to depict how access control could be administered and to show the critical steps in formulating an access policy.
|
80 |
En säkerhetsgranskning av Secure Application FrameworkNorling, Sebastian January 2013 (has links)
Företaget Wireless Independent Provider (WIP) har tagit fram ett säkerhetsramverk vid namn Secure Application Framework (SAF) som är ett väldokumenterat ramverk för att skapa säkra interna företagsappar. Syftet med detta ramverk är att lösa problematiken kring Bring Your Own Device (BYOD) – hur man ska skilja på privat data och företagets data i enheten. Med ett sådant system så finns det mycket att tänka på rörande säkerheten. Genom att identifiera ett antal olika hot och genomföra en riskanalys på dessa kommer man fram till att systemet är skyddat mot majoriteten av hoten, det finns dock förslag till förbättringar på enstaka delar av systemet. Det genomförs även prestandatester och undersökning av lavineffekten för ett antal olika symmetriska krypteringsalgoritmer i syfte att fastslå om den använda algoritmen i systemet har fördelar jämfört med andra moderna krypteringsalgoritmer. Utifrån resultaten som tagits fram i detta arbete så konstateras det att skyddet mot de identifierade hoten är mycket bra samt att det inte finns någonting som skulle motivera ett byte av den symmetriska krypteringsalgoritmen.
|
Page generated in 0.0225 seconds