Global ETD Search

11	Network Capability Analysis and Related Implementations Improvements Recommendations Tabassum, Mujahid, Elkhateeb, Khamees January 2009 (has links) The networking field has become a core component for any company. All of the businesses rely on the networking industry, due its vastness and significance. Every day companies are planning and thinking to develop better strategies that can offer efficient and reliable communication solutions between their employees and customers for maximum revenue. The planning of a company’s network requires a lot of resources and aspects to study, and to evaluate them carefully to build a comprehensive secure and reliable platform. It is the job of a network administrator to take care of the company’s network infrastructure and upgrade or update the required components and applications from time-to-time that can follow new standards. This thesis is a practical work aimed to evaluate a company network infrastructure in its real environment. The purpose of this thesis is to evaluate different aspects of the network infrastructure used such as VPN, WLAN, firewall and physical security and give recommendations to make their performance better and to offer more advanced strategies. This study will also provide an inclusive observation of the company’s needs and their network infrastructure, and will provide a concept how to evaluate and fix small mistakes, the kind of problems that can occur in an evolving company network. Lastly, this research will make recommendations and suggest a possible implementation on the studied network infrastructure. Virtual Private Network Wireless LANs Physical Security Firewall Access and Authentication Disaster Recovery Plan
12	Sécurité physique de la cryptographie sur courbes elliptiques / Physical security of elliptic curve cryptography Murdica, Cédric 13 February 2014 (has links) La Cryptographie sur les Courbes Elliptiques (abréviée ECC de l'anglais Elliptic Curve Cryptography) est devenue très importante dans les cartes à puces car elle présente de meilleures performances en temps et en mémoire comparée à d'autres cryptosystèmes asymétriques comme RSA. ECC est présumé incassable dans le modèle dit « Boite Noire », où le cryptanalyste a uniquement accès aux entrées et aux sorties. Cependant, ce n'est pas suffisant si le cryptosystème est embarqué dans un appareil qui est physiquement accessible à de potentiels attaquants. En plus des entrés et des sorties, l'attaquant peut étudier le comportement physique de l'appareil. Ce nouveau type de cryptanalyse est appelé cryptanalyse physique. Cette thèse porte sur les attaques physiques sur ECC. La première partie fournit les pré-requis sur ECC. Du niveau le plus bas au plus élevé, ECC nécessite les outils suivants : l'arithmétique sur les corps finis, l'arithmétique sur courbes elliptiques, la multiplication scalaire sur courbes elliptiques et enfin les protocoles cryptographiques. La deuxième partie expose un état de l'art des différentes attaques physiques et contremesures sur ECC. Pour chaque attaque, nous donnons le contexte dans lequel elle est applicable. Pour chaque contremesure, nous estimons son coût en temps et en mémoire. Nous proposons de nouvelles attaques et de nouvelles contremesures. Ensuite, nous donnons une synthèse claire des attaques suivant le contexte. Cette synthèse est utile pendant la tâche du choix des contremesures. Enfin, une synthèse claire de l'efficacité de chaque contremesure sur les attaques est donnée. / Elliptic Curve Cryptography (ECC) has gained much importance in smart cards because of its higher speed and lower memory needs compared with other asymmetric cryptosystems such as RSA. ECC is believed to be unbreakable in the black box model, where the cryptanalyst has access to inputs and outputs only. However, it is not enough if the cryptosystem is embedded on a device that is physically accessible to potential attackers. In addition to inputs and outputs, the attacker can study the physical behaviour of the device. This new kind of cryptanalysis is called Physical Cryptanalysis. This thesis focuses on physical cryptanalysis of ECC. The first part gives the background on ECC. From the lowest to the highest level, ECC involves a hierarchy of tools: Finite Field Arithmetic, Elliptic Curve Arithmetic, Elliptic Curve Scalar Multiplication and Cryptographie Protocol. The second part exhibits a state-of-the-art of the different physical attacks and countermeasures on ECC.For each attack, the context on which it can be applied is given while, for each countermeasure, we estimate the lime and memory cost. We propose new attacks and new countermeasures. We then give a clear synthesis of the attacks depending on the context. This is useful during the task of selecting the countermeasures. Finally, we give a clear synthesis of the efficiency of each countermeasure against the attacks. Sécurité physique Attaques en fautes ECC Physical security Attacks faults Elliptic curve cryptography
13	Quality Control Tools for Cyber-Physical Security of Production Systems Elhabashy, Ahmed Essam 15 January 2019 (has links) With recent advancements in computer and network technologies, cyber-physical systems have become more susceptible to cyber-attacks; and production systems are no exception. Unlike traditional Information Technology (IT) systems, cyber-physical systems are not limited to attacks aimed at Intellectual Property (IP) theft, but also include attacks that maliciously affect the physical world. In manufacturing, such cyber-physical attacks can destroy equipment, force dimensional product changes, alter a product's mechanical characteristics, or endanger human lives. The manufacturing industry often relies on modern Quality Control (QC) tools to protect against quality losses, such as those that can occur from an attack. However, cyber-physical attacks can still be designed to avoid detection by traditional QC methods, which suggests a strong need for new and more robust QC tools. Such new tools should be able to prevent, or at least minimize, the effects of cyber-physical attacks on production systems. Unfortunately, little to no research has been done on using QC tools for cyber-physical security of production systems. Hence, the overarching goal of this work is to allow QC systems to be designed and used effectively as a second line of defense, when traditional cyber-security techniques fail and the production system is already breached. To this end, this work focuses on: 1) understanding the role of QC systems in cyber-physical attacks within manufacturing through developing a taxonomy encompassing the different layers involved; 2) identifying existing weaknesses in QC tools and exploring the effects of exploiting them by cyber-physical attacks; and 3) proposing more effective QC tools that can overcome existing weaknesses by introducing randomness to the tools, for better security against cyber-physical attacks in manufacturing. / Ph. D. / The recent technological developments in computers and networking have made systems, such as production systems, more vulnerable to attacks having both cyber and physical components; i.e., to cyber-physical attacks. In manufacturing, such attacks are not only capable of stealing valuable information, but can also destroy equipment, force physical product changes, alter product’s mechanical characteristics, or endanger human lives. Typically, the manufacturing industry have relied on various Quality Control (QC) tools, such as product inspection, to detect the effects caused by these attacks. However, these attacks could be still designed in a way to avoid detection by traditional QC methods, which suggests a need for new and more effective QC tools. Such new tools should be able to prevent, or at least minimize, the effects of these attacks in manufacturing. Unfortunately, almost no research has been done on using QC tools for securing production systems against these malicious attacks. Hence, the overarching goal of this work is to allow QC systems to be designed in a more effective manner to act as a second line of defense, when traditional cyber-security measures and attackers have already accessed the production system. To this end, this work focuses on: 1) understanding the role of QC systems during the attack; 2) identifying existing weaknesses in QC tools and determining the effects of exploiting them by the attack; and 3) proposing more effective QC tools, for better protection against these types of cyber-physical attacks in manufacturing. Advanced Production Systems Cyber-Physical Attacks Cyber-Physical Security Quality Control Statistical Process Control
14	A Physical Hash for Preventing and Detecting Cyber-Physical Attacks in Additive Manufacturing Systems Brandman, Joshua Erich 22 June 2017 (has links) This thesis proposes a new method for detecting malicious cyber-physical attacks on additive manufacturing (AM) systems. The method makes use of a physical hash, which links digital data to the manufactured part via a disconnected side-channel measurement system. The disconnection ensures that if the network and/or AM system become compromised, the manufacturer can still rely on the measurement system for attack detection. The physical hash takes the form of a QR code that contains a hash string of the nominal process parameters and toolpath. It is manufactured alongside the original geometry for the measurement system to scan and compare to the readings from its sensor suite. By taking measurements in situ, the measurement system can detect in real-time if the part being manufactured matches the designer's specification. A proof-of-concept validation was realized on a material extrusion machine. The implementation was successful and demonstrated the ability of this method to detect the existence (and absence) of malicious attacks on both process parameters and the toolpath. A case study for detecting changes to the toolpath is also presented, which uses a simple measurement of how long each layer takes to build. Given benchmark readings from a 30x30 mm square layer created on a material extrusion system, several modifications were able to be detected. The machine's repeatability and measurement technique's accuracy resulted in the detection of a 1 mm internal void, a 2 mm scaling attack, and a 1 mm skewing attack. Additionally, for a short to moderate length build of an impeller model, it was possible to detect a 0.25 mm change in the fin base thickness. A second case study is also presented wherein dogbone tensile test coupons were manufactured on a material extrusion system at different extrusion temperatures. This process parameter is an example of a setting that can be maliciously modified and have an effect on the final part strength without the operator's knowledge. The performance characteristics (Young's modulus and maximum stress) were determined to be statistically different at different extrusion temperatures (235 and 270 °C). / Master of Science additive manufacturing 3D printing cyber-physical security physical hash in situ monitoring side-channel measurement
15	Integrated Security by using MPLS-VPN for Retail-Banking Network : Case study Mehr bank, Iran H.Daryani, Sara, Taslimi, Pouria January 2010 (has links) <p>The studied application area is a private bank with different branches located in different provinces around the country. There was not integrated security solution to provide communication among different branches. Some of these branches could communicate through the satellite and the others could communicate through a different technology, such as asynchronous transfer mode (ATM).</p><p>Different bank security policies were applied and maintained for different branches separately. In addition, the number of branches is expected to grow during coming year in each province.</p><p>The old topology was partial mesh and it could not support enough redundancy in case of disruption. If a connection between two branches failed, other branches might lose their connectivity as well. In addition, it could not achieve optimum routing.</p><p>Providing integrated quality of service (QoS) for the wide area network (WAN) by using different technologies is not easy to achieve, and it causes so many problems for the system. The bank uses a variety of protocols for different applications, depending on its demand, so the new applied technology should not depend on protocols, or at least should support different protocols at a same time. In the old technology, the bank was responsible for granting availability and connectivity maintenance. Providing proper bandwidth is an important aspect in the bank scenario and for the old technology; supplying enough bandwidth was costly.</p><p>As mentioned above, the old applied technology was dependent upon different protocols. Therefore, packets in different open system interconnection layers (OSI layers) would have to check thoroughly to find the source/ destination address, data and so on, to reach the correct destination. This might cause security problems for entire system. In addition, processing packet in each layer of the OSI model is time consuming.</p><p>One important aspect for the retail-banking scenario is considering all features of the security domain, such as security policy, information security, physical security, access level control, integrated security for the system and so on. Some features of the security domain in this project were not covering completely, such as integrated information security, merged security policy, and integrated physical security for the system.</p><p>In this project, all mentioned problems are solved by implementing a specific communication technology which can overcome the problems above. This technology supports multiple protocols, and it provides fast and secure communication. It can also cover redundancy and it does not cost as much as previous technologies like ATM and satellite. Easy provisioning is one feature of this technology. In this technology, the service provider is responsible for granting availability and connectivity maintenance.</p><p>The mentioned features of the security domain, which were not covered by the old technology, will be covered by a proper, integrated security solution. The IP-based physical security systems provide centralized monitoring and they can define a merged security policy for all different branches around the country. Specific, pre-defined scenarios are created for different events in different situations.</p> MPLS Security Integrated IP base IP enable Physical security Bank Computer and systems science Data- och systemvetenskap Information technology Informationsteknologi Computer engineering Datorteknik Computer science Datavetenskap
16	Functional local community in Lithuanian villages and towns / Funkcionali vietos bendruomenė Lietuvos kaimuose ir miesteliuose Nefas, Saulius 11 February 2008 (has links) The dissertation was prepared in 2000–2004 at the Vilnius Pedagogical University and in 2004-2007 at Mykolas Romeris University, The dissertation is defend without PhD studies Scientific supervisor: Prof. Habil. Dr. Stasys Puškorius (Mykolas Romeris University, Social Sciences, Management and Administration, 03S). The doctoral dissertation will be defended at the Management and Administration Research Council of Mykolas Romeris University: Chairman of the Council: Prof. Habil. Dr. Adolfas Kaziliūnas (Mykolas Romeris University, Social Sciences, Management and Administration, 03S) Members: Prof. Dr. Eugenijus Chlivickas (Vilnius Gediminas Technical University, Social Sciences, Management and Administration, 03S) Assoc. Prof. Dr. Jolanta Palidauskaitė (Kaunass University of Technology, Social Science, Sociology 05S) Prof. Dr. Alvydas Pumputis (Mykolas Romeris University, Social Sciences, Law 01S) Prof. Habil. Dr. Stasys Puškorius (Mykolas Romeris University, Social Sciences, Management and Administration 03S) Opponents: Prof. Habil. Dr. Borisas Melnikas (Vilnius Gediminas Technical University, Social Sciences, Management and Administration 03S) Prof. Habil. Dr. Vygantas K. Paulikas (Mykolas Romeris University, Social Sciences, Management and Administration 03S) The public defence of the doctoral dissertation will take place at Management and Administration Research Council on 28th December, 2007 at 10 a.m. in the Senate Hall of Mykolas Romeris University (Room... [to full text] / Informacija apie disertacijos autorių: Saulius Nefas( 8 gruodžio 1960) 1978 baigė Ukmergės raj Taujėnų vidurinę mokyklą, 1978 – 1983 studijavo Vilniaus pedagoginiame institute ir įgijo istorijos mokytojo specialybę. 1997 – 2002 sociologijos studijos Vilniaus pedagoginiame universitete. Darbinė patirtis: 1983 – 1990 istorijos mokytojas Anykščių rajono Viešintų ir Anykščių Antano Vienuolio vidurinėse mokyklose. 1990 – 1995 ir 2000 – 2004 Anykščių Antano Vienuolio gimnazijos direktorius. 1995-2000 - Anykščių rajono meras. 2004 - Lietuvos Respublikos seimo narys. Nuo 2005 metų dirba lektoriumi M. Romerio universiteto Viešojo administravimo fakultete. REZIUMĖ Šiuolaikiniame pasaulyje pastebime, kaip kinta žmonių mąstysena, drauge ir įvairių socialinių grupių saviorganizacijos veiksniai. Tradicinės ideologijos vis mažiau beatspindi daugumos žmonių mąstymą, pastebime, kad įsivyraujant neribotam pliuralizmui išryškėja naujos idėjos. Kartais tai būna atgimusios senos, anksčiau gyvavusios idėjos. Pavyzdys – komunitarizmo idėja, dalies šalininkų įsitikinimu, jau nusipelnanti ideologijos vardo. <...> Nagrinėdami komunitarų idėjas, matome, kad daugelį jų galime rasti ir konservatorių, ir krikščionių demokratų, ir socialistų utopistų ar net anarchistų – komunistų ideologijose“ Todėl šiuolaikiniam žmogui būtina atsirinkti iš daugybės ryškių ir ne tokių ryškių ideologinių nuostatų ir išspręsti dvigubą uždavinį: identifikuoti naujas vertybes dažnai sietinas su vienu „naujosios viešosios... [toliau žr. visą tekstą] Marketing and Administration Functional local community Institutional factors Vietos bendruomenė Funkcionali vietos bendruomenė Instutuciniai faktoriai
17	Hantering av fysiska säkerhetsrisker – en kunskapsöversikt / Physical security risk management - a systematic review Bron, Mikael January 2013 (has links) Att kunna arbeta med systematisk hantering av brotts-, brands- och arbetsmiljörisker är en eftertraktadkompetens. Det syns inte minst i både näringslivets och den offentliga förvaltningensarbetsannonser när man söker chefer, handläggare eller samordnare till säkerhetsavdelningar.Trots det finns mycket lite skrivet på svenska om riskhantering och riskanalys i kontexten skyddmot brott. Ännu ovanligare är litteratur som jämför riskhantering mellan brandskydd, arbetsmiljöoch brottsskydd.Bristen på litteratur påverkar även studier av riskhantering inom fysisk och organisatorisk säkerhet,i synnerhet på akademisk nivå där det i Sverige är ett relativt nytt ämne. Att flytta fram positionernaoch vidga kunskapsfältet är därför angeläget både för ämnet fysisk- och organisatorisk säkerhetsåväl som för näringslivet. Detta kandidatarbete är ett tidigt bidrag till ett ämnesområde som ser utatt växa. Genom att kartlägga engelsspråkiga handböcker och det vetenskapliga kunskapsläget inomnärliggande discipliner har arbetet haft ytterligare ett mål: att nå ut med kunskap till de som arbetarmed riskhantering i praktiken och på så sätt vidga gruppens medvetenhet och yrkeskompetens.Uppsatsens syfte är att redovisa kunskapsläget och samtidigt visa på riskhanteringsprocessensbredd och djup. Mer konkret har det skett genom att identifiera likheter och skillnader i destuderade områdenas begreppsapparater, processbeskrivningar, problem, framgångsfaktorer ochsamtidigt redovisa eventuell kritik som riktas mot riskhantering som fenomen. Resultaten visar attdet finns fler likheter än skillnader mellan både riskhanteringsprocesser som riskanalysmetoder,oavsett om syftet är att skydda mot brott, ohälsa eller brand och olyckor.Arbetet har genomförts som en deskriptiv litteratursstudie och jämförande textanalys. Riskhanteringsprocessenhar beskrivits med utgångspunkt i den generiska ISO-standarden (31000:2009,Riskhantering - Principer och riktlinjer). Tio riskanalysmetoder som täcker samtliga steg i riskbedömningsmomentethar valts ut och beskrivits. Redovisning med tillhörande analys har följtsamma ordningsföljd som standardens processbeskrivning. Materialet har kompletterats ochjämförts med facklitteratur och vetenskapliga artiklar från tre riskhanteringsområden: (1) skyddmot ohälsa i arbetsmiljön, (2) skydd mot brand och olyckor samt (3) skydd mot brott.Uppsatsen ger även exempel på den inkonsekventa begreppsanvändningen som förekommer bådemellan och inom olika discipliner som sysslar med riskhantering. En av uppsatsens slutsatser äratt det sannolikt inte går att skapa en enhetlig begreppsapparat varken inom akademin eller i denpraktiska verksamheten samtidigt som det heller inte är nödvändigt. Istället kan missförstånd undvikasgenom att tydligt och i varje enskilt fall definiera vad man avser med ett visst begrepp. / The competence to manage risks related to health, security, fire and safety is a sought-after skill.This is especially noticeable in both business and public administration job postings for therecruitment process of managers, administrators or coordinators to security departments. At thesame time there is little specialist literature available in Swedish on the subject of risk managementin the context of protecting assets and people from physical security threats. The lack of literatureaffects the study of risk management from a physical and procedural security perspective,particularly at an academic level where this is a relatively new topic. To move forward and expandthe field of knowledge is an important step, not only for the scientific community but also for theindustry. This bachelor thesis attempts to be an initial but significant contribution to a topic thatis likely to grow. By mapping what has already been published on the subject in English as wellas summing up and analyzing the scientific knowledge from similar disciplines the thesis has alsohad an additional goal: to reach out with knowledge to those dealing with risk management inpractice, and thus raising their awareness and developing their professional skills.The purpose of this study is to present the current state of knowledge and at the same time toshow the width and depth of the risk management process. This is done by identifying similaritiesand differences in definitions, process descriptions, problems and best practice of the studied areaswhile at the same time account for any criticism offered against risk management as a concept.The results show that there are more similarities than differences in the risk management processand methods regardless of whether the purpose is to protect people and assets from healthhazards, crime, fire or accidents.The paper has been conducted as a descriptive literature study and a comparative textual analysis.The risk management process has been described with reference to the generic ISO standard(31000:2009, Risk management - Principles and guidelines). Also, ten common risk analysismethods that cover all steps in the risk assessment process have been described. The narrative andrelated analysis follow the same order as the ISO-standard process description.The material has been supplemented and compared with guidelines and scientific papers from threetypes of risks management contexts: (1) health hazards, (2) fire and safety, and (3) security.The paper also provides examples of the inconsistent use of terms and definitions both between andwithin different disciplines involved in risk management. One of the conclusions of the report is thatcreating a unified, universal terminology to be used in the security context probably is impossibleas well as being not necessary. Instead, certain terminological misunderstandings can be avoided byproviding clear definitions and explanations of their meaning in each particular case. Physical security Procedural security Risk analysis Risk assessment Risk management Security management Fire Safety Occupational health Fysisk säkerhet Organisatorisk säkerhet Riskanalys Riskbedömning Riskhantering Brottsskydd Brandskydd Olycksskydd Arbetsmiljöskydd
18	Integrated Security by using MPLS-VPN for Retail-Banking Network : Case study Mehr bank, Iran H.Daryani, Sara, Taslimi, Pouria January 2010 (has links) The studied application area is a private bank with different branches located in different provinces around the country. There was not integrated security solution to provide communication among different branches. Some of these branches could communicate through the satellite and the others could communicate through a different technology, such as asynchronous transfer mode (ATM). Different bank security policies were applied and maintained for different branches separately. In addition, the number of branches is expected to grow during coming year in each province. The old topology was partial mesh and it could not support enough redundancy in case of disruption. If a connection between two branches failed, other branches might lose their connectivity as well. In addition, it could not achieve optimum routing. Providing integrated quality of service (QoS) for the wide area network (WAN) by using different technologies is not easy to achieve, and it causes so many problems for the system. The bank uses a variety of protocols for different applications, depending on its demand, so the new applied technology should not depend on protocols, or at least should support different protocols at a same time. In the old technology, the bank was responsible for granting availability and connectivity maintenance. Providing proper bandwidth is an important aspect in the bank scenario and for the old technology; supplying enough bandwidth was costly. As mentioned above, the old applied technology was dependent upon different protocols. Therefore, packets in different open system interconnection layers (OSI layers) would have to check thoroughly to find the source/ destination address, data and so on, to reach the correct destination. This might cause security problems for entire system. In addition, processing packet in each layer of the OSI model is time consuming. One important aspect for the retail-banking scenario is considering all features of the security domain, such as security policy, information security, physical security, access level control, integrated security for the system and so on. Some features of the security domain in this project were not covering completely, such as integrated information security, merged security policy, and integrated physical security for the system. In this project, all mentioned problems are solved by implementing a specific communication technology which can overcome the problems above. This technology supports multiple protocols, and it provides fast and secure communication. It can also cover redundancy and it does not cost as much as previous technologies like ATM and satellite. Easy provisioning is one feature of this technology. In this technology, the service provider is responsible for granting availability and connectivity maintenance. The mentioned features of the security domain, which were not covered by the old technology, will be covered by a proper, integrated security solution. The IP-based physical security systems provide centralized monitoring and they can define a merged security policy for all different branches around the country. Specific, pre-defined scenarios are created for different events in different situations. MPLS Security Integrated IP base IP enable Physical security Bank Information Systems Information Systems Computer Engineering Datorteknik Computer Sciences Datavetenskap (datalogi)
19	Fyzická bezpečnost v průmyslovém podniku / Physical Security in an Industrial Company Konečný, Pavel January 2017 (has links) The diploma thesis focuses on physical security solutions in an organization acting in a metallurgy segment. The analytical part identifies the weaknesses in individual areas of physical security according to ČSN/ISO 27 000 regulation. The practical part is divided into individual chapters bringing suggestions for corrections, modernization and modifications of the system. The theoretical part deals mainly with clarification of the terminology and proceses used in the practical part. I see the benefit of my work in the practical suggestions for the changes. If they are implemented correctly, the physical security of the organization will be of high quality.
20	Management zabezpečovacího systému firmy / Security System Management of the Company Moravec, Lukáš January 2016 (has links) This master thesis deals with the design of complex security system for company area with using PZTS and CCTV system. The thesis is divided into three separate parts, first part is focused on analysis the company and the current physical security state. Second part of thesis deals with theoretical bases. And the final part covers the concept of the PZTS and CCTV system solution. Here are all the chosen elements which will be used for realization

Search results