Global ETD Search

131	Opening the Web for all : inclusive and secure design of an online authentication system Gibson, Marcia January 2012 (has links) Effective use of the World Wide Web grants users increased power over people, time and space. However, its growing ubiquity also means these powers tend to become eroded in non-users. Growth of the Web as a marketplace and as a channel to deliver e-services, results in an ever increasing volume of sensitive information being transacted and stored online. As a result, authentication systems are now being used extensively on the Web. Unfortunately the profusion of Web sites and the large numbers of associated passwords reduces their efficacy and puts severe strain on users’ limited cognitive resources. Authentication systems themselves therefore can act as an additional source of exclusion. However, this step of authentication has up until now, been largely overlooked when considering inclusive design. People may experience a variety of barriers to Internet access: Psychological, Material, Skills and Usage. Existing models of these barriers within the literature are discussed, and a unified model of exclusion is developed and used to identify a series of potential solutions to the various aspects of each barrier. These solutions are classified into 4 separate design goals: Enhanced Usability, Enhanced Accessibility, Reduced End-user Cost and Robust Security. A number of groups who are especially at risk of Web exclusion are also identified. The design goals are used to evaluate existing traditional and image-based passwords. The accessibility component is assessed in terms of twenty-two use scenarios, consisting of a particular user group’s limiting characteristic and strategies the groups are known to use when accessing the Web. The accessibility analysis shows traditional passwords to be less accessible for several groups: • Novice users who experience reduced comparative learnability, efficiency and increased errors. • Mobile phone users, head wand users, eye gaze tracker users, those with reduced manual dexterity/and or tremors accessing principally via a mouse or keyboard, those with impaired ability to select and filter relevant sensory information and low-literacy users accessing via a normal or text to speech browsers. These groups experience reduced comparative efficiency and increased errors. • Users with impaired ability to remember information or sequences and illiterate users accessing via a text-to-speech browser or normal browser. These groups have the most significant issues with passwords, experiencing reduced comparative learnability, memorability, efficiency and increased errors. Image based passwords are found to be more accessible for some of these groups, but are unusable by blind users and less usable by those with visual impairments. Just as Web users are not a uniform, homogenous group, so too is there no homogenous solution to creating usable security. Even so, there may be solutions that are usable and secure given the particular scenario within which they will be used. For this reason, it is important to supply a number of alternatives because as one modality or model of interaction is locked out, another group becomes excluded. One such alternative, a novel scheme called “Musipass”, is trialled in lab-based and large-scale online user participation experiments. Musipass is found to offer superior long-term memorability to a traditional password and users report enjoying the experience of authenticating with music. A security analysis is conducted which shows Musipass to offer comparative or enhanced security compared to a traditional password against a number of well-known attacks. 004.01
132	Privacy-Enhancing Techniques for Data Analytics Fang-Yu Rao (6565679) 10 June 2019 (has links) <div> <div> <div> <p>Organizations today collect and aggregate huge amounts of data from individuals under various scenarios and for different purposes. Such aggregation of individuals’ data when combined with techniques of data analytics allows organizations to make informed decisions and predictions. But in many situations, different portions of the data associated with individuals are collected and curated by different organizations. To derive more accurate conclusions and predictions, those organization may want to conduct the analysis based on their joint data, which cannot be simply accomplished by each organization exchanging its own data with other organizations due to the sensitive nature of data. Developing approaches for collaborative privacy-preserving data analytics, however, is a nontrivial task. At least two major challenges have to be addressed. The first challenge is that the security of the data possessed by each organization should always be properly protected during and after the collaborative analysis process, whereas the second challenge is the high computational complexity usually accompanied by cryptographic primitives used to build such privacy-preserving protocols. </p><p><br></p><p> </p><div> <div> <div> <p>In this dissertation, based on widely adopted primitives in cryptography, we address the aforementioned challenges by developing techniques for data analytics that not only allow multiple mutually distrustful parties to perform data analysis on their joint data in a privacy-preserving manner, but also reduce the time required to complete the analysis. More specifically, using three common data analytics tasks as concrete examples, we show how to construct the respective privacy-preserving protocols under two different scenarios: (1) the protocols are executed by a collaborative process only involving the participating parties; (2) the protocols are outsourced to some service providers in the cloud. Two types of optimization for improving the efficiency of those protocols are also investigated. The first type allows each participating party access to a statistically controlled leakage so as to reduce the amount of required computation, while the second type utilizes the parallelism that could be incorporated into the task and pushes some computation to the offline phase to reduce the time needed for each participating party without any additional leakage. Extensive experiments are also conducted on real-world datasets to demonstrate the effectiveness of our proposed techniques.<br></p> <p> </p> </div> </div> </div> </div> </div> </div> Computer System Security Data Encryption Differential Privacy Secure Multiparty Computation Record Linkage K-Means Clustering
133	Entre flexibilité et sécurité : l'accompagnement des entreprises et des mobilités professionnelles. : essais empiriques de microéconométrie du marché du travail / Between flexibility and security : accompanying firms and professional mobilities. : a microeconometric analysis with French data Calavrezo, Oana 30 November 2009 (has links) La présente thèse contribue à la littérature empirique sur la flexicurité en se concentrant sur deux axes de recherche : l’utilisation du chômage partiel par les établissements et le rôle des trois « socles » de la flexicurité - contrat de travail, compétences et territoire (Freyssinet, 2006) - sur la sécurisation des parcours professionnels des individus. En rapport au premier axe, la thèse propose une méthodologie pour évaluer l’efficacité du chômage partiel. Selon deux critères d’efficacité (éviter les licenciements économiques et la disparition des établissements), le chômage partiel ne protège pas l’emploi et il n’est donc pas efficace. Entre 1995 et 2005, il est avant tout un outil de flexibilité. Il ne peut pas s'analyser comme un outil répondant aux principes de la flexicurité. Pour le deuxième axe, nous analysons comment les « socles » de la flexicurité sécurisent les parcours, en s’appuyant sur trois mobilités professionnelles : premier emploi-emploi, emploi-emploi et chômage-emploi. Nous soulignons le rôle central de l’emploi temporaire, des liens entre les entreprises et du lieu de résidence dans le processus de sécurisation des trajectoires. Nous montrons que : (i) les contrats temporaires ne sont pas un obstacle à la stabilisation dans l'emploi, dès lors que leur durée est suffisamment longue ; (ii) les réseaux d’entreprises traduits par l’existence de marchés professionnels ou internes favorisent l’acquisition de compétences facilitant la mobilité entre deux emplois ; (iii) un cadre géographique « défavorisé » dans lequel vit l’individu apparaît comme un obstacle dans la sécurisation de son parcours. / This PhD dissertation provides useful empirical contributions for two research topics about flexicurity: the use of the short-time compensation (STC) program by French establishments and the role of the three “bases” of flexicurity – employment contract, skills and territory (Freyssinet, 2006) – in making professional career paths secure. About the first topic, we develop a methodology to analyse the efficiency of STC and to verify if it could be considered as a flexicurity tool. According to two efficiency criteria (avoiding redundancies and establishment exit), STC does not protect employment and so it is inefficient: Between 1995 and 2005, it represents mainly a flexibility tool. It can not been seen as a tool responding to the principles of flexicurity. In the line of the second topic, we analyse how the “bases” of flexicurity make professional career paths secure, by focusing on three professional mobilities: first employment-employment, employment-employment and unemployment-employment. We show the importance of temporary contracts, firm networks and individual’s place of residence in the process of making professional career paths secure. We show that: (i) fixed-term contracts secure professional trajectories if the link between individuals and firms is long enough; (ii) firm networks support the acquisition of skills, making easier professional mobilities; (iii) a “disadvantaged” place of residence seems to be an obstacle in making professional career paths secure. Flexicurité Chômage partiel Licenciements économiques Flexicurity Short-time compensation Secure professional transitions
134	Data Sharing on Untrusted Storage with Attribute-Based Encryption Yu, Shucheng 13 July 2010 (has links) "Storing data on untrusted storage makes secure data sharing a challenge issue. On one hand, data access policies should be enforced on these storage servers; on the other hand, confidentiality of sensitive data should be well protected against them. Cryptographic methods are usually applied to address this issue -- only encrypted data are stored on storage servers while retaining secret key(s) to the data owner herself; user access is granted by issuing the corresponding data decryption keys. The main challenges for cryptographic methods include simultaneously achieving system scalability and fine-grained data access control, efficient key/user management, user accountability and etc. To address these challenge issues, this dissertation studies and enhances a novel public-key cryptography -- attribute-based encryption (ABE), and applies it for fine-grained data access control on untrusted storage. The first part of this dissertation discusses the necessity of applying ABE to secure data sharing on untrusted storage and addresses several security issues for ABE. More specifically, we propose three enhancement schemes for ABE: In the first enhancement scheme, we focus on how to revoke users in ABE with the help of untrusted servers. In this work, we enable the data owner to delegate most computation-intensive tasks pertained to user revocation to untrusted servers without disclosing data content to them. In the second enhancement scheme, we address key abuse attacks in ABE, in which authorized but malicious users abuse their access privileges by sharing their decryption keys with unauthorized users. Our proposed scheme makes it possible for the data owner to efficiently disclose the original key owner's identity merely by checking the input and output of a suspicious user's decryption device. Our third enhancement schemes study the issue of privacy preservation in ABE. Specifically, our proposed schemes hide the data owner's access policy not only to the untrusted servers but also to all the users. The second part presents our ABE-based secure data sharing solutions for two specific applications -- Cloud Computing and Wireless Sensor Networks (WSNs). In Cloud Computing cloud servers are usually operated by third-party providers, which are almost certain to be outside the trust domain of cloud users. To secure data storage and sharing for cloud users, our proposed scheme lets the data owner (also a cloud user) generate her own ABE keys for data encryption and take the full control on key distribution/revocation. The main challenge in this work is to make the computation load affordable to the data owner and data consumers (both are cloud users). We address this challenge by uniquely combining various computation delegation techniques with ABE and allow both the data owner and data consumers to securely mitigate most computation-intensive tasks to cloud servers which are envisaged to have unlimited resources. In WSNs, wireless sensor nodes are often unattendedly deployed in the field and vulnerable to strong attacks such as memory breach. For securing storage and sharing of data on distributed storage sensor nodes while retaining data confidentiality, sensor nodes encrypt their collected data using ABE public keys and store encrypted data on storage nodes. Authorized users are given corresponding decryption keys to read data. The main challenge in this case is that sensor nodes are extremely resource-constrained and can just afford limited computation/communication load. Taking this into account we divide the lifetime of sensor nodes into phases and distribute the computation tasks into each phase. We also revised the original ABE scheme to make the overhead pertained to user revocation minimal for sensor nodes. Feasibility of the scheme is demonstrated by experiments on real sensor platforms. " Secure Data Sharing Access Control Untrusted Storage Cloud Computing Attribute-Based Encryption
135	How distress is understood and communicated by women patients detained in high secure forensic healthcare, and how nurses interpret that distress : an exploration using a multi-perspective interpretative phenomenological analysis Jones, Jane January 2017 (has links) Background: The context for this study is the National High Secure Healthcare Service for Women (NHSHSW). This service opened in 2007 following the closure of all other high secure healthcare services for women. Consequently the NHSHSW is the UK’s only facility to provide assessment and treatment for women detained under the Mental Health Act and who are classified as posing a grave and immediate danger to others. Care delivered within the NHSHSW is grounded within the guiding principles of trauma informed environments. This philosophy of care understands that women patients in high secure forensic healthcare experience heightened and usually chronic levels of distress which can be communicated through violent and dangerous behaviour (McMillan & Aiyegbusi, 2009). This group of marginalised women are an important but small group of people with unique experiences. These women patients’ experiences have yet to be explored from the perspective of the women themselves. This is the first study to explore how women patients detained in the NHSHSW experience distress and the impact that distress has on their behaviour from the perspective of the women patients themselves and their care-givers. The care-givers referred to are named nurses whose perspective provides perceptual and interactional context to this study. Insight into the women patients’ experiences is important to ensure that the development of healthcare can respond effectively to need. The importance of service user involvement has been increasingly recognised in general mental health settings. However, user involvement in forensic research is less well developed. This has now been recognised and for the first time this study included the women patients as research facilitators. Method: Women patients were invited to attend discussion groups to identify a research project that would form a baseline evaluation for an evidence based development of the NHSHSW. A working party including the researcher and voluntary women patients was established to facilitate the research process. The number of women patients contributing to the working party ranged between eight and thirteen depending on availability. Feminist principles provided a framework for this enquiry (Lykke, 2010). The experiences identified for exploration were: How women patients in high secure healthcare understand their distress. How women patients in high secure healthcare communicate their distress. How nurses interpret the women patients’ distress. Multi-perspective Interpretative Phenomenological Analysis (IPA) was used to analyse semi-structured interviews (Loaring, Larkin, Shaw & Flowers 2015). Twenty three voluntary patient interviews, representing 57% of the overall patient population and thirteen voluntary named nurse interviews took place, representing 34% of the named nurse population. No participants dropped out or withdrew their contribution. Findings: Themes regarding the women patient participants’ understanding and communication were identified as: Observable behaviours and responses; Blocks to getting help; Change over time; An entity to be endured; An emotional experience; A physical experience; Being alone. The themes identified from the nurse interviews were: Perception of the distress experience. What influences my response and what is expected of me? The patient and the nurse interviews evidenced differences in understanding related to the women patients’ experience of distress. The women patients placed emphasis on the physiological/sensory aspect of their distress, whereas nurses placed emphasis on the emotional aspect of the women patients’ distress. The implication is that at times of heightened distress the women patients did not feel they were understood. The findings also highlighted areas of unmet need including family involvement in care and a perceived lack of support to enhance family contact. In addition loneliness was emphasised as a significant stressor for the women patients as was being perceived as an on-going risk of harm. All the findings were validated by the participants and subject to peer review. Conclusion: This study provides the first evidence base for healthcare practice specifically for women patients detained in the NHSHSW. This is also the first study to involve the women patients in the NHSHSW as co-facilitators of research. This experience was described as empowering by the women patients who took part and whose involvement ensured that the research subject was relevant and meaningful. The depth of the women patients’ involvement has set precedents for policy, procedure and practice development within the NHSHSW and evidenced the women patients’ ability to be co-producers of the services they use. The study was conducted for women by women and as such was guided by feminist principles seeking the right to provide services based on women patients’ needs and experiences. As a consequence this study has made a unique and significant contribution to available literature and the development and provision of services for women detained in high secure care. The study originally aimed to provide an evidence base for the development of the NHSHSW; however, continued interest from lesser secure services clearly demonstrates the applicability of the findings to services beyond the NHSHSW. Limitations There were limitations to this study which could have influenced the findings. The researcher was known to the patient and nurse participants. Established relationships between researchers and participants have the potential to bias an outcome; however it can also provide a baseline of trust. Service user involvement as both researcher and participant potentially allows participants to purposefully respond to questions with the aim to confirm their original pattern of thinking rather than exploring a concept to uncover new findings. The balance of findings in this research suggests that while some bias can be argued it did not invalidate the findings. 614
136	Analýza vybraných on-line platebních systémů Houška, Daniel January 2006 (has links) Práce komplexně popisuje současné alternativní možnosti on-line plateb v prostředí Internetu. Práce sleduje trendy a vývoj v oblasti e-Payment systémů, včetně praktického využití pro účely on-line obchodování v České republice. Důraz je kladen především na systémy ktyté zlatem, systém e-gold.
137	The Effect of Early Childhood Attachment on Delinquency and Behavior and the Continuance into Adulthood. Nichols, Cyndi Sheree 17 December 2005 (has links) Parental attachment style is an important element when delinquent behavior seems to be an issue for a child. In the past, a number of parents have found it difficult to effectively bond with their children because most had to work long hours to provide their child with necessities. Bonding with their children was not a high priority when lower income was a factor. Some parents began to realize that bonding is an important aspect in a child's life and must be nurtured to assure that antisocial tendencies do not erupt. Many theorists have linked criminal behavior to ineffective parenting styles. These styles usually left the child insecurely attached, with no one to talk to when stress and anxiety were felt. In turn, these feelings of stress and anxiety can surface and cause the child to display deviant behaviors toward others. The Cambridge Delinquent Data were used to measure the relationship between parental attachment variables and convictions in adolescence and adulthood. Chi-square analyses were used to measure the variables. The results of the analysis revealed a significant relationship between seven of the nine parental attachment variables and convictions. Avoidant Attachment Ambivilent Secure Criminology and Criminal Justice Legal Studies Social and Behavioral Sciences
138	POOR ATTACHMENT AND THE SOCIOEMOTIONAL EFFECTS DURING EARLY CHILDHOOD Newman, Ashiko E 01 June 2017 (has links) A significant focus is placed on positive outcomes for children in today’s society. However, mental health clinicians attest that poor attachments, during early childhood, are likely to have negative effects on a child’s long-term outcomes. By using the post-positivist paradigm, 10 mental health clinicians were interviewed and each provided their perspectives regarding the negative social skills and emotional regulations of young children, when parents fail to appropriately bond with their children, during their early years. Their ideas were formulated, connected, and structured to develop a theoretical statement. The resulting theory focused on the parent’s ability to develop and strengthen the parent/child relationship, through a range of interventions. Parent’s inability to form positive attachments were influenced by a variety of issues, such as, depression, drug and/or alcohol dependency, poverty, poor relationships with the child’s parent, mental illness, violence, etc. These factors resulted in poor social dynamics with the parent; thereby, hindering their bonding. Children with poor attachments tend to display poor socioemotional affects, such as, poor social, coping, and problem solving skills, tantrums, clingy, withdrawn, or aggressive behaviors, etc. These negative effects, often impacts the child throughout their developmental years. socioemotional attachment secure relationships parent/child relationship interventions bonding Social Work
139	Secure-Base Caregiving and Adult Attachment Development Within the Client-Psychotherapist Relationship Weeks, Dennis A. 01 January 2015 (has links) Recent studies have shown significant improvements in the attachment security of adult therapy clients during therapy, supporting Bowlby's theory that such improvement can be influenced by secure-base caregiving provided by mentors such as therapists. However, because these studies did not measure the secure-base variable, its relationship to client attachment development remains unknown. The present study is the first to evaluate that relationship by measuring clients' pre and posttherapy attachment security using the Relationship Scales Questionnaire and therapists' secure-base caregiving using the Client Attachment to Therapist and Working Alliance Inventory, Short Form. Of 21 initially insecure client participants, 17 experienced high levels of secure-base caregiving from their therapists (the SBC-High group) while 4 experienced low levels (the SBC-Low group). Comparison of pre and posttherapy group mean attachment scores, using the Wilcoxon Signed Ranks Test, found a statistically significant improvement (a = .01) in attachment security for the SBC-High group with no statistical change in attachment security for the SBC-Low group. These findings suggest that therapists and other mentors can positively influence the attachment development of their insecure mentees. Purposeful incorporation of this knowledge into the design and goals of existing graduate and professional mentoring programs can positively influence regenerative social change by promoting the attachment security of approximately one third of mentees expected to be insecurely attached, based on demographic studies. Improving their attachments can equip them to positively influence the attachments of all their future insecure clients who, like them, might then realize the multiple benefits associated with attachment security. adult attachment attachment attachment development mentor psychotherapy secure-base Counseling Psychology Developmental Psychology Psychology
140	"Halfpipe Active Channel"- developing a secure communications protocol / "Halfpipe Active Channel"- utveckling av ett säkert kommunikationsprotokoll Larsson, Fredrik January 2005 (has links) <p>With the advent of powerful multimedia capable mobile phones, the market for mobile services is flourishing. Zenterio AB's Halfpipe Active Desktop is a complete distributed mobile service platform a with a powerful server and platform-independent client. The communication between the client and server takes place over a GPRS-capable mobile network. </p><p>The purpose of this thesis is to develop a secure communications protocol for use between the Halfpipe Active Desktop client and server. This is done by determining requirements, analyzing candidate protocols and then by designing the final protocol. The result, the Halfpipe Active Channel protocol, is an authorized, encrypted, session oriented, message based and light weight protocol designed to minimize computational as well as network overhead.</p><p>This master's thesis project was defined by and performed at Zenterio AB during the second half of 2004.</p> Informationsteknik mobile services secure communications GPRS protocol design Informationsteknik Information technology Informationsteknik

Search results