Global ETD Search

361	ProGrid: uma infra-estrutura de suporte a programação paralela em grades computacionais. Costa, Paulo Vicente Capellotto 26 May 2003 (has links) Made available in DSpace on 2016-06-02T19:05:18Z (GMT). No. of bitstreams: 1 DissPVCC.pdf: 3610389 bytes, checksum: 207fb73eb90d6ef70e9232d6b9d02a92 (MD5) Previous issue date: 2003-05-26 / Financiadora de Estudos e Projetos / The computational Grid concept allows resource sharing in large scale. This work introduces the ProGrid system, an architecture for computational Grids, whose communication and resource management infrastructure is used transparently by the applications. Unlike other grid approaches, this work relies on the use of proxy servers to perform additional communications and authentication procedures on behalf of client applications. The purpose of this mechanism is to enable parallel applications to be executed in geographically distributed environments interlinked by an open communication network, such as the Internet, meeting the security requisites desirable for computational grids. To reach such objectives, a generic architecture for ProGrid was developed, that is divided in a group services layers. This work was focused in the implementation of layers responsible by the secure communication and for the controlled sharing of available resources. / O conceito de grade computacional permite o compartilhamento de recursos computacionais em larga escala. Este trabalho apresenta o sistema ProGrid, uma arquitetura para Grades Computacionais, na qual a infra-estrutura de comunicação e o gerenciamento de recursos são usados transparentemente pelas aplicações. Diferentemente de outras grades, este trabalho utilizou uma abordagem baseada em servidores Proxy para realizar os processos adicionais de comunicação e autenticação em nome da aplicação cliente. O propósito deste mecanismo é habilitar a execução de aplicações paralelas em ambientes geograficamente distribuídos interconectados por um canal de comunicação aberto, como a Internet, atendendo os requisitos de segurança desejáveis nas Grades Computacionais. Para alcançar tais objetivos, desenvolveu-se uma arquitetura genérica para o ProGrid , que é dividida em um conjunto de camadas de serviços. Este trabalho focou-se na implementação das camadas responsáveis pela comunicação segura e pelo compartilhamento controlado dos recursos disponíveis. Processamento distribuído Grade computacional Sistemas distribuídos Redes de computação - segurança Grid computing Proxy Secure communication Distributed computing MPI
362	O documento eletrônico seguro nas transações de compras eletrônicas / The secure electronic document in eletronic procurement transactions Leal, Kleber Anderson Figueiredo 30 April 2013 (has links) Made available in DSpace on 2016-12-01T19:18:35Z (GMT). No. of bitstreams: 1 Sumario e Resumo.pdf: 45506 bytes, checksum: cd9544192e5430afbcb12944adc4244c (MD5) Previous issue date: 2013-04-30 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / Resumo protegido Comércio eletrônico Documentos eletrônicos Documento eletrônico seguro Certificado digital E-commerce Compras eletrônicas Secure electronic document Digital certificate Electronic purchases
363	A utilização do documento eletrônico seguro na prefeitura municipal de Florianópolis / The use of secure electronic document in the city of Florianópolis Ribeiro, Paulo Sérgio 07 June 2011 (has links) Made available in DSpace on 2016-12-01T19:18:51Z (GMT). No. of bitstreams: 1 Paulo.pdf: 42365 bytes, checksum: fa1feba98757f997494aa7d42793bd33 (MD5) Previous issue date: 2011-06-07 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / The electronic document is a reality in many modern institutions and the operational benefits resulting from the adoption of this technological feature have being tested every day for a greater number of organizations. The private sector has benefited from information technology in a very intense way, promoting new forms of management and a new dimension to the business, crossing geographical barriers and improving the processes for provision of new services and products. In the public sector, even with the growing concern about the use of information technology for administration, such as the development of so-called Electronic Government (e-government), it is clear a gap and felt great opportunities for administrators to motivate for a wider adoption of Secure Electronic Documents (DES) in organizational processes. Starting from this context, it is envisioned this research work, which aims to identify the indicators for evaluating investments in the use of DES in public organizations. In studies in the City of Florianopolis, the evidence points to substantial gains in organizational processes that were directly influenced by use of DES, with immediate implications in time and costs expended by the activities / O documento eletrônico é uma realidade em muitas instituições modernas e os benefícios operacionais decorrentes da adoção desse recurso tecnológico vêm sendo experimentados, a cada dia, por um número maior de organizações. O setor privado tem se beneficiado das Tecnologias da Informação de maneira bastante intensa, propiciando novas formas de gestão e uma nova dimensão aos negócios, transpondo barreiras geográficas e aprimorando os processos para a oferta de serviços e produtos. No setor público, mesmo com a crescente preocupação no uso de Tecnologias da Informação pela administração, a exemplo do desenvolvimento dos chamados Governos Eletrônicos, evidencia-se uma lacuna e se percebe grandes oportunidades para que os administradores se motivem a uma adoção mais ampla dos Documentos Eletrônicos Seguros (DES) nos processos organizacionais. Partindo-se desse contexto é que se idealizou o presente trabalho de pesquisa, o qual objetiva identificar os indicadores que permitam avaliar os investimentos no uso de DES em organizações públicas. Nos estudos feitos na Prefeitura Municipal de Florianópolis, as evidências apontam para ganhos substanciais nos processos organizacionais que sofreram influência direta do uso do DES, com reflexos imediatos nos prazos e custos dispendidos pelas atividades Documento eletrônico seguro Adequação estratégica Governo eletrônico Documentos eletrônicos Internet na administração pública Secure electronic document Strategic alignment E-government
364	M-CODE: um modelo para mediÃÃo de confidencialidade e desempenho para aplicaÃÃes mÃveis seguras / M-CODE: A model for measurement of confidentiality and reliable performance for mobile applications AglaÃse Frota Moura Carvalho 19 September 2008 (has links) FundaÃÃo Cearense de Apoio ao Desenvolvimento Cientifico e TecnolÃgico / Os dispositivos mÃveis tÃm limitaÃÃes de recursos que restringem o uso de mecanismos de seguranÃa em aplicaÃÃes, tais como comÃrcio eletrÃnico, as quais exigem, por exemplo, o requisito de confidencialidade. Como Ã indispensÃvel a implementaÃÃo de mecanismos de seguranÃa nesse tipo de aplicaÃÃes, Ã fundamental auxiliar os desenvolvedores na escolha de um mecanismo que respeite limitaÃÃes, por exemplo, de desempenho, memÃria e bateria, dos dispositivos mÃveis. Esta dissertaÃÃo propÃe entÃo um modelo para medir o grau de confidencialidade e de desempenho necessÃrios para determinadas aplicaÃÃes que irÃo executar em dispositivos mÃveis. A fim de escolher o algoritmo criptogrÃfico e/ou o protocolo mais adequado a uma aplicaÃÃo mÃvel especÃfica, os cÃlculos da confidencialidade e desempenho sÃo realizados atravÃs de medidas jÃ definidas no modelo e de pesos definidos pelo desenvolvedor, de acordo com a relevÃncia de cada medida para aplicaÃÃo. Para especificar a proposta, as abordagens de Goal-Question-Metric (GQM), Goal-Driven Software Measurement (GDSM), variaÃÃes destas abordagens e o Security Measurement (SM) framework sÃo utilizados. Em seguida, para validar o modelo, Ã utilizada uma aplicaÃÃo mÃvel segura jÃ existente como estudo de caso, sendo feita a anÃlise e cÃlculo dos graus de confidencialidade e desempenho de algoritmos e protocolos / Mobile devices have resource restrictions that constrain the use of security mechanisms in applications, such as e-commerce, which demand, for example, confidentiality issues. There is then a need for a mechanism to help developers to choose the appropriate solution that provides security for a specific mobile device application, taking in consideration the limitation of performance, memory and battery, among others. Thus, this work proposes a security measurement model focused on confidentiality and performance for mobile applications. This model is defined in conformance with the cryptographic algorithm and/or protocol more adequate to the mobile application. Confidentiality and performance degrees are calculated according to the proposed model measurements and weights defined by the secure mobile application developer. . The following measurement approaches are used to specify the proposal: Goal-Question-Metric (GQM) and Goal-Driven Software Measurement (GDSM), variations of these approaches, and the Security Measurement (SM) framework. As a case study, a mobile application already existent is used for the analysis and calculation of the confidentiality and performance degrees of chosen algorithms and protocols Dispositivos MÃveis SeguranÃa Confidencialidade Desenvolvimento de AplicaÃÃes Seguras MediÃÃo Desempenho Security Confidentiality Mobile Devices Development of Secure Applications Measurement Performance COMPUTABILIDADE E MODELOS DE COMPUTACAO
365	Security Enhanced Firmware Update Procedures in Embedded Systems Abrahamsson, David January 2008 (has links) Many embedded systems are complex, and it is often required that the firmware in these systems are updatable by the end-user. For economical and confidentiality reasons, it is important that these systems only accept firmware approved by the firmware producer. This thesis work focuses on creating a security enhanced firmware update procedure that is suitable for use in embedded systems. The common elements of embedded systems are described and various candidate algorithms are compared as candidates for firmware verification. Patents are used as a base for the proposal of a security enhanced update procedure. We also use attack trees to perform a threat analysis on an update procedure. The results are a threat analysis of a home office router and the proposal of an update procedure. The update procedure will only accept approved firmware and prevents reversion to old, vulnerable, firmware versions. The firmware verification is performed using the hash function SHA-224 and the digital signature algorithm RSA with a key length of 2048. The selection of algorithms and key lengths mitigates the threat of brute-force and cryptanalysis attacks on the verification algorithms and is believed to be secure through 2030. Secure firmware update threat analysis embedded security embedded systems Säker uppdatering hotanalys säkerhet inbyggda system firmware mjukvara Computer and Information Sciences Data- och informationsvetenskap
366	En säkerhetsgranskning av Secure Application Framework Norling, Sebastian January 2013 (has links) Företaget Wireless Independent Provider (WIP) har tagit fram ett säkerhetsramverk vid namn Secure Application Framework (SAF) som är ett väldokumenterat ramverk för att skapa säkra interna företagsappar. Syftet med detta ramverk är att lösa problematiken kring Bring Your Own Device (BYOD) – hur man ska skilja på privat data och företagets data i enheten. Med ett sådant system så finns det mycket att tänka på rörande säkerheten. Genom att identifiera ett antal olika hot och genomföra en riskanalys på dessa kommer man fram till att systemet är skyddat mot majoriteten av hoten, det finns dock förslag till förbättringar på enstaka delar av systemet. Det genomförs även prestandatester och undersökning av lavineffekten för ett antal olika symmetriska krypteringsalgoritmer i syfte att fastslå om den använda algoritmen i systemet har fördelar jämfört med andra moderna krypteringsalgoritmer. Utifrån resultaten som tagits fram i detta arbete så konstateras det att skyddet mot de identifierade hoten är mycket bra samt att det inte finns någonting som skulle motivera ett byte av den symmetriska krypteringsalgoritmen. secure application framework wip kryptering public key infrastructure pki riskanalys lavineffekt prestanda byod Information Systems Computer Sciences Datavetenskap (datalogi) Software Engineering Programvaruteknik
367	Structured professional judgement approach to risk assessment : generalisability across patient groups for the prediction of adverse outcomes in secure mental health care O'Shea, Laura E. January 2016 (has links) This thesis comprises a rigorous and coherent body of work related to the use of the HCR-20 and the START to inform risk assessment and management of secure mental health inpatients. The thesis contributes significant theoretical and applied knowledge by: 1) investigating the extent to which these tools can be generalised beyond restricted validation samples to the full range of individuals in contact with secure services, 2) determining whether they can aid assessment and management of adverse outcomes beyond aggression, and 3) offering practical, empirically-derived advice for clinicians regarding management strategies that may reduce the occurrence of adverse events. This collection of papers has used considerably novel methods, such as rocreg analysis in risk assessment of behavioural outcomes, and high quality, routinely collected data to gain a more realistic representation of what occurs in clinical practice. Further, the papers draw on larger sample sizes than have previously been reported in this area, allowing for more complex statistical analysis. This thesis has helped clarify the contexts in which these instruments perform effectively and therefore has important implications for clinical risk assessment in inpatient settings. Specifically, there is evidence that the HCR-20 and the START may aid assessment and management of aggression for the majority of groups examined, and that both tools have some efficacy for predicting self-harm among female populations. However, the HCR-20 should not be used to inform prediction and management of aggression and self-harm for individuals with developmental and organic disorders and is unlikely to be beneficial at informing risk management strategies targeting self-harm among males; the START should not be used to inform prediction and management of substance abuse, victimisation, or unauthorised leave. Finally, this thesis highlights a number of directions for future research to continue advancement in this area. 362.2
368	La rétention de sûreté : la première mesure de sûreté privative de liberté depuis le nouveau Code pénal‎ / Rétention de sûreté : the first security measure of depravation of liberties since the new Criminal Code Mallein, Elise 02 November 2015 (has links) Le droit pénal français est marqué par une volonté de prévenir la récidive. Ce souhait se concrétise par l’introduction de mesures de sûreté dont la rétention de sûreté. Toutefois, la rétention de sûreté n’est pas une mesure de sûreté comme les autres, ce qui a conduit à de nombreux débats qui, en réalité, reprennent d’anciennes et récurrentes controverses. Cette mesure part en effet du postulat que les criminels sexuels et/ou violents présentent une maladie, maladie qui laisse présumer un risque de récidive. En les traitants comme des malades, le législateur considère ainsi qu’ils sont curables. En conséquence, il convient de mettre en œuvre des soins, seule solution pour prévenir une récidive. Cependant, cette même maladie conduit souvent le patient à refuser les soins pourtant nécessaires au regard de cette maladie. Dans ces circonstances, le soin est contraint, mais non imposé, par la menace, puis la mise en œuvre effective, d’une mesure privative de liberté qu’est la rétention de sûreté, ce qui constitue une menace pour les libertés individuelles. Le mécanisme même de la rétention de sûreté fait ainsi apparaître de nombreux problèmes criminologiques, psychologiques, constitutionnels, conventionnels que le droit français ne peut ignorer. Il est nécessaire de les prendre en compte pour éviter que la rétention de sûreté ne devienne une mesure purement éliminatrice au détriment de son principal objectif, qui reflète le fondement même du droit pénal français, à savoir prévenir la récidive tout en permettant à terme la réinsertion des criminels dans la société. / The French criminal law is characterised by a willingness to prevent recidivism. To give concrete expression to this will, security measures are implemented among which the secure detention. However, the secure detention is not an ordinary measure and gives rises to many debates which, in fact, take up old and recurrent controversies. This measure is based on the assumption that sexual and/or violent criminals show a disease which may suggest a risk of a second offence. As a result, by considering them as sick persons, the legislator asserts that they can be treated. Accordingly, medical care is advised as the only solution to prevent a second offence. However, this disease itself often induces the patient to refuse cares even if it is required for this disease. Under these circumstances, care is constrained by law but not imposed by threat. Yet, if the attempt fails, a measure which deprives of liberties will be effective, such as the secure detention, what threatens individual freedoms. The secure detention process raises many criminological, psychological, constitutional and conventional problems than the French law can’t ignore. It’s necessary to take them into account to prevent the secure detention turning into a phase-out measure to the detriment of its mains objective, which reflects the cause itself of the criminal French law, i. e. to prevent the second offence while helping criminals in the long run to become reintegrated in society. Rétention de sûreté Mesure de sûreté Privation de liberté Dangerosité Criminologie Perpétuité Récidive Trouble de la personnalité Pronostic Secure detention Security measure Deprivation of liberty Dangerousness Criminology Perpetual measure Recidivism Personality disorder Prediction 346
369	Air-Gap Covert Channels Carrara, Brent January 2016 (has links) A fresh perspective on covert channels is presented in this work. A new class, air-gap covert channels, is defined as an unintentional communication channel established between systems that are physically and electronically isolated from one another. A specific class of air-gap covert channel is studied in depth, out-of-band covert channels (OOB-CCs), which are defined as policy-breaking communication channels established between isolated, physically unmodified systems. It is shown that OOB-CCs can be categorized by the physical channel that they communicate over: acoustic, light, seismic, magnetic, thermal, and radio-frequency, and the hardware that is required at the transmitter and receiver to make covert communication possible. In general, OOB-CCs are not as high-bandwidth as conventional radio-frequency channels; however, they are capable of leaking sensitive information that requires low data rates to communicate (e.g., text, recorded audio, cryptographic key material). The ability for malware to communicate information using a specific type of OOB-CC, the covert-acoustic channel, is also analyzed. It is empirically demonstrated that using physically unmodified, commodity systems (e.g., laptops, desktops, and mobile devices), covert-acoustic channels can be used to communicate at data rates of hundreds of bits per second, without being detected by humans in the environment, and data rates of thousands of bits per second when nobody is around to hear the communication. Defence mechanisms to counter covert-acoustic channels are also proposed and evaluated, and, as a result, best practices for the designers of secure systems and secure facilities are presented. Additionally, the covertness of OOB-CCs, i.e., the amount of data that can be leaked before the channel is detected, is also determined for classical communication channels as well as for covert-acoustic channels. covert channels out-of-band covert channels air-gap covert channels detectable covert channels undetectable covert channels secure undetectable covert channels covert-acoustic channels steganographic capacity
370	Energy Efficient Secure Key Management Schemes for WSNs and IoT Wen, Wen January 2016 (has links) Secret sharing is critical to most applications making use of security and remains one of the most challenging research areas in modern cryptography. In this thesis, we propose a novel efficient multi-secret sharing scheme based on the Chinese remainder theorem (CRT) with two verification methods, while the previous works are mostly based on the Lagrange polynomial. Key management schemes play an important role in communication security in Wireless Sensor Networks (WSNs). While the previous works mainly targeting on two different types of WSNs: distributed and hieratical, in this thesis, we propose our flexible WSN key management scheme, which is based on (n,t,n) multi-secret sharing technique, to provide a key management solution for heterogeneous architecture. The powerful key managers are responsible for most of the communicational and computational workload. They can provide Peer-to-Peer pair-wise keys for a pair of sensors to establish a secure communication session, and in the same time, they can also form communication clusters as cluster heads according to different application requirements. Internet of Things (IoT) becomes more and more popular and practical in recent years. Considering the diversity of the devices and the application scenarios, it is extremely hard to couple two devices or sub-networks with different communication and computation resources. In this thesis, we propose novel key agreement schemes based on (n,t,n) multi-secret sharing techniques for IoT in order to achieve light weighted key exchange while using Host Identity Protocol (HIP). We refer the new schemes as HIP-MEXs with different underlying multi-secret sharing techniques. We analyzed the computational and communication costs of the extremely resource constrained device which is referred to as Initiator, and CRT based HIP-MEX successfully outsource the heavy workload to the proxy, which are considered more powerful, when establishing new secret key. Chinese Remainder Theorem Secret Sharing Secure Energy Efficiency Wireless Sensor Network Internet of Things Host Identity Protocol Key Management Key Exchange Cryptography

Search results