Global ETD Search

361	Concevoir des applications temps-réel respectant la vie privée en exploitant les liens entre codes à effacements et les mécanismes de partages de secrets / Enabling private real-time applications by exploiting the links between erasure coding and secret sharing mechanisms Smith, Guillaume 04 December 2014 (has links) Une large quantité de données personnelles sont partagées en temps réel par des utilisateurs en ligne, utilisant de plus en plus des terminaux mobiles avec connexion sans-fil. L'industrie s'efforce d'accumuler et d'analyser ces données pour fournir de nouveaux services ou des améliorations. La recherche fournit un effort équivalent pour permettre de traiter ces données de façon sécurisée et protectrice de la vie privée. Les problèmes de performance des communications temps réels sur terminaux mobiles sur un canal sans-fil sont aussi étudiés. Les codes à effacement sont un moyen courant d'améliorer ces performances. Le secret sharing est un mécanisme permettant de partager des données privées, ne les révélant qu'à un groupe d'utilisateur choisi. Dans cette thèse, nous lions théoriquement les secret sharing schemes et les codes à effacement, pour fournir une source plus riche de solutions aux deux problèmes. Notre objectif est de fournir des solutions ayant le niveau de sécurité souhaité, tout en restant efficace et implémentable. Les contributions de cette thèse sont les suivantes. Nous évaluons l'applicabilité d'une nouvelle classe de codes à effacements à Maximum Distance Séparable (MDS) pour transférer du contenu temps réel à des terminaux mobiles, et nous démontrons que le code systématique réduit grandement la complexité d'exécution et la taille nécessaire des tampons en comparaison du code non systématique, faisant de lui un bon candidat pour une application mobile. Nous proposons un nouveau Layered secret sharing scheme pour le partage en temps réel de données sur des réseaux sociaux (OSNs pour Online Social Network). Le procédé permet de partager automatiquement un profile dans un groupe défini dans un OSN, en utilisant un multi-secret sharing scheme formé de multiples couches. Le procédé ne dépend nullement d'un tiers de confiance. Comparé à un partage simple de chaque attributs (pouvant être un texte, une image ou une vidéo), le procédé ne divulgue aucune information à propos de ce qui est partagé, pas même le nombre de ceux-ci, et il induit une augmentation relativement faible du temps de calcul et des données à envoyer. Finalement, nous étudions les liens entre les codes MDS et les secret sharing schemes, ayant pour motivation l'inefficacité du très populaire Shamir secret sharing scheme. Nous établissons les liens théoriques entre les deux domaines et nous proposons une nouvelle construction de strong ramp schemes à partir de codes MDS. Ceci permet d'utiliser les codes MDS existants et efficaces pour des applications de partage de secret et de calculs distribués et sécurisés. Nous évaluons et montrons une réduction significative de temps de calcul et du coût de communication en utilisant un strong ramp scheme, en comparaison avec le procédé de Shamir. / Data from both individuals and companies is increasingly aggregated and analysed to provide new and improved services. There is a corresponding research effort to enable processing of such data in a secure and privacy preserving way, in line with the increasing public concerns and more stringent regulatory requirements for the protection of such data. Secure Multi-Party Computation (MPC) and secret sharing are mechanisms that can enable both secure distribution and computations on private data. In this thesis, we address the inefficiencies of these mechanisms by utilising results from a theoretically related rich area, erasure codes. We derive links between erasure codes and secret sharing, and use Maximum Distance Separable (MDS) codes as a basis to provide real-time applications relying on private user's data, revealing this data only to the selected group (which can be empty). The thesis has three contributions. A new class of erasure code called on-the-fly coding, have been introduced for their improvements in terms of recovery delay and achievable capacity. However little is known about the complexity of the systematic and non-systematic variants of this code, notably for live multicast transmission of multimedia content which is their ideal use case. The evaluation of both variants demonstrate that the systematic code outperforms the non-systematic one in regard to both the buffer sizes and the computation complexity. Then, we propose a new Layered secret sharing scheme and its application to Online Social Network (OSN). In current OSN, access to the user's profile information is managed by the service provider based on a limited set of rules. The proposed scheme enables automated profile sharing in OSN's groups with fine grained privacy control, via a multi-secret sharing scheme comprising of layered shares, without relying on a trusted third party. We evaluate the security of the scheme and the resulting profile's level of protection in an OSN scenario. Finally, after showing that erasure codes are efficient for real-time applications and that the security offered by secret sharing schemes can be applied to real-case applications, we derive the theoretical links between MDS codes and secret sharing to enable the implementation of efficient secret sharing scheme built from MDS codes. To illustrate this efficiency, we implement two of these schemes and evaluate their benefits in regard to computation and communication costs in an MPC application. Code à effacement Secret sharing Calcul distribué et sécurisé Calcul distribué Application temps réel Erasure code Secret sharing Secure multi-Party computation Distributed computing Real-Time application 000
362	Vulnérabilité, interdépendance et analyse des risques des postes sources et des modes d’exploitation décentralisés des réseaux électriques / Vulnerability, interdependencies and risk analysis of coupled infrastructures : power distribution network and ICT Sanchez Torres, José Libardo 23 October 2013 (has links) Au vu de l’utilisation croissante des technologies de l’information et de la communication dans les réseaux électriques, il est indispensable d’étudier l’étroite liaison entre ces infrastructures et d’avoir une vision intégrée du système couplé. Cette thèse porte ainsi sur la modélisation des systèmes multi-infrastructures. Cela inclut les interdépendances et les trajectoires de défaillances de type modes communs, aggravations et cascades. Il est en effet nécessaire d’identifier les points de faiblesse qui peuvent déclencher une ou de multiples défaillance(s), se succéder en cascade au travers de ces infrastructures liées et ainsi entrainer des défaillances inattendues et de plus en plus graves dans des autres infrastructures. Dans cette optique, différents modèles basés sur la théorie des Réseaux Complexes sont développés afin d’identifier les composants les plus importantes, et pourtant critiques, dans le système interconnecté. Un des principaux verrous scientifiques levé dans cette thèse est relatif au développement d'un modèle mathématique « unifié » afin de représenter les comportements des multiples infrastructures non-homogènes qui ont des interdépendances asymétriques. / In view of the increasing use of Information and Communication Technol-ogies in power systems, it is essential to study the interdependencies between these coupled heterogeneous systems. This thesis focuses on the modeling of multi- infrastructure systems. This includes interdependencies and the three major failures families: common mode, escalat-ing and cascading. It is indeed necessary to identify the weaknesses that can trigger one or multiple failure(s) and cascade through these interdependent infrastructures, causing unex-pected and increasingly more serious failures to other infrastructures. In this context, different approaches, based on the theory of Complex Networks, are developed to identify the most critical components in the coupled heterogeneous system. One of the major scientific barriers addressed in this thesis is the development of a unified mathematical model to represent the behavior. Infrastructures critiques Interdépendances Réseau électrique Réseau de communication Réseaux complexes Systèmes couplés Vulnérabilités Critical infrastructures Nterdependence Power grid Secure operation Vulnerability 620
363	ProGrid: uma infra-estrutura de suporte a programação paralela em grades computacionais. Costa, Paulo Vicente Capellotto 26 May 2003 (has links) Made available in DSpace on 2016-06-02T19:05:18Z (GMT). No. of bitstreams: 1 DissPVCC.pdf: 3610389 bytes, checksum: 207fb73eb90d6ef70e9232d6b9d02a92 (MD5) Previous issue date: 2003-05-26 / Financiadora de Estudos e Projetos / The computational Grid concept allows resource sharing in large scale. This work introduces the ProGrid system, an architecture for computational Grids, whose communication and resource management infrastructure is used transparently by the applications. Unlike other grid approaches, this work relies on the use of proxy servers to perform additional communications and authentication procedures on behalf of client applications. The purpose of this mechanism is to enable parallel applications to be executed in geographically distributed environments interlinked by an open communication network, such as the Internet, meeting the security requisites desirable for computational grids. To reach such objectives, a generic architecture for ProGrid was developed, that is divided in a group services layers. This work was focused in the implementation of layers responsible by the secure communication and for the controlled sharing of available resources. / O conceito de grade computacional permite o compartilhamento de recursos computacionais em larga escala. Este trabalho apresenta o sistema ProGrid, uma arquitetura para Grades Computacionais, na qual a infra-estrutura de comunicação e o gerenciamento de recursos são usados transparentemente pelas aplicações. Diferentemente de outras grades, este trabalho utilizou uma abordagem baseada em servidores Proxy para realizar os processos adicionais de comunicação e autenticação em nome da aplicação cliente. O propósito deste mecanismo é habilitar a execução de aplicações paralelas em ambientes geograficamente distribuídos interconectados por um canal de comunicação aberto, como a Internet, atendendo os requisitos de segurança desejáveis nas Grades Computacionais. Para alcançar tais objetivos, desenvolveu-se uma arquitetura genérica para o ProGrid , que é dividida em um conjunto de camadas de serviços. Este trabalho focou-se na implementação das camadas responsáveis pela comunicação segura e pelo compartilhamento controlado dos recursos disponíveis. Processamento distribuído Grade computacional Sistemas distribuídos Redes de computação - segurança Grid computing Proxy Secure communication Distributed computing MPI
364	O documento eletrônico seguro nas transações de compras eletrônicas / The secure electronic document in eletronic procurement transactions Leal, Kleber Anderson Figueiredo 30 April 2013 (has links) Made available in DSpace on 2016-12-01T19:18:35Z (GMT). No. of bitstreams: 1 Sumario e Resumo.pdf: 45506 bytes, checksum: cd9544192e5430afbcb12944adc4244c (MD5) Previous issue date: 2013-04-30 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / Resumo protegido Comércio eletrônico Documentos eletrônicos Documento eletrônico seguro Certificado digital E-commerce Compras eletrônicas Secure electronic document Digital certificate Electronic purchases
365	A utilização do documento eletrônico seguro na prefeitura municipal de Florianópolis / The use of secure electronic document in the city of Florianópolis Ribeiro, Paulo Sérgio 07 June 2011 (has links) Made available in DSpace on 2016-12-01T19:18:51Z (GMT). No. of bitstreams: 1 Paulo.pdf: 42365 bytes, checksum: fa1feba98757f997494aa7d42793bd33 (MD5) Previous issue date: 2011-06-07 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / The electronic document is a reality in many modern institutions and the operational benefits resulting from the adoption of this technological feature have being tested every day for a greater number of organizations. The private sector has benefited from information technology in a very intense way, promoting new forms of management and a new dimension to the business, crossing geographical barriers and improving the processes for provision of new services and products. In the public sector, even with the growing concern about the use of information technology for administration, such as the development of so-called Electronic Government (e-government), it is clear a gap and felt great opportunities for administrators to motivate for a wider adoption of Secure Electronic Documents (DES) in organizational processes. Starting from this context, it is envisioned this research work, which aims to identify the indicators for evaluating investments in the use of DES in public organizations. In studies in the City of Florianopolis, the evidence points to substantial gains in organizational processes that were directly influenced by use of DES, with immediate implications in time and costs expended by the activities / O documento eletrônico é uma realidade em muitas instituições modernas e os benefícios operacionais decorrentes da adoção desse recurso tecnológico vêm sendo experimentados, a cada dia, por um número maior de organizações. O setor privado tem se beneficiado das Tecnologias da Informação de maneira bastante intensa, propiciando novas formas de gestão e uma nova dimensão aos negócios, transpondo barreiras geográficas e aprimorando os processos para a oferta de serviços e produtos. No setor público, mesmo com a crescente preocupação no uso de Tecnologias da Informação pela administração, a exemplo do desenvolvimento dos chamados Governos Eletrônicos, evidencia-se uma lacuna e se percebe grandes oportunidades para que os administradores se motivem a uma adoção mais ampla dos Documentos Eletrônicos Seguros (DES) nos processos organizacionais. Partindo-se desse contexto é que se idealizou o presente trabalho de pesquisa, o qual objetiva identificar os indicadores que permitam avaliar os investimentos no uso de DES em organizações públicas. Nos estudos feitos na Prefeitura Municipal de Florianópolis, as evidências apontam para ganhos substanciais nos processos organizacionais que sofreram influência direta do uso do DES, com reflexos imediatos nos prazos e custos dispendidos pelas atividades Documento eletrônico seguro Adequação estratégica Governo eletrônico Documentos eletrônicos Internet na administração pública Secure electronic document Strategic alignment E-government
366	M-CODE: um modelo para mediÃÃo de confidencialidade e desempenho para aplicaÃÃes mÃveis seguras / M-CODE: A model for measurement of confidentiality and reliable performance for mobile applications AglaÃse Frota Moura Carvalho 19 September 2008 (has links) FundaÃÃo Cearense de Apoio ao Desenvolvimento Cientifico e TecnolÃgico / Os dispositivos mÃveis tÃm limitaÃÃes de recursos que restringem o uso de mecanismos de seguranÃa em aplicaÃÃes, tais como comÃrcio eletrÃnico, as quais exigem, por exemplo, o requisito de confidencialidade. Como Ã indispensÃvel a implementaÃÃo de mecanismos de seguranÃa nesse tipo de aplicaÃÃes, Ã fundamental auxiliar os desenvolvedores na escolha de um mecanismo que respeite limitaÃÃes, por exemplo, de desempenho, memÃria e bateria, dos dispositivos mÃveis. Esta dissertaÃÃo propÃe entÃo um modelo para medir o grau de confidencialidade e de desempenho necessÃrios para determinadas aplicaÃÃes que irÃo executar em dispositivos mÃveis. A fim de escolher o algoritmo criptogrÃfico e/ou o protocolo mais adequado a uma aplicaÃÃo mÃvel especÃfica, os cÃlculos da confidencialidade e desempenho sÃo realizados atravÃs de medidas jÃ definidas no modelo e de pesos definidos pelo desenvolvedor, de acordo com a relevÃncia de cada medida para aplicaÃÃo. Para especificar a proposta, as abordagens de Goal-Question-Metric (GQM), Goal-Driven Software Measurement (GDSM), variaÃÃes destas abordagens e o Security Measurement (SM) framework sÃo utilizados. Em seguida, para validar o modelo, Ã utilizada uma aplicaÃÃo mÃvel segura jÃ existente como estudo de caso, sendo feita a anÃlise e cÃlculo dos graus de confidencialidade e desempenho de algoritmos e protocolos / Mobile devices have resource restrictions that constrain the use of security mechanisms in applications, such as e-commerce, which demand, for example, confidentiality issues. There is then a need for a mechanism to help developers to choose the appropriate solution that provides security for a specific mobile device application, taking in consideration the limitation of performance, memory and battery, among others. Thus, this work proposes a security measurement model focused on confidentiality and performance for mobile applications. This model is defined in conformance with the cryptographic algorithm and/or protocol more adequate to the mobile application. Confidentiality and performance degrees are calculated according to the proposed model measurements and weights defined by the secure mobile application developer. . The following measurement approaches are used to specify the proposal: Goal-Question-Metric (GQM) and Goal-Driven Software Measurement (GDSM), variations of these approaches, and the Security Measurement (SM) framework. As a case study, a mobile application already existent is used for the analysis and calculation of the confidentiality and performance degrees of chosen algorithms and protocols Dispositivos MÃveis SeguranÃa Confidencialidade Desenvolvimento de AplicaÃÃes Seguras MediÃÃo Desempenho Security Confidentiality Mobile Devices Development of Secure Applications Measurement Performance COMPUTABILIDADE E MODELOS DE COMPUTACAO
367	Security Enhanced Firmware Update Procedures in Embedded Systems Abrahamsson, David January 2008 (has links) Many embedded systems are complex, and it is often required that the firmware in these systems are updatable by the end-user. For economical and confidentiality reasons, it is important that these systems only accept firmware approved by the firmware producer. This thesis work focuses on creating a security enhanced firmware update procedure that is suitable for use in embedded systems. The common elements of embedded systems are described and various candidate algorithms are compared as candidates for firmware verification. Patents are used as a base for the proposal of a security enhanced update procedure. We also use attack trees to perform a threat analysis on an update procedure. The results are a threat analysis of a home office router and the proposal of an update procedure. The update procedure will only accept approved firmware and prevents reversion to old, vulnerable, firmware versions. The firmware verification is performed using the hash function SHA-224 and the digital signature algorithm RSA with a key length of 2048. The selection of algorithms and key lengths mitigates the threat of brute-force and cryptanalysis attacks on the verification algorithms and is believed to be secure through 2030. Secure firmware update threat analysis embedded security embedded systems Säker uppdatering hotanalys säkerhet inbyggda system firmware mjukvara Computer and Information Sciences Data- och informationsvetenskap
368	En säkerhetsgranskning av Secure Application Framework Norling, Sebastian January 2013 (has links) Företaget Wireless Independent Provider (WIP) har tagit fram ett säkerhetsramverk vid namn Secure Application Framework (SAF) som är ett väldokumenterat ramverk för att skapa säkra interna företagsappar. Syftet med detta ramverk är att lösa problematiken kring Bring Your Own Device (BYOD) – hur man ska skilja på privat data och företagets data i enheten. Med ett sådant system så finns det mycket att tänka på rörande säkerheten. Genom att identifiera ett antal olika hot och genomföra en riskanalys på dessa kommer man fram till att systemet är skyddat mot majoriteten av hoten, det finns dock förslag till förbättringar på enstaka delar av systemet. Det genomförs även prestandatester och undersökning av lavineffekten för ett antal olika symmetriska krypteringsalgoritmer i syfte att fastslå om den använda algoritmen i systemet har fördelar jämfört med andra moderna krypteringsalgoritmer. Utifrån resultaten som tagits fram i detta arbete så konstateras det att skyddet mot de identifierade hoten är mycket bra samt att det inte finns någonting som skulle motivera ett byte av den symmetriska krypteringsalgoritmen. secure application framework wip kryptering public key infrastructure pki riskanalys lavineffekt prestanda byod Information Systems Computer Sciences Datavetenskap (datalogi) Software Engineering Programvaruteknik
369	Structured professional judgement approach to risk assessment : generalisability across patient groups for the prediction of adverse outcomes in secure mental health care O'Shea, Laura E. January 2016 (has links) This thesis comprises a rigorous and coherent body of work related to the use of the HCR-20 and the START to inform risk assessment and management of secure mental health inpatients. The thesis contributes significant theoretical and applied knowledge by: 1) investigating the extent to which these tools can be generalised beyond restricted validation samples to the full range of individuals in contact with secure services, 2) determining whether they can aid assessment and management of adverse outcomes beyond aggression, and 3) offering practical, empirically-derived advice for clinicians regarding management strategies that may reduce the occurrence of adverse events. This collection of papers has used considerably novel methods, such as rocreg analysis in risk assessment of behavioural outcomes, and high quality, routinely collected data to gain a more realistic representation of what occurs in clinical practice. Further, the papers draw on larger sample sizes than have previously been reported in this area, allowing for more complex statistical analysis. This thesis has helped clarify the contexts in which these instruments perform effectively and therefore has important implications for clinical risk assessment in inpatient settings. Specifically, there is evidence that the HCR-20 and the START may aid assessment and management of aggression for the majority of groups examined, and that both tools have some efficacy for predicting self-harm among female populations. However, the HCR-20 should not be used to inform prediction and management of aggression and self-harm for individuals with developmental and organic disorders and is unlikely to be beneficial at informing risk management strategies targeting self-harm among males; the START should not be used to inform prediction and management of substance abuse, victimisation, or unauthorised leave. Finally, this thesis highlights a number of directions for future research to continue advancement in this area. 362.2
370	La rétention de sûreté : la première mesure de sûreté privative de liberté depuis le nouveau Code pénal‎ / Rétention de sûreté : the first security measure of depravation of liberties since the new Criminal Code Mallein, Elise 02 November 2015 (has links) Le droit pénal français est marqué par une volonté de prévenir la récidive. Ce souhait se concrétise par l’introduction de mesures de sûreté dont la rétention de sûreté. Toutefois, la rétention de sûreté n’est pas une mesure de sûreté comme les autres, ce qui a conduit à de nombreux débats qui, en réalité, reprennent d’anciennes et récurrentes controverses. Cette mesure part en effet du postulat que les criminels sexuels et/ou violents présentent une maladie, maladie qui laisse présumer un risque de récidive. En les traitants comme des malades, le législateur considère ainsi qu’ils sont curables. En conséquence, il convient de mettre en œuvre des soins, seule solution pour prévenir une récidive. Cependant, cette même maladie conduit souvent le patient à refuser les soins pourtant nécessaires au regard de cette maladie. Dans ces circonstances, le soin est contraint, mais non imposé, par la menace, puis la mise en œuvre effective, d’une mesure privative de liberté qu’est la rétention de sûreté, ce qui constitue une menace pour les libertés individuelles. Le mécanisme même de la rétention de sûreté fait ainsi apparaître de nombreux problèmes criminologiques, psychologiques, constitutionnels, conventionnels que le droit français ne peut ignorer. Il est nécessaire de les prendre en compte pour éviter que la rétention de sûreté ne devienne une mesure purement éliminatrice au détriment de son principal objectif, qui reflète le fondement même du droit pénal français, à savoir prévenir la récidive tout en permettant à terme la réinsertion des criminels dans la société. / The French criminal law is characterised by a willingness to prevent recidivism. To give concrete expression to this will, security measures are implemented among which the secure detention. However, the secure detention is not an ordinary measure and gives rises to many debates which, in fact, take up old and recurrent controversies. This measure is based on the assumption that sexual and/or violent criminals show a disease which may suggest a risk of a second offence. As a result, by considering them as sick persons, the legislator asserts that they can be treated. Accordingly, medical care is advised as the only solution to prevent a second offence. However, this disease itself often induces the patient to refuse cares even if it is required for this disease. Under these circumstances, care is constrained by law but not imposed by threat. Yet, if the attempt fails, a measure which deprives of liberties will be effective, such as the secure detention, what threatens individual freedoms. The secure detention process raises many criminological, psychological, constitutional and conventional problems than the French law can’t ignore. It’s necessary to take them into account to prevent the secure detention turning into a phase-out measure to the detriment of its mains objective, which reflects the cause itself of the criminal French law, i. e. to prevent the second offence while helping criminals in the long run to become reintegrated in society. Rétention de sûreté Mesure de sûreté Privation de liberté Dangerosité Criminologie Perpétuité Récidive Trouble de la personnalité Pronostic Secure detention Security measure Deprivation of liberty Dangerousness Criminology Perpetual measure Recidivism Personality disorder Prediction 346

Search results