Spelling suggestions: "subject:"2security"" "subject:"bsecurity""
21 |
Building data-centric security mechanisms for web applicationsMundada, Yogesh 27 May 2016 (has links)
Data loss from web applications at different points of compromise has become a major liability in recent years. Existing security guidelines, policies, and tools fail often, ostensibly for reasons stemming from blatant disregard of common practice to subtle exploits originating from complex interactions between components. Current security mechanisms focus on “how to stop illicit data transfer”(i.e., the “syntax”), and many tools achieve that goal in principle. Yet, the practice of securing data additionally depends on allowing administrators to clearly specify “what data should be secured” (i.e., the “semantics”). Currently, translation from “security semantics” to “security syntax” is manual, timeconsuming, and ad hoc. Even a slight oversight in the translation process could render the entire system insecure. Security semantics frequently need modifications due to changes in various external factors such as policy changes, user reclassification, and even code refactoring. This dissertation hypothesizes that adaptation to such changes would be faster and less error prone if the tools also focused on automating translation from semantics to syntax, in addition to simply executing the syntax. With this approach, we build following
low maintenance security tools that prevent unauthorized sensitive data transfer at various vantage points in the World Wide Web ecosystem. We show how the security tools can take advantage of inherent properties of the sensitive information in each case, making the translation process automatic and faster:
● Appu, a tool that automatically finds personal information(semantics) spread across web services, and suggests actions(syntax) to minimize data loss risks.
● Newton, a tool that formalizes the access control model using web cookies. Using this formal approach, it improves the security of the existing session management techniques by detecting(semantics) and protecting(syntax) privileged cookies without requiring input from the site administrator.
● SilverLine, a system for cloudbased web services that automatically derives data exfiltration rules(syntax) from the information about sensitive database tables & intertable relationships(semantics). Then, it executes these rules using information flow control mechanism.
|
22 |
Managing the poorest : the social fund in historical contextCraig, Gary January 1991 (has links)
No description available.
|
23 |
Bold course into the future or lost at sea a critical evaluation of the United States Navy's ongoing transformationPeters, Todd David 12 1900 (has links)
Throughout its existence, the U.S. Navy has labored under the continuous scrutiny and skepticism of critics who have either questioned its strategic relevance or its cost. Most recently, this historic debate has centered on the various merits, limitations, benefits and difficulties of littoral or shallow-water combat capabilities, amphibious assault operations, long range precision strike operations, and the role of carrier battle groups. Ever rising costs of procurement combined with reductions in the overall end-strength of the U.S. military have further shaped this debate, especially in terms of how to collate force structure with strategic success. This thesis seeks to evaluate how well the U.S. Navy has demonstrated itself to be in terms of identifying, designing, and procuring the platforms it needs to successfully achieve its missions in the current and future threat environments.
|
24 |
Impacts of prolonged peace on Brazilian politicsGungor, Ugur 12 1900 (has links)
The purpose of the thesis is to find out how prolonged peace affects the politics and national goals of countries. Peace has become one of the major study areas in both international and domestic politics. The relationship between war making efforts and increasing the state capacity has been examined in the cases of developed countries, especially in Europe in the twentieth century. However, the findings of such studies are not all applicable for the developing countries in the Third World, and the relation between the interstate peace and the state capacity of countries has not been analyzed in depth. Finding out the effects of regional peace on contemporary Brazilian politics is valuable to understand the course of international relations with the absence of a clear threat of international war. This is becoming increasingly true of other important regions of the world, such as the European Union, Southern Africa, and the former Soviet states, where major interstate war seems unlikely. Moreover explaining more cooperative foreign policies, the priority of economic wealth generation in domestic affairs, and the institutional changes, especially in the military, in the case of Brazil will be helpful in a comparative perspective to understand countries that will be experiencing similar environments.
|
25 |
Congressional intelligence oversight evolution in progress 1947-2005Reid, Edwina Clare. 09 1900 (has links)
From the creation of the Intelligence Community as part of the National Security Act of 1947 to present day, congressional oversight has varied depending on popular interest generated by media reports of scandal or due to perceived failures. Conversely the Intelligence Community has used the varying degrees of oversight as an opportunity to participate in activities outside its charter. This thesis examines the evolution of congressional oversight from virtually non-existent to the current efforts to reform the Intelligence Community. What this study demonstrates is that oversight has primarily been driven in response to an abuse or a failure. It has been popular interest fueled by media involvement that has forced congressional action. This is demonstrated by examining the wave of reform after the publication of the Central Intelligence Agency's abuse of power in 1970, again after the revelation of the Iran-contra affair in 1986 and lastly after the September 11th attacks. The study also uncovers a reoccurrence in the recommended reforms, particularly the recommendation for the creation of a Director of National Intelligence and the need for greater congressional involvement.
|
26 |
A concise analysis of Argentina's post-Junta reform of its major security servicesKitt, John J. 12 1900 (has links)
For newly formed democracies, security-sector reform is essential and plays a crucial role in their long-term governmental and institutional stability. The implementation of appropriate security-sector reform by transitional governments in areas of regional instability, such as Iraq, Argentina, and El Salvador, is an issue of considerable concern, not only for the countries themselves, but also for their neghbors and the world at large. Such civil-military reforms provide newly elected civilian governments stability, peace of mind, and a monopoly on the use of armed force to ensure the safety of national borders, sovereignty, and public safety. The purpose of this thesis is to define and explore the successes and failures of the Argentine reforms under the new democratically elected civilian government vis-a-vis security services' overall performance. It will examine the overall effectiveness of the security services under these reforms by breaking down the successes and failures across the police, military, and Gendarmerie forces. This thesis focuses on Argentina's reform of its three major security services following the collapse of the military junta there in 1983. And will analyze the successes and failures of Argentina's reforms by examining the overall performance of the security services and their effectiveness under the new reforms.
|
27 |
An investigation into the critical success factors for e-banking frauds prevention in NigeriaUsman, Ahmad Kabir January 2018 (has links)
E-Banking frauds is an issue experienced globally and continues to prove costly to both banks and customers. Frauds in e-banking services occur due to various compromises in security, ranging from weak authentication systems to insufficient internal controls. Although some security frameworks to address this issue of fraud have been proposed, the problem of e-banking fraud remains due to the inability of these framework to deal with organisational issues. With limited research in this area, the study sets out to identify the organisational Critical Success Factors (CSF) for E-Banking Frauds Prevention in Nigeria by applying CSF theory. A framework is proposed to help improve security from an organisational perspective. The study adopted a mixture of philosophical paradigms which led to the triangulation of research methods; Literature Review, Survey and Case Studies. The Literature Review involved the synthesis of existing literature and identified potential CSF for frauds prevention in e-banking. A total of 28 factors were identified and a conceptual framework was proposed. A 5-point Likert scale survey questionnaire was sent to retail bank staff in Nigeria to rate the criticality of the factors. A total of 110 useable responses were received at a response rate of 23.9%. Similar interrelated factors were grouped using a Principal Component Analysis. Finally, case studies with 4 banks in Nigeria were carried out to deepen our understanding. The study identified a total of 10 CSF which spanned across strategic, operational and technological factor categories. These included 'Management Commitment', 'Engagement of Subject Matter Experts' and 'Multi-Layer Authentication' amongst others. In addition, new CSF such as 'Risk-Based Transactional Controls', 'People Awareness & Training' and 'Bank Agility via Data Driven Decision Making' were identified. Finally, these CSF were grouped into an e-banking frauds prevention framework. This study is a pioneer study that extends theory to propose a CSF-based frauds prevention framework for banks in Nigeria.
|
28 |
DREM: Architectural Support for Deterministic Redundant Execution of Multithreaded ProgramsKvasov, Stanislav 12 February 2010 (has links)
Recently there have been several proposals to use redundant execution
of diverse replicas to defend against attempts to exploit memory corruption vulnerabilities. However, redundant execution relies on the premise that the replicas behave deterministically, so that if inputs are replicated to both replicas, any divergences in their outputs can only be the result of an attack. Unfortunately, this assumption does not hold for multithreaded programs, which are becoming increasingly prevalent -- the
non-deterministic interleaving of threads can also cause divergences in the replicas.
This thesis presents a method to eliminate concurrency related non-determinism between replicas.
We introduce changes to the existing cache coherence hardware used in multicores to support
deterministic redundant execution. We demonstrate that our solution requires moderate hardware changes and shows modest overhead in scientific applications.
|
29 |
DREM: Architectural Support for Deterministic Redundant Execution of Multithreaded ProgramsKvasov, Stanislav 12 February 2010 (has links)
Recently there have been several proposals to use redundant execution
of diverse replicas to defend against attempts to exploit memory corruption vulnerabilities. However, redundant execution relies on the premise that the replicas behave deterministically, so that if inputs are replicated to both replicas, any divergences in their outputs can only be the result of an attack. Unfortunately, this assumption does not hold for multithreaded programs, which are becoming increasingly prevalent -- the
non-deterministic interleaving of threads can also cause divergences in the replicas.
This thesis presents a method to eliminate concurrency related non-determinism between replicas.
We introduce changes to the existing cache coherence hardware used in multicores to support
deterministic redundant execution. We demonstrate that our solution requires moderate hardware changes and shows modest overhead in scientific applications.
|
30 |
SIP Security Threats and CountermeasuresMahmood, Faisal January 2012 (has links)
With the emergence of multimedia applications and the upcoming age of Voice over IP (VoIP), Voice setup and resources control protocols such as SIP and H.323 over the Internet are becoming increasingly attractive applications. In the last few years as a real competitor in traditional telephony services (PSTN), SIP has gained much attention when compared with H.323. SIP works at presentation and application layer thus it mainly faces security issue at these layers. The objective of this thesis is to describe the most relevant SIP related security issues and then present security mechanisms that can be deployed to overcome the SIP security related issues. This project work demonstrates the tasks necessary to enhance the SIP security both inside and outside of the network. It is divided into three main parts, where the first part describes the SIP architecture, for example, the SIP rivals, SIP components and how a SIP system works. The second part is about some vulnerability issues of concern to SIP, study of the proposed security mechanism and also analysis on how possible threats to the SIP system such as call hijacking, message tempering and DoS attack, affect the SIP based VoIP system. The third and final part describes different steps that have been taken to avoid SIP attacks, by implementing some of the proposed security mechanisms. In order to test the SIP security, a SIP model is designed, which based on security mechanisms such as firewall, IPSec, DMZ and SIP-TLS. The results are conducted into two different scenarios. In the 1st scenario, the SIP system is tested before implementing the security measurements. In this case, the insecure system was vulnerable to several SIP attacks such as call hijacking, DOS and message tampering. In the 2nd scenario, the system is tested after the implementation of the proposed security mechanisms, where by the system now is only accessible to the authorized users and services. The tested results are also compared and discussed at the end.
|
Page generated in 0.0664 seconds