Spelling suggestions: "subject:"2security 1rchitecture"" "subject:"2security 1architecture""
21 |
Security for Rural Public ComputingUr Rahman, Sumair January 2008 (has links)
Current research on securing public computing infrastructure like Internet kiosks has focused on the use of smartphones to establish trust in a computing platform or to offload the processing of sensitive information, and the use of new cryptosystems such as Hierarchical Identity-based Encryption (HIBE) to protect kiosk user data. Challenges posed by rural kiosks, specifically (a) the absence of specialized hardware features such as Trusted Platform Modules (TPMs) or a modifiable BIOS in older recycled PCs, (b) the potential use of periodically disconnected links between kiosks and the Internet, (c) the absence of a production-ready implementation of HIBE and (d) the limited availability of smartphones in most developing regions make these approaches difficult, if not impossible, to implement in a rural public computing scenario. In this thesis, I present a practical, unobtrusive and easy-to-use security architecture for rural public computing that uses a combination of physical and cryptographic mechanisms to protect user data, public computing infrastructure and handheld devices that access this infrastructure. Key contributions of this work include (a) a detailed threat analysis of such systems with a particular focus on rural Internet kiosks and handheld devices, (b) a security architecture for rural public computing infrastructure that does not require any specialized hardware, (c) an application-independent and backward-compatible security API for securely sending and receiving data between these systems and the Internet that can operate over delay tolerant links,
(d) an implementation of my scheme for rural Internet kiosks and (e) a performance evaluation of this implementation to demonstrate its feasibility.
|
22 |
Canada’s Non-Imperial Internationalism in Africa: Understanding Canada’s Security Policy in the AU and ECOWASAkuffo , Edward Ansah Unknown Date
No description available.
|
23 |
Evaluation de la confiance dans les architectures de sécurité / Trust evaluation in security architecturesOrfila, Jean-Baptiste 03 July 2018 (has links)
Dans un monde de plus en plus connecté, la question de la confiance dans les sys-tèmes d’information qui nous entourent devient primordiale, et amène naturellement à des interrogations quant à leur sécurité. Les enjeux de cette dernière concernent autant la confidentialité des données individuelles que la protection des architectures critiques, notamment déployées dans le domaine de l’énergie et du transport. Dans cette thèse, nous abordons trois problématiques liées aux architectures de sécurité des systèmes d’information. Tout d’abord, nous proposons une architecture pour un module de rupture protocolaire, fournissant une protection face aux attaques utilisant le réseau comme vecteur. Grâce à l’isolation et le filtrage des échanges qu’il réalise, nous montrons que ce nouvel équipement est particulièrement adapté à la sécurisation des systèmes de contrôle-commandes. Nous abordons ensuite le thème de la sécurité des utilisateurs finaux ou objets connectés, par la définition d’une Infrastructure de Gestion de Clefs (IGC) centrée sur ces derniers, dénommée LocalPKI. Elle repose sur l’utilisation de certificats auto-signés, et son objectif est d’allier la simplicité des IGC pair-à-pair avec la sécurité des IGC hiérarchiques.Enfin, nous nous intéressons à l’amélioration du mécanisme des ancres de confiance pour les autorités de certification, utilisé par exemple dans PKIX et LocalPKI. A cet égard, nous commençons par définir des protocoles multi-parties permettant de calculer des produits scalaires et matriciels, préservant la confidentialité des données. Nous montrons finalement comment les appliquer dans le cadre de l’agrégation de confiance, et par conséquent à la réputation des autorités de certification / In a increasingly connected world, trust in information systems is essential. Thus, many questions about their security arise. Topics of these questions include individual data confidentiality as well as protection of Industrial Critical Systems(ICS). For instance, ICS are deployed in sectors including energy or transportation where security is of high importance. In this thesis, we address three problems related to the security architecture of information systems. We first propose an architecture for a protocol splitting device. This provides protection against networkattacks by isolating and filtering data exchanges. We show that this new security equipment is well suited for ICS. Then, we focus on end-user security. We define a user-centric Public Key Infrastructure (PKI) called LocalPKI. By using self-signed certificates, this infrastructure combines the user-friendliness of PGP-based PKI and the security of hierarchical PKI. Finally, we improve the trust anchormechanism. It is employed by Certification Authorities (CA) and especially used in PKIX or LocalPKI. In that respect, we first define multi-party protocols to securely compute dot and matrix products. Then, we explain how to apply them on trust aggregations and thus on the reputation of certification authorities.
|
24 |
Design and Development of Intelligent Security Management Systems: Threat Detection and Response in Cyber-based InfrastructuresYahya Javed (11792741) 19 December 2021 (has links)
<div>Cyber-based infrastructures and systems serve as the operational backbone of many industries and resilience of such systems against cyber-attacks is of paramount importance. As the complexity and scale of the Cyber-based Systems (CBSs) has increased many folds over the years, the attack surface has also been widened, making CBSs more vulnerable to cyber-attacks. This dissertation addresses the challenges in post intrusion security management operations of threat detection and threat response in the networks connecting CBSs. In threat detection, the increase in scale of cyber networks and the rise in sophistication of cyber-attacks has introduced several challenges. The primary challenge is the requirement to detect complex multi-stage cyber-attacks in realtime by processing the immense amount of traffic produced by present-day networks. In threat response, the issue of delay in responding to cyber-attacks and the functional interdependencies among different systems of CBS has been observed to have catastrophic effects, as a cyber attack that compromises one constituent system of a CBS can quickly disseminate to others. This can result in a cascade effect that can impair the operability of the entire CBS. To address the challenges in threat detection, this dissertation proposes PRISM, a hierarchical threat detection architecture that uses a novel attacker behavior model-based sampling technique to minimize the realtime traffic processing overhead. PRISM has a unique multi-layered architecture that monitors network traffic distributedly to provide efficiency in processing and modularity in design. PRISM employs a Hidden Markov Model-based prediction mechanism to identify multi-stage attacks and ascertain the attack progression for a proactive response. Furthermore, PRISM introduces a stream management procedure that rectifies the issue of alert reordering when collected from distributed alert reporting systems. To address the challenges in threat response, this dissertation presents TRAP, a novel threat response and recovery architecture that localizes the cyber-attack in a timely manner, and simultaneously recovers the affected system functionality. The dissertation presents comprehensive performance evaluation of PRISM and TRAP through extensive experimentation, and shows their effectiveness in identifying threats and responding to them while achieving all of their design objectives.</div>
|
25 |
Arquitectura de seguridad de la información para la protección de activos digitales en Pymes / Security architecture for the protection of digital assets in SMEsChavarria Aragón, Lurdes Gisella, Rubio Castillo, Nair Carlos Arturo 23 June 2021 (has links)
El uso de la tecnología se ha convertido en una necesidad para muchas empresas, existen nuevos modelos de negocio que años atrás se veían lejanos de desarrollar, pero con el gran avance de la tecnología hoy es posible, por ello han visto la necesidad de adaptarse a la nueva era de digitalización para sobrevivir. La transformación digital trae consigo necesidades como la seguridad de la información, a pesar de ello las PYME han reducido sus presupuestos de seguridad, quedando expuesto a diversas amenazas.
Este proyecto consiste en desarrollar una arquitectura de seguridad para la protección de activos digitales en pymes, la cual busca incrementar los niveles de efectividad en los mecanismos de defensa mediante el despliegue de controles efectivos. La arquitectura se basa en los conceptos de OSA y de la metodología SABSA, y considera las capas contextual y conceptual, lógica y física adaptadas Pymes. Además, considera un kit de herramientas para soportar los controles.
Los resultados obtenidos del uso de la arquitectura para una empresa pyme del sector retail, indican que se logra un incremento del nivel de seguridad en los diversos niveles de la organización. Se espera que la arquitectura ayude a diversas empresas a gestionar la seguridad con el fin de que puedan desarrollar su negocio. / The use of technology has become a necessity for many companies, there are new business models that years ago were far from developing, but with the great advancement of technology today it is possible, for this reason they have seen the need to adapt to the new era of digitization to survive. The digital transformation brings with it needs such as information security, despite this SMEs have reduced their security budgets, being exposed to various threats.
This project consists of developing a security architecture for the protection of digital assets in SMEs, which seeks to increase the levels of effectiveness in defense mechanisms through the deployment of effective controls. The architecture is based on the concepts of OSA and the SABSA methodology, and considers the contextual and conceptual, logical, and physical layers adapted to SMEs. Also, consider a tool kit to support the controls.
The results obtained from the use of architecture for an SME company in the retail sector indicate that an increase in the level of security is achieved at the various levels of the organization. The architecture is expected to help various companies manage security so that they can grow their business. / Tesis
|
26 |
Sjuksköterskors syn på mjuk säkerhetsarkitekturSvensson, Mattias January 2021 (has links)
Users of systems can be divided into three broad userroles: patients, general public, and healthcare workers. Theseuser roles has differing perspectivesand motivation on security. Polices are structures who actproactively to prevent or minimizesecurity threats, these methods are simple yet effective toensure security. Braun och Clarke (2006)model for thematic analysis were used to analyze the data.The results from the analysis was that theinformants have a good understanding of what soft securityarchitecture is and how their actionsaffect it. The conclusion of this study are that nurses have agood understanding of the soft securityarchitecture, what to do and not to do to maintain security / Användare av system kan delas in i tre breda roller: patienter,allmänheten ochsjukvårdspersonal. Dessa användarroller har olika perspektivoch motivation för säkerhet. Policys ärstrukturer som agerar proaktivt för att förhindra ellerminimera säkerhetshot, dessa metoder äreffektiva för att skapa säkerhet. Braun och Clarke (2006)modell för tematisk analys användes föratt analysera samtlig data. Resultatet från analyseringen varatt informanterna under majoriteten avtiden var i linje med teorin samt har en god förståelse av mjuksäkerhetsarkitektur och hur derashandlingar påverkar säkerheten. Slutsatsen för studien var attsjuksköterskor har en god förståelseav mjuk säkerhetsarkitektur, vad man ska och inte ska göraför att bibehålla säkerheten. Däremotsker aktiva överträdelser av säkerheten när en ”gråzon”identifieras.
|
27 |
A security architecture for protecting dynamic components of mobile agentsYao, Ming January 2004 (has links)
New techniques,languages and paradigms have facilitated the creation of distributed applications in several areas. Perhaps the most promising paradigm is the one that incorporates the mobile agent concept. A mobile agent in a large scale network can be viewed as a software program that travels through a heterogeneous network, crossing various security domains and executing autonomously in its destination. Mobile agent technology extends the traditional network communication model by including mobile processes, which can autonomously migrate to new remote servers. This basic idea results in numerous benefits including flexible, dynamic customisation of the behavior of clients and servers and robust interaction over unreliable networks. In spite of its advantages, widespread adoption of the mobile agent paradigm is being delayed due to various security concerns. Currently available mechanisms for reducing the security risks of this technology do not e±ciently cover all the existing threats. Due to the characteristics of the mobile agent paradigm and the threats to which it is exposed, security mechanisms must be designed to protect both agent hosting servers and agents. Protection to agent-hosting servers' security is a reasonably well researched issue, and many viable mechanisms have been developed to address it. Protecting agents is technically more challenging and solutions to do so are far less developed. The primary added complication is that, as an agent traverses multiple servers that are trusted to different degrees, the agent's owner has no control over the behaviors of the agent-hosting servers. Consequently the hosting servers can subvert the computation of the passing agent. Since it is infeasible to enforce the remote servers to enact the security policy that may prevent the server from corrupting agent's data, cryptographic mechanisms defined by the agent's owner may be one of the feasible solutions to protect agent's data.Hence the focus of this thesis is the development and deployment of cryptographic mechanisms for securing mobile agents in an open environment. Firstly, requirements for securing mobile agents' data are presented. For a sound mobile agent application, the data in an agent that is collected from each visiting server must be provided integrity. In some applications where servers intend to keep anonymous and will reveal their identities only under certain cir- cumstances, privacy is also necessitated. Aimed at these properties, four new schemes are designed to achieve different security levels: two schemes direct at preserving integrity for the agent's data, the other two focus on attaining data privacy. There are four new security techniques designed to support these new schemes. The first one is joint keys to discourage two servers from colluding to forge a victim server's signature. The second one is recoverable key commitment to enable detection of any illegal operation of hosting servers on an agent's data. The third one is conditionally anonymous digital signature schemes, utilising anonymous public-key certificates, to allow any server to digitally sign a document without leaking its identity. The fourth one is servers' pseudonyms that are analogues of identities, to enable servers to be recognised as legitimate servers while their identities remain unknown to anyone. Pseudonyms can be deanonymised with the assistance of authorities. Apart from these new techniques, other mechanisms such as hash chaining relationship and mandatory verification process are adopted in the new schemes. To enable the inter-operability of these mechanisms, a security architecture is therefore developed to integrate compatible techniques to provide a generic solution for securing an agent's data. The architecture can be used independently of the particular mobile agent application under consideration. It can be used for guiding and supporting developers in the analysis of security issues during the design and implementation of services and applications based on mobile agents technology.
|
28 |
A arquitetura de segurança na África Austral (SADC) : surgimento e desenvolvimento de uma comunidade de segurançaMbebe, Fernando Rodrigo January 2010 (has links)
Este trabalho descreve e analisa a formação e desenvolvimento de uma comunidade de segurança na África Austral, desde a formação do grupo de Países da Linha da Frente até ao surgimento do Órgão da SADC para a Cooperação nas áreas de Política, Defesa e Segurança. Na região da África Austral, a África do Sul foi considerada, pela maioria dos países vizinhos (Países da Linha da Frente), uma nação inimiga durante o período em que vigorou a política de segregação racial - o apartheid. Assim, esses países tiveram que formar uma frente comum para lutar contra o regime do apartheid. Entretanto, com o fim da Guerra Fria teve lugar o surgimento de uma «nova» ordem internacional. Este fenômeno levou à pacificação da África Austral que passou a cooperar em vários domínios, em particular na segurança. Em 2001, após longas negociações, os Estados membros da SADC assinaram o Protocolo que instituiu o Órgão da Segurança da SADC responsável por todos os assuntos de Defesa e Segurança. Este órgão teve a difícil missão de gerir todos os assuntos ligados a segurança regional na SADC. Contudo, as suas intervenções nos processos de resolução e gestão de conflitos no Lesotho, na RDC, no Zimbábue e no Madagáscar têm se revelado pouco eficazes. / This paper describes and analyzes the formation and development of a security community in Southern Africa since the formation of the countries of the Front Line to the emergence of the SADC Organ for Cooperation on Politics, Defense and Security. In the region of Southern Africa, South Africa was regarded by most neighboring countries (Front Lines States), an enemy nation during the period which ran the policy of racial segregation – apartheid. Thus, these countries had to form a common front to fight against the apartheid regime. However, with the Cold War saw the emergence of a "new" international order. This phenomenon has led to peace in Southern Africa has been cooperating in various fields, particularly in security. In 2001, after lengthy negotiations, the SADC member states signed the Protocol establishing the Organ of SADC Security responsible for all matters of Defense and Security. This body had the difficult task of handling all issues related to regional security in SADC. However, its interventions in the process of resolution and conflict management in Lesotho, the DRC, Zimbabwe and Madagáscar has proved ineffective.
|
29 |
A arquitetura de segurança na África Austral (SADC) : surgimento e desenvolvimento de uma comunidade de segurançaMbebe, Fernando Rodrigo January 2010 (has links)
Este trabalho descreve e analisa a formação e desenvolvimento de uma comunidade de segurança na África Austral, desde a formação do grupo de Países da Linha da Frente até ao surgimento do Órgão da SADC para a Cooperação nas áreas de Política, Defesa e Segurança. Na região da África Austral, a África do Sul foi considerada, pela maioria dos países vizinhos (Países da Linha da Frente), uma nação inimiga durante o período em que vigorou a política de segregação racial - o apartheid. Assim, esses países tiveram que formar uma frente comum para lutar contra o regime do apartheid. Entretanto, com o fim da Guerra Fria teve lugar o surgimento de uma «nova» ordem internacional. Este fenômeno levou à pacificação da África Austral que passou a cooperar em vários domínios, em particular na segurança. Em 2001, após longas negociações, os Estados membros da SADC assinaram o Protocolo que instituiu o Órgão da Segurança da SADC responsável por todos os assuntos de Defesa e Segurança. Este órgão teve a difícil missão de gerir todos os assuntos ligados a segurança regional na SADC. Contudo, as suas intervenções nos processos de resolução e gestão de conflitos no Lesotho, na RDC, no Zimbábue e no Madagáscar têm se revelado pouco eficazes. / This paper describes and analyzes the formation and development of a security community in Southern Africa since the formation of the countries of the Front Line to the emergence of the SADC Organ for Cooperation on Politics, Defense and Security. In the region of Southern Africa, South Africa was regarded by most neighboring countries (Front Lines States), an enemy nation during the period which ran the policy of racial segregation – apartheid. Thus, these countries had to form a common front to fight against the apartheid regime. However, with the Cold War saw the emergence of a "new" international order. This phenomenon has led to peace in Southern Africa has been cooperating in various fields, particularly in security. In 2001, after lengthy negotiations, the SADC member states signed the Protocol establishing the Organ of SADC Security responsible for all matters of Defense and Security. This body had the difficult task of handling all issues related to regional security in SADC. However, its interventions in the process of resolution and conflict management in Lesotho, the DRC, Zimbabwe and Madagáscar has proved ineffective.
|
30 |
A arquitetura de segurança na África Austral (SADC) : surgimento e desenvolvimento de uma comunidade de segurançaMbebe, Fernando Rodrigo January 2010 (has links)
Este trabalho descreve e analisa a formação e desenvolvimento de uma comunidade de segurança na África Austral, desde a formação do grupo de Países da Linha da Frente até ao surgimento do Órgão da SADC para a Cooperação nas áreas de Política, Defesa e Segurança. Na região da África Austral, a África do Sul foi considerada, pela maioria dos países vizinhos (Países da Linha da Frente), uma nação inimiga durante o período em que vigorou a política de segregação racial - o apartheid. Assim, esses países tiveram que formar uma frente comum para lutar contra o regime do apartheid. Entretanto, com o fim da Guerra Fria teve lugar o surgimento de uma «nova» ordem internacional. Este fenômeno levou à pacificação da África Austral que passou a cooperar em vários domínios, em particular na segurança. Em 2001, após longas negociações, os Estados membros da SADC assinaram o Protocolo que instituiu o Órgão da Segurança da SADC responsável por todos os assuntos de Defesa e Segurança. Este órgão teve a difícil missão de gerir todos os assuntos ligados a segurança regional na SADC. Contudo, as suas intervenções nos processos de resolução e gestão de conflitos no Lesotho, na RDC, no Zimbábue e no Madagáscar têm se revelado pouco eficazes. / This paper describes and analyzes the formation and development of a security community in Southern Africa since the formation of the countries of the Front Line to the emergence of the SADC Organ for Cooperation on Politics, Defense and Security. In the region of Southern Africa, South Africa was regarded by most neighboring countries (Front Lines States), an enemy nation during the period which ran the policy of racial segregation – apartheid. Thus, these countries had to form a common front to fight against the apartheid regime. However, with the Cold War saw the emergence of a "new" international order. This phenomenon has led to peace in Southern Africa has been cooperating in various fields, particularly in security. In 2001, after lengthy negotiations, the SADC member states signed the Protocol establishing the Organ of SADC Security responsible for all matters of Defense and Security. This body had the difficult task of handling all issues related to regional security in SADC. However, its interventions in the process of resolution and conflict management in Lesotho, the DRC, Zimbabwe and Madagáscar has proved ineffective.
|
Page generated in 0.0516 seconds