Global ETD Search

151	Information Security and Wireless alternate approaches for controlling access to critical information Nandram, Winsome 09 1900 (has links) Approved for public release; distribution is unlimited / The advent of Wireless Local Area Networking (WLAN) has seen a widespread adoption of its technology and functionality in many different areas. Many studies show more and more organizations are extending their networks to incorporate wireless devices and their applications. Permitting wireless devices to access private networks however, further complicates the tasks of protecting the network and its resources from unauthorized access. Now that they have become a significant element in today's networks, selecting and deploying adequate security measures have become the focus of many research efforts. Typically, network managers implement countermeasures to augment security. The goal of this thesis is to research approaches that compliment existing security measures with fine grain access control measures. The Extensible Markup Language (XML) is adopted to accommodate such granular access control as it provides the mechanisms for scaling security down to the document content level. / Captain, United States Marine Corps Wireless LANs XML (Document markup language) Computer networks Security measures
152	Modeling and analyzing intrusion attempts to a computer network operating in a defense-in-depth posture Givens, Mark Allen 09 1900 (has links) Approved for public release; distribution is unlimited / In order to ensure the confidentially, integrity, and availability of networked resources operating on the Global Information Grid, the Department of Defense has incorporated a "Defense-in-Depth" posture. This posture includes the use of network security mechanisms and does not rely on a single defense for protection. Firewalls, Intrusion Detection Systems (IDS's), Anti-Virus (AV) software, and routers are such tools used. In recent years, computer security discussion groups have included IDS's as one of their most relevant issues. These systems help identify intruders that exploit vulnerabilities associated with operating systems, application software, and computing hardware. When IDS's are utilized on a host computer or network, there are two primary approaches to detecting and / or preventing attacks. Traditional IDS's, like most AV software, rely on known "signatures" to detect attacks. This thesis will focus on the secondary approach: Anomaly or "behavioral based" IDS's look for abnormal patterns of activity on a network to identify suspicious behavior. / Major, United States Marine Corps Computer networks Security measures United States Firewalls (Computer security)
153	Developing a reliable methodology for assessing the computer network operations threat of North Korea Brown, Christopher 09 1900 (has links) Approved for release; distribution is unlimited / Computer network operations (CNO) can be considered a relatively new phenomenon being encount modern warfare. Computer network operation is comprised of three components, computer network attack computer network exploitation (CNE), and computer network defense (CND). Computer network attack is def operations to disrupt, deny, degrade, or destroy information resident in computer networks, or the computers and ne themselves. Computer network exploitation is the intelligence collection and enabling operations to gather data from adversary automated information systems (AIS) or networks. Finally, computer network defense are those me internal to the protected entity, taken to protect and defend information, computers, and networks from disruption, degradation, or destruction. No longer is warfare limited to the use of kinetic weapons and conventional methods of war. Computer network operations have become an integral part of our adversary's arsenal and more attention must be paid to the effects of CNO activities, particularly CNA and CNE being conducted by our adversaries. Of the many states suspected of conducting active CNO activities against the United States and other nations, none warrants more attention than North Korea. This thesis presents the development of methodology using information available from open sources. This work is intended to prove that a useful methodology for assessing the CNO capabilities and limitations of North Korea can be developed using only open source information. / Lieutenant, United States Navy Information warfare Korea (North) Computer networks Security measures
154	Evaluation of two host-based intrusion prevention systems Labbe, Keith G. 06 1900 (has links) Host-based intrusion-prevention systems are recently popular technologies which protect computer systems from malicious attacks. Instead of merely detecting exploits, the systems attempt to prevent the exploits from succeeding on the host they protect. This research explores the threats that have led to the development of these systems and the techniques many use to counter those problems. We then evaluate two current intrusion-prevention products (McAfee Entercept and the Cisco Security Agent) as to their success in preventing exploits. Our tests used live viruses, worms, Trojan horses, and remote exploits which were turned loose on an isolated two-computer network. We make recommendations about deployment of the two products based on the results of our own testing. Computer security Computer networks Security measures Security systems
155	Web-based dissemination system for the Trusted Computing Exemlar [i.e. Exemplar] project Kane, Douglas Robert. 06 1900 (has links) Open dissemination of the Trusted Computing Exemplar (TCX) project is needed. This dissemination must include methods to provide secure web access to project material, integrity verification of data, and group-based access controls. Because previously developed dissemination systems do not meet these requirements, a hybrid web-based dissemination system is necessary. The development of the TCX Dissemination System requirements involved the analysis of assumptions, threats, policies, and security objectives for the system and its environment based on the Common Criteria methodology. The requirements yielded a design specification that included a dissemination application that uses XML capabilities for redaction and preparation of releasable materials. This led to the creation of an initial implementation to satisfy a subset of the TCX dissemination requirements. Future work was identified for a subsequent implementation that fulfills additional project requirements. The complete implementation of the dissemination environment described in this thesis will provide a seamless dissemination interface for the TCX project. The Dissemination System provides an example of how controlled information can be organized and made available on the web. When combined with TCX project results, it supports the assured information sharing objectives of the Department of Defense Global Information Grid vision. / US Navy (USN) author. Computer security Computer networks Security measures Data protection
156	Evaluation of Embedded Firewall System Rumelioglu, Sertac. 03 1900 (has links) The performance aspect and security capabilities of the Embedded Firewall (EFW) system are studied in this thesis. EFW is a host-based, centrally controlled firewall system consisting of network interface cards and the "Policy Server" software. A network consisting of EFW clients and a Policy Server is set up in the Advanced Network Laboratory at the Naval Postgraduate School. The Smartbits packet generator is used to simulate realistic data transfer environment. The evaluation is performed centered on two main categories: performance analysis and security capability tests. TTCP program and a script written in TCL are used to perform throughput and packet loss tests respectively. The penetration and vulnerability tests are conducted in order to analyze the security capabilities of EFW. Symantec Personal Firewall is used as a representative application firewall for comparing test results. Our study shows that EFW has better performance especially in connections with high amounts of encrypted packets and more effective in preventing insider attacks. However, current implementation of EFW has some weaknesses such as not allowing sophisticated rules that application firewalls usually do. We recommend that EFW be used as one of the protection mechanisms in a system based on the defense-in-depth concept that consists of application firewalls, intrusion detection systems and gateway protocols. Firewalls (Computer security) Computer networks Security measures Cyberterrorism
157	Security and efficiency concerns with distributed collaborative networking environments Felker, Keith A. 03 1900 (has links) Approved for public release, distribution unlimited / The progression of technology is continuous and the technology that drives interpersonal communication is not an exception. Recent technology advancements in the areas of multicast, firewalls, encryption techniques, and bandwidth availability have made the next level of interpersonal communication possible. This thesis answers why collaborative environments are important in today's online productivity. In doing so, it gives the reader a comprehensive background in distributed collaborative environments, answers how collaborative environments are employed in the Department of Defense and industry, details the effects network security has on multicast protocols, and compares collaborative solutions with a focus on security. The thesis ends by providing a recommendation for collaborative solutions to be utilized by NPS/DoD type networks. Efficient multicast collaboration, in the framework of security is a secondary focus of this research. As such, it takes security and firewall concerns into consideration while comparing and contrasting both multicast-based and non-multicast-based collaborative solutions. Computer networks Security measures Multicasting (Computer networks) Firewalls (Computer security)
158	How intrusion detection can improve software decoy applications Monteiro, Valter 03 1900 (has links) Approved for public release; distribution is unlimited / This research concerns information security and computer-network defense. It addresses how to handle the information of log files and intrusion-detection systems to recognize when a system is under attack. But the goal is not the usual one of denying access to the attacker but providing a justification for deceptive actions to fool the attacker. We implemented a simple demonstration of how two different kinds of open-source intrusion-detection systems can efficiently pool data for this purpose. / Lieutenant Commander, Brazilian Navy Intelligent agents (Computer software) Computer networks Security measures
159	The impact of securitisation on the effectiveness of the bank lending channel in South Africa 10 June 2014 (has links) M.Com. (Financial Economics) / This study analyses the existence of a bank lending channel in South Africa and investigates the impact of the securitisation activity on the effectiveness of the bank lending channel during the period 2001–2010 using data from the South African banking sector. Structural Vector Auto Regression (SVAR) and Structural Vector Error Correction Model (SVECM) methods are used to interpret the impulse responses of bank lending to structural shocks (monetary policy) and to securitisation. The conclusion is that the bank lending channel is present and efficient in South Africa during the sample period with a lag and that securitisation acts as a shield against monetary impulses by constituting an additional source of funding for banks. Monetary policy - South Africa
160	Die integrering van inligtingsekerheid met programmatuuringenieurswese 20 November 2014 (has links) M.Com. (Informatiks) / Please refer to full text to view abstract Computer security Software engineering Computer networks - Security measures

Search results