Global ETD Search

1	Partizipatives Forschen im Kontext der Organisation Polizei: Ethisches Forschen mit vulnerablen Gruppen am Beispiel der Schubhaft Miko-Schefzig, Katharina, Reiter, Cornelia January 2018 (has links) (PDF) In diesem Artikel reflektieren wir ethische Implikationen eines partizipativen Sicherheitsforschungsprojekts zu Polizeianhaltezentren in Österreich, also zu jenen Haftanstalten, die im Gegensatz zur Justizhaft von Polizist/inn/en geleitet werden. In diesem Projekt arbeiteten wir mit sogenannten "Schubhäftlingen" zusammen, das sind Asylwerber/innen mit negativem Asylbescheid, die im Zuge einer bevorstehenden Abschiebung in Polizeianhaltezentren inhaftiert sind. Schubhäftlinge erlebten wir in ihrer spezifischen Situation als besonders vulnerabel. Gleichzeitig forschten wir mit der Partnerin Polizei, die als die Haft umsetzende Organisation in der Beziehung zu den Häftlingen machtvoll ist. Die partizipative Forschung mit zwei Partner/inne/n in derartiger Machtungleichheit wirft ethische Fragen auf: So stellte sich etwa die Frage nach der Möglichkeit, "frei" an der Forschung teilzunehmen angesichts bestehender Abhängigkeitsverhältnisse in Haft. Ebenso reflektieren wir, wie eine ermächtigende partizipative Forschung in dieser Konstellation gelingen kann. Unser Lösungsvorschlag bezieht sich auf das Forschungsdesign und beinhaltet das Verfahren einer vignettenbasierten Fokusgruppe.
2	Protecting Sensitive Credential Content during Trust Negotiation Jarvis, Ryan D. 21 April 2003 (has links) Keeping sensitive information private in a public world is a common concern to users of digital credentials. A digital credential may contain sensitive attributes certifying characteristics about its owner. X.509v3, the most widely used certificate standard, includes support for certificate extensions that make it possible to bind multiple attributes to a public key contained in the certificate. This feature, although convenient, potentially exploits the certificate holder's private information contained in the certificate. There are currently no privacy considerations in place to protect the disclosure of attributes in a certificate. This thesis focuses on protecting sensitive credential content during trust negotiation and demonstrates, through design and implementation, the privacy benefits achieved through selective disclosure. Selective disclosure of credential content can be achieved using private attributes, a well-known technique that incorporates bit commitment within digital credentials. This technique has not been thoroughly explored or implemented in any prior work. In this thesis, a protocol for issuing and showing credentials containing private attributes is discussed and suggested as a method for concealing and selectively revealing sensitive attributes bound to credentials during trust negotiation. To demonstrate greater privacy control within a credential-based system, private attributes are incorporated into TrustBuilder, an implementation of trust negotiation. With access control at the attribute level, TrustBuilder gives users greater control over their private information and can improve the success rate of negotiations. TrustBuilder also demonstrates how credentials with private attributes can eliminate risks normally associated with exchanging credentials, such as excessive gathering of information that is not germane to the transaction and inadvertently disclosing the value of a sensitive credential attribute. trust negotiation privacy bit commitment security ISRL Internet Security Research Lab TrustBuilder selective disclosure digital credential X.509v3 Computer Sciences
3	Gestão estratégica da segurança do trabalho na área industrial de uma usina de etanol, açúcar e energia elétrica Vicente, Fernando Antônio da Costa Figueiredo 13 June 2012 (has links) Submitted by Fernando Antônio da Costa Figueiredo Vicente (fernando@altamogiana.com.br) on 2012-07-11T11:20:20Z No. of bitstreams: 1 TESE FERNANDO VERSÃO FINAL E OFICIAL.pdf: 4861683 bytes, checksum: 5cbcd8ded972414ea9f4453b44a416a1 (MD5) / Approved for entry into archive by Suzinei Teles Garcia Garcia (suzinei.garcia@fgv.br) on 2012-07-11T12:27:50Z (GMT) No. of bitstreams: 1 TESE FERNANDO VERSÃO FINAL E OFICIAL.pdf: 4861683 bytes, checksum: 5cbcd8ded972414ea9f4453b44a416a1 (MD5) / Made available in DSpace on 2012-07-11T12:32:20Z (GMT). No. of bitstreams: 1 TESE FERNANDO VERSÃO FINAL E OFICIAL.pdf: 4861683 bytes, checksum: 5cbcd8ded972414ea9f4453b44a416a1 (MD5) Previous issue date: 2012-06-13 / Achieve profitability in a plant ethanol producer, sugar and electric power, without accidents at work, went on to be major challenge. Therefore, the Security Management has become strategic, seeking to bring business value "security" as a fundamental instrument in the implementation of production. Raise the history of implementation of the safety management System of the power plant and also we checked through universal indicators of security, if the numbers achieved satisfactory evolution, present trying to identify the actions taken and the results. In the process of evolution of that system, the plant became the first in the world in obtaining International certification (OHSAS 18001) security sector, as well as achieve Cosan 4th cane processing in Brazil. Applying the ICOS Instrument - Organizational Climate inventory safety in 2005 and again in 2011, we evaluate whether with production growth, coupled with the increase in the number of employees, the security value remained present. Apuramos also possible factors such as company time, schooling, proportion of accidents and interviews with officials who contributed to the existence of sectors there are 16 years without losing a day of work by accident. Finally, we found that deal with security management, empowers the company to face difficulties on the market, because success can not be worth today, for the following day in the event of an accident. Prevent, educate, seeking knowledge, celebrate, collect results, and daring, define plant's administration style studied. / Conseguir lucratividade em uma usina produtora de etanol, açúcar e energia elétrica, sem acidentes do trabalho, passou a ser grande desafio. Portanto, a Gestão de Segurança transformou-se em estratégica, buscando levar o valor empresarial 'segurança' como instrumento fundamental na execução da produção. Levantamos a história da implantação do Sistema de Gestão da Segurança da usina e também checamos através de indicadores universais de segurança, se os números alcançados, apresentam evolução satisfatória, procurando identificar as ações aplicadas e os resultados. No processo de evolução desse sistema, a usina tornou-se a primeira do mundo na obtenção de uma Certificação Internacional de Segurança (OHSAS 18001) do setor sucroenergético, além de alcançar quarto lugar em processamento de cana no Brasil. Aplicando o Instrumento ICOS – Inventário de Clima Organizacional de Segurança em 2005 e novamente em 2011, avaliamos se com crescimento da produção, aliado ao aumento do número de trabalhadores, o valor segurança manteve-se presente. Também apuramos possíveis fatores como tempo de empresa, escolaridade, proporção de acidentes e entrevistas com os responsáveis que contribuíram para a existência de setores há 16 anos sem perder um dia de trabalho por acidente. Finalmente, concluímos que lidar com gestão da segurança, capacita a empresa para enfrentar dificuldades do mercado, pois sucesso hoje, pode não valer para o dia seguinte caso ocorra acidente. Prevenir, educar, buscar conhecimento, celebrar, cobrar resultados e ousadia, definem o estilo de administração da usina estudada. Gestão da segurança Pesquisa na segurança Indicadores de segurança OHSAS 18001 Security management Security research Security indicators Economia Segurança do trabalho Segurança do trabalho - Indicadores Prevenção de acidentes Açúcar - Usinas Álcool como combustível
4	DNS traffic based classifiers for the automatic classification of botnet domains Stalmans, Etienne Raymond January 2014 (has links) Networks of maliciously compromised computers, known as botnets, consisting of thousands of hosts have emerged as a serious threat to Internet security in recent years. These compromised systems, under the control of an operator are used to steal data, distribute malware and spam, launch phishing attacks and in Distributed Denial-of-Service (DDoS) attacks. The operators of these botnets use Command and Control (C2) servers to communicate with the members of the botnet and send commands. The communications channels between the C2 nodes and endpoints have employed numerous detection avoidance mechanisms to prevent the shutdown of the C2 servers. Two prevalent detection avoidance techniques used by current botnets are algorithmically generated domain names and DNS Fast-Flux. The use of these mechanisms can however be observed and used to create distinct signatures that in turn can be used to detect DNS domains being used for C2 operation. This report details research conducted into the implementation of three classes of classification techniques that exploit these signatures in order to accurately detect botnet traffic. The techniques described make use of the traffic from DNS query responses created when members of a botnet try to contact the C2 servers. Traffic observation and categorisation is passive from the perspective of the communicating nodes. The first set of classifiers explored employ frequency analysis to detect the algorithmically generated domain names used by botnets. These were found to have a high degree of accuracy with a low false positive rate. The characteristics of Fast-Flux domains are used in the second set of classifiers. It is shown that using these characteristics Fast-Flux domains can be accurately identified and differentiated from legitimate domains (such as Content Distribution Networks exhibit similar behaviour). The final set of classifiers use spatial autocorrelation to detect Fast-Flux domains based on the geographic distribution of the botnet C2 servers to which the detected domains resolve. It is shown that botnet C2 servers can be detected solely based on their geographic location. This technique is shown to clearly distinguish between malicious and legitimate domains. The implemented classifiers are lightweight and use existing network traffic to detect botnets and thus do not require major architectural changes to the network. The performance impact of implementing classification of DNS traffic is examined and it is shown that the performance impact is at an acceptable level. Denial of service attacks -- Research Computer security -- Research Malware (Computer software) Spam (Electronic mail) Phishing Command and control systems
5	The effects of climate change on the realisation of the right to adequate food in Kenya Khayundi, Francis Mapati Bulimo January 2012 (has links) This thesis examines the interplay between the effects of climate change and human rights. It seeks to interrogate the contribution of human rights in addressing the effects of climate change on the enjoyment of the right to food in Kenya. Climate change has been recognised as a human rights issue. Despite this acknowledgement, many states are yet to deal with climate change as a growing threat to the realisation of human rights. The situation is made worse by the glacial pace in securing a binding legal agreement to tackle climate change. The thesis also reveals that despite their seemingly disparate and disconnected nature, both the human rights and climate change regimes seek to achieve the same goal albeit in different ways. The thesis argues that a considerable portion of the Kenyan population has not been able to enjoy the right to food as a result of droughts and floods. It adopts the view that, with the effects of climate change being evident, the frequency and magnitude of droughts and floods has increased with far reaching consequences on the right to food. Measures by the Kenyan government to address the food situation have always been knee jerk and inadequate in nature. This is despite the fact that Kenya is a signatory to a number of human rights instruments that deal with the right to food. With the promulgation of a new Constitution with a justiciable right to food, there is a need for the Kenyan government to meet its human rights obligations. This thesis concludes by suggesting ways in which the right to food can be applied in order to address some of the effects of climate change. It argues that by adopting a human rights approach to the right to food, the State will have to adopt measures that take into consideration the impacts of climate change. Furthermore, the State is under an obligation to engage in activities that will not contribute to climate change and negatively affect the right. Right to food -- Research -- Kenya Human rights -- Research -- Kenya Food security -- Research -- Kenya Food law and legislation -- Kenya
6	A framework for high speed lexical classification of malicious URLs Egan, Shaun Peter January 2014 (has links) Phishing attacks employ social engineering to target end-users, with the goal of stealing identifying or sensitive information. This information is used in activities such as identity theft or financial fraud. During a phishing campaign, attackers distribute URLs which; along with false information, point to fraudulent resources in an attempt to deceive users into requesting the resource. These URLs are made obscure through the use of several techniques which make automated detection difficult. Current methods used to detect malicious URLs face multiple problems which attackers use to their advantage. These problems include: the time required to react to new attacks; shifts in trends in URL obfuscation and usability problems caused by the latency incurred by the lookups required by these approaches. A new method of identifying malicious URLs using Artificial Neural Networks (ANNs) has been shown to be effective by several authors. The simple method of classification performed by ANNs result in very high classification speeds with little impact on usability. Samples used for the training, validation and testing of these ANNs are gathered from Phishtank and Open Directory. Words selected from the different sections of the samples are used to create a `Bag-of-Words (BOW)' which is used as a binary input vector indicating the presence of a word for a given sample. Twenty additional features which measure lexical attributes of the sample are used to increase classification accuracy. A framework that is capable of generating these classifiers in an automated fashion is implemented. These classifiers are automatically stored on a remote update distribution service which has been built to supply updates to classifier implementations. An example browser plugin is created and uses ANNs provided by this service. It is both capable of classifying URLs requested by a user in real time and is able to block these requests. The framework is tested in terms of training time and classification accuracy. Classification speed and the effectiveness of compression algorithms on the data required to distribute updates is tested. It is concluded that it is possible to generate these ANNs in a frequent fashion, and in a method that is small enough to distribute easily. It is also shown that classifications are made at high-speed with high-accuracy, resulting in little impact on usability. Computer security -- Research Computer crimes -- Prevention Phishing
7	Google in China : examining hegemonic identification strategies in organizational rhetoric Ford, Jonathan W. 07 October 2013 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / The author employs Hoffman and Ford’s method for analyzing organizational rhetoric to examine the discourse of Google, Inc. Employing a hybrid method, built on rhetorical criticism which incorporates elements of organizational communication theory, the analysis examines identity rhetoric present in Google’s discourse regarding its operations in China. Using this approach, the author leverages the method to critically examine hegemonic aspects of the discourse in order to examine how Google constructs its Western consumer based audience regarding online privacy and free speech. Google (Firm) Rhetoric -- China -- Computer programs Computer security -- Research Freedom of information Communication in organizations Hegemony China -- Public relations Relationship marketing -- Research Business -- Computer networks Consumer satisfaction
8	A secure mobile agent e-commerce protocol Yu, Min-Chieh 09 December 2015 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / There are many advantages of mobile agent such as delegation of tasks, asynchronous processing, adaptable service in interfaces, and code shipping. Mobile agents can be utilized in many areas such as electronic commerce, information retrieval, network management, etc. The main problem with mobile agents is security. The three basic security design goals of a system are confidentiality, integrity, and availability. The goal of this thesis concerns the property of secure purchasing by mobile agents. First present Jalal's anonymous authentication protocol. Next, we construct our single mobile agent protocol based on Jalal's authentication technique. Also, we add some addition cryptography techniques to make the data more secure during its migration. Lastly, we build a multiple mobile agent protocol based on the single mobile agent protocol. Here, the multiple mobile agents are capable to make the decision and purchase the item for user. Mobile Agent E-commerce Electronic commerce -- Purchasing Mobile commerce -- Cryptography Computer security -- Research
9	Faculty Senate Minutes March 3, 2014 University of Arizona Faculty Senate 08 April 2014 (has links) This item contains the agenda, minutes, and attachments for the Faculty Senate meeting on this date. There may be additional materials from the meeting available at the Faculty Center. David Hetrick GPSC travel grants APAC Faculty Grievance Policy College Retreat COH & SBS Retreat Cats in the Community Kellond Elementary Megellan Telescope MIR Lab Chief Brian Seastone Barbara Bryson Grievance Policy Revisions Guaranteed Tuition Predictable Tuition Interim Conflict of Committment Policy Non-Tenure Track Task Force

Search results