Spelling suggestions: "subject:"anda security."" "subject:"ando security.""
201 |
Security Awareness for Mobility : En studie om företagsmobilitet och de säkerhetsrisker som följerBildtmark, Kim, Jädersand, Robin January 2015 (has links)
No description available.
|
202 |
A framework for automated management of exploit testing environmentsFlansburg, Kevin 27 May 2016 (has links)
To demonstrate working exploits or vulnerabilities, people often share
their findings as a form of proof-of-concept (PoC) prototype. Such practices are particularly useful to learn about real vulnerabilities and state-of-the-art exploitation techniques. Unfortunately, the shared PoC exploits are seldom reproducible; in part because they are often not
thoroughly tested, but largely because authors lack a formal way to specify the tested environment or its dependencies. Although exploit writers attempt to overcome such problems by describing their
dependencies or testing environments using comments, this informal way of sharing PoC exploits makes it hard for exploit authors to achieve the original goal of demonstration. More seriously, these non- or hard-to-reproduce PoC exploits have limited potential to be utilized for other useful research purposes such as penetration testing, or in
benchmark suites to evaluate defense mechanisms. In this paper, we present XShop, a framework and infrastructure to
describe environments and dependencies for exploits in a formal way, and to automatically resolve these constraints and construct an isolated environment for development, testing, and to share with the community. We show how XShop's flexible design enables new possibilities for
utilizing these reproducible exploits in five practical use cases: as a security benchmark suite, in pen-testing, for large scale vulnerability analysis, as a shared development environment, and for regression
testing. We design and implement such applications by extending the
XShop framework and demonstrate its effectiveness with twelve real
exploits against well-known bugs that include GHOST, Shellshock, and Heartbleed. We believe that the proposed practice not only brings immediate incentives to exploit authors but also has the potential to be
grown as a community-wide knowledge base.
|
203 |
GAMIFIED SYSTEMS FOR SECURITY AWARENESS : A literature analysisLindberg, Dennis January 2016 (has links)
Users have a rather low security awareness, this has led to ideas about creating a security awareness system. By using gamification, it may be possible to motivate the user to change to a more secure behavior. The aim of this thesis is to study the relation between game elements, user and riskful behavior (context) in order to understand which game elements has a positive/negative effect on the users in which context. This was done by conducting a literature analysis, by collecting studies conducted with gamified system and compare and contrast their results. The literature analysis used four different databases and each of the databases was searched through by using four different search terms. The results shows that there seems to be lacking gamified system within security context, thus a conclusion could not be drawn from a literature analysis.
|
204 |
Social security contribution evasion : an evaluation from the perspective of former contribution evaders : Jordan - case studySubaihi, B. A. January 2013 (has links)
Despite the critical nature of the Social Security Contribution Evasion (SSCE) phenomenon, relatively few studies have investigated and analysed the problem. The vast majority of contemporary studies have been undertaken in the USA and Europe; very few in the countries of the developing world. This relative dearth of empirical studies on the SSCE clearly indicates a gap in our knowledge given the absence of reliable empirical evidence towards the cause and the extent of the problem. What is more, current taxation literature is clear in that it shows us that most studies are focused mainly on the individual taxpayer and the relation of these taxpayers to the general role of personal income tax. This is odd as there is a significant evasion problem in other domains, especially in areas such as where companies deliberately choose to evade social security contributions amongst others. What this thesis essentially sets out to do is to empirically examine the relationships between the SSCE and several explanatory factors related to the particular context of Jordan from the perspective of former corporate contribution evaders. This thesis gives special attention to Economic Factors (EF) (e.g. tax rate, and fine rate) and Non-Economic Factors (NEF) (e.g. the impact of the Corporation Management Effectiveness (CME), the Legal and Regulatory Structure (LRS), and Ethical and Social Considerations (ESC)). To the researcher’s knowledge, there is no study in Jordan that has investigated the problem of contribution evasion from the former corporate contribution evaders’ perspective. The aim of this dissertation is to fill this gap by evaluating the nature of contribution evasion at firm level and to develop an understanding of the main reasons why contribution evasion occurs in Jordan. To achieve the research objectives, this study uses a combination of quantitative and qualitative methodologies. The quantitative approach is represented here by multiple regression analysis that relies on the use of a self-administered questionnaire. The qualitative approach, however, is represented by the appliance of semi-structured interviews with key participants. In this study, stratified random probability samples were chosen from the target population of 2264 firms.
|
205 |
A comparative study of social security systems in East and Southeast Asian countriesChow, Wing-sun, Nelson, 周永新 January 1978 (has links)
published_or_final_version / Social Work / Doctoral / Doctor of Philosophy
|
206 |
Security in association rule miningWong, Wai-kit, 王偉傑 January 2007 (has links)
published_or_final_version / abstract / Computer Science / Master / Master of Philosophy
|
207 |
Novel techniques for implementing tamper-resistant softwareLee, Chun-to, Michael, 李俊圖 January 2004 (has links)
published_or_final_version / Computer Science and Information Systems / Master / Master of Philosophy
|
208 |
Detecting known host security flaws over a network connectionAndersson, Martin January 2007 (has links)
<p>To test if a host contains any known security flaws over a network connection a Vulnerability Assessment (VA) could be made. This thesis describes different techniques used by VA tools over a network connection to detect known security flaws. To decrease the risk of flaws not being detected, several VA tools could be used.</p><p>There is no common way of merging information from different VA tools. Therefore the Vulnerability Assessment Information Handler (VAIH) has been developed. The VAIH system consists of three parts. First, a intermediate language format defined in XML. Second, modules that converts the output of VA tools to the intermediate language format. Third, a program for reading and displaying the intermediate language format.</p><p>The VAIH system makes it possible to merge the results from vulnerability assessment tools into one file that can be displayed and edited through a GUI.</p>
|
209 |
Nord Stream - Vägen till säkerhet?Holm, Linnea January 2010 (has links)
<p>Big dangerous Russia, environmental thief or house warmer? The Nord Stream pipelines are a highly debated theme in Europe and the EU. A number of different countries will be subject to the pipelines direct or indirect. This paper aims to figure out what kind of threats and possibilities Denmark, Finland, Sweden and Germany consider to be the consequences with the pipelines.</p><p>The study takes as a standpoint the area of security studies and the widened of the same. The three standpoints within the security study that will be used are military security, environmental security and energy security. It is a comparative study that has been done with help of a text analysis.</p><p>The analysis concludes that Sweden is the country of the four that finds the most threats with the pipeline. Sweden thinks Nord Stream is a threat within all of the three securities mentioned above even though Sweden also see a possibility within energy security. Denmark, on the other hand, does not see a threat at all and Germany and Finland see a threat within the environmental area but not within the two other areas. They also see a possibility within the energy security.</p>
|
210 |
An open architecture for secure interworking servicesHayton, Richard January 1995 (has links)
No description available.
|
Page generated in 0.0629 seconds