Uma arquitetura para agrupamento de controles de segurança em ambientes de tecnologia da informação baseada em barganhas cooperativas irrestritas. / An architecture to grouping security controls in information technology environments based on unrestricted cooperative bargains.

Silva, Anderson Aparecido Alves da

15 December 2016

Controles de segurança, também chamados de mecanismos de proteção, voltados para previsão e detecção de eventos indesejados são cada vez mais empregados em ambientes de Tecnologia da Informação (TI). O pouco entendimento sobre as características dos eventos indesejados que agem nos sistemas e a baixa compatibilidade existente entre os diversos mecanismos de proteção são problemas que se destacam neste tipo de cenário. Diferentes configurações dificultam a combinação dos resultados destes mecanismos e raramente dois ou mais controles de segurança se complementam. Por esse motivo, o agrupamento entre mecanismos de detecção e de previsão não é trivialmente resolvido. Neste trabalho é proposta uma arquitetura, denominada de Arquitetura Estratégica de Agrupamento - Strategic Grouping Architecture (SGA) - para agrupamento de controles de segurança voltados para detecção e/ou previsão, que tem como base a busca de um equilíbrio entre as configurações e os resultados individuais de cada mecanismo de proteção envolvido. Para alcançar este equilíbrio a arquitetura proposta divide a análise dos eventos (legítimos e maliciosos) que passam pelos controles de segurança em dois níveis de abstração: o técnico, onde são coletadas as configurações e os resultados dos controles de segurança; e o estratégico, onde os dados obtidos no nível técnico são analisados por meio de barganhas cooperativas irrestritas - Unrestricted Cooperative Bargains (UCB), conceito proveniente da Teoria dos Jogos, que busca a otimização e equilíbrio entre resultados. Justamente por ser realizada em um nível de abstração diferente, a análise gerada pelo SGA identifica a influência que cada configuração exerce nos resultados agrupados. Para explorar a capacidade da arquitetura proposta, dois experimentos, bastante diferentes, que envolvem a ação de eventos indesejados em ambientes de TI são conduzidos. Os resultados obtidos mostram a viabilidade do agrupamento de controles de segurança de detecção e previsão e a possibilidade do uso do SGA em outros ambientes, que não estejam necessariamente ligados à segurança de TI. Baseada na literatura científica a validação do SGA consiste de uma transformação prévia na categoria dos jogos estratégicos usados - cooperativos para não-cooperativos - e na busca de situações como o Equilíbrio de Nash (EN) e o ótimo de Pareto, que indicam os melhores resultados de um jogo. / Security controls, also called protection mechanisms, focused on forecasting and detection of unwanted events are increasingly employed in Information Technology (IT) environments. The little understanding about the characteristics of unwanted events which act on the systems and the low rate of compatibility among several protection mechanisms are both problems that arise in that scenario. Different settings make difficult combining the results of these mechanisms and two or more controls rarely complement each other. Due to that, grouping mechanisms of detection and forecasting is not a trivial matter. In this work a framework called Strategic Grouping Architecture (SGA) is proposed to grouping security controls focused on detection and/or forecasting. SGA is based on the search for equilibrium between the settings and the individual results of each protection mechanism involved. In order to reach this equilibrium the proposed framework divide the analysis of events (legitimates and malicious) which go through the security controls in two abstract levels: the technical level, where the settings and the results of security controls are collected; and the strategic level, where the data obtained in the technical level are analyzed through Unrestricted Cooperative Bargains (UCB), concept from Game Theory that seeks to optimize and balance the results. Precisely because it is performed on a different level of abstraction, the analysis generated by the SGA identifies the influence that each setting has on the clustered results. In order to exploit the capability of the proposed architecture, two experiments, quite different, involving the action of unwanted events in IT environments, are conducted. The obtained findings show the feasibility of grouping detection and forecasting security controls and the possibility of using the SGA in other environments that are not necessarily related to IT security. Based on scientific literature SGA validation consists of a previous transformation in the category of strategy games used - cooperative to non-cooperative - and the search for situations such as the Nash Equilibrium (NE) and the Pareto optimal, indicating the best results a game.

Barganhas cooperativas irrestritas

Controles de segurança

Detection and forecasting attacks

Game theory

Kackers (Prevenção e Controle)

Mobile Ad hoc NETwork (MANET)

Mobile Ad hoc NETwork (MANET)

Security controls

Teoria dos jogos

Unrestricted cooperative bargains

Uma arquitetura para agrupamento de controles de segurança em ambientes de tecnologia da informação baseada em barganhas cooperativas irrestritas. / An architecture to grouping security controls in information technology environments based on unrestricted cooperative bargains.

Anderson Aparecido Alves da Silva

15 December 2016

Controles de segurança, também chamados de mecanismos de proteção, voltados para previsão e detecção de eventos indesejados são cada vez mais empregados em ambientes de Tecnologia da Informação (TI). O pouco entendimento sobre as características dos eventos indesejados que agem nos sistemas e a baixa compatibilidade existente entre os diversos mecanismos de proteção são problemas que se destacam neste tipo de cenário. Diferentes configurações dificultam a combinação dos resultados destes mecanismos e raramente dois ou mais controles de segurança se complementam. Por esse motivo, o agrupamento entre mecanismos de detecção e de previsão não é trivialmente resolvido. Neste trabalho é proposta uma arquitetura, denominada de Arquitetura Estratégica de Agrupamento - Strategic Grouping Architecture (SGA) - para agrupamento de controles de segurança voltados para detecção e/ou previsão, que tem como base a busca de um equilíbrio entre as configurações e os resultados individuais de cada mecanismo de proteção envolvido. Para alcançar este equilíbrio a arquitetura proposta divide a análise dos eventos (legítimos e maliciosos) que passam pelos controles de segurança em dois níveis de abstração: o técnico, onde são coletadas as configurações e os resultados dos controles de segurança; e o estratégico, onde os dados obtidos no nível técnico são analisados por meio de barganhas cooperativas irrestritas - Unrestricted Cooperative Bargains (UCB), conceito proveniente da Teoria dos Jogos, que busca a otimização e equilíbrio entre resultados. Justamente por ser realizada em um nível de abstração diferente, a análise gerada pelo SGA identifica a influência que cada configuração exerce nos resultados agrupados. Para explorar a capacidade da arquitetura proposta, dois experimentos, bastante diferentes, que envolvem a ação de eventos indesejados em ambientes de TI são conduzidos. Os resultados obtidos mostram a viabilidade do agrupamento de controles de segurança de detecção e previsão e a possibilidade do uso do SGA em outros ambientes, que não estejam necessariamente ligados à segurança de TI. Baseada na literatura científica a validação do SGA consiste de uma transformação prévia na categoria dos jogos estratégicos usados - cooperativos para não-cooperativos - e na busca de situações como o Equilíbrio de Nash (EN) e o ótimo de Pareto, que indicam os melhores resultados de um jogo. / Security controls, also called protection mechanisms, focused on forecasting and detection of unwanted events are increasingly employed in Information Technology (IT) environments. The little understanding about the characteristics of unwanted events which act on the systems and the low rate of compatibility among several protection mechanisms are both problems that arise in that scenario. Different settings make difficult combining the results of these mechanisms and two or more controls rarely complement each other. Due to that, grouping mechanisms of detection and forecasting is not a trivial matter. In this work a framework called Strategic Grouping Architecture (SGA) is proposed to grouping security controls focused on detection and/or forecasting. SGA is based on the search for equilibrium between the settings and the individual results of each protection mechanism involved. In order to reach this equilibrium the proposed framework divide the analysis of events (legitimates and malicious) which go through the security controls in two abstract levels: the technical level, where the settings and the results of security controls are collected; and the strategic level, where the data obtained in the technical level are analyzed through Unrestricted Cooperative Bargains (UCB), concept from Game Theory that seeks to optimize and balance the results. Precisely because it is performed on a different level of abstraction, the analysis generated by the SGA identifies the influence that each setting has on the clustered results. In order to exploit the capability of the proposed architecture, two experiments, quite different, involving the action of unwanted events in IT environments, are conducted. The obtained findings show the feasibility of grouping detection and forecasting security controls and the possibility of using the SGA in other environments that are not necessarily related to IT security. Based on scientific literature SGA validation consists of a previous transformation in the category of strategy games used - cooperative to non-cooperative - and the search for situations such as the Nash Equilibrium (NE) and the Pareto optimal, indicating the best results a game.

Barganhas cooperativas irrestritas

Controles de segurança

Kackers (Prevenção e Controle)

Mobile Ad hoc NETwork (MANET)

Teoria dos jogos

Detection and forecasting attacks

Game theory

Mobile Ad hoc NETwork (MANET)

Security controls

Unrestricted cooperative bargains

Οι βιομηχανικές σχέσεις στο πλαίσιο της σύγχρονης επιχείρησης: προσδιοριστικοί παράγοντες, πεδία συγκρούσεων, τάσεις και προοπτικές

Ζησιμόπουλος, Γιάννης

22 September 2008

Αντικείμενο της παρούσας μελέτης είναι η θεωρητική επισκόπηση και ανάλυση των προσδιοριστικών παραγόντων, των πεδίων συγκρούσεων, των τάσεων και των προοπτικών των Βιομηχανικών Σχέσεων, των σχέσεων που αναπτύσσονται ανάμεσα στους συλλογικά διαπραγματευόμενους εργαζόμενους με τους εργοδότες και διαμεσολαβείται από το κράτος και τους διεθνείς οργανισμούς. Επιχειρείται ο προσδιορισμός της ιστορικής τους καταβολής και εξέλιξης, ο καταλυτικός ρόλος των εργατικών συνδικάτων και η παρουσίαση των εννοιών της Βιομηχανικής Δημοκρατίας και της Βιομηχανικής Σύγκρουσης. Εξετάζεται το νέο - μεταφορντικό μοντέλο παραγωγής στα πλαίσια του σταδίου καπιταλιστικής ανάπτυξης του ολοκληρωτικού καπιταλισμού, η ευελιξία, η παγκοσμιοποίηση και οι διεθνικές επιχειρήσεις ως προσδιοριστικοί παράγοντες των σύγχρονων Βιομηχανικών Σχέσεων στο διεθνές περιβάλλον, εξετάζονται οι τάσεις σύγκλισης των συστημάτων Βιομηχανικών Σχέσεων και παρουσιάζεται ένα μοντέλο εργατικού διεθνισμού ως απάντηση των εργαζομένων στις διεθνείς πιέσεις. Η μελέτη εστιάζει, επίσης, στα χαρακτηριστικά των εργατικών και εργοδοτικών οργανώσεων, στα επίπεδα συνδικαλιστικής πυκνότητας και βιομηχανικής σύγκρουσης, στους θεσμούς, στις διαδικασίες διαλόγου και στις σύγχρονες τάσεις που καταγράφονται στις Βιομηχανικές Σχέσεις σε επίπεδο Ευρωπαϊκής Ένωσης. Επιχειρείται να προσδιοριστεί πώς η πολιτική της Ευρωπαϊκής Ένωσης - που εκφράζεται μέσω των «Πράσινων» και «Λευκών Βίβλων» - συμβάλει στην ανάπτυξη πεδίων συγκρούσεων και αποτελεί προσδιοριστικό παράγοντα των Βιομηχανικών Σχέσεων στην Ευρωπαϊκή Ένωση και συμβάλει στην τάση σύγκλισης των εθνικών συστημάτων Βιομηχανικών Σχέσεων. Η ιστορική εξέλιξη, τα χαρακτηριστικά, οι βαθμίδες και οι τύποι συνδικαλιστικής οργάνωσης των εργατικών και εργοδοτικών οργανώσεων, τα πολιτικά ρεύματα που δραστηριοποιούνται εντός του εργατικού κινήματος, η συνδικαλιστική πυκνότητα και η εξέλιξη της απεργιακής δράσης στην Ελλάδα, αποτελούν σημαντικό τμήμα στην ανάλυση των ελληνικών Βιομηχανικών Σχέσεων. Επιχειρείται μια σύνοψη των βασικών χαρακτηριστικών – προσδιοριστικών παραγόντων του ελληνικού συνδικαλιστικού κινήματος και η αποτύπωση των σύγχρονων τάσεων οργάνωσης εντός και εκτός των δομών του. Αποτυπώνονται τα βασικά χαρακτηριστικά των ελληνικών Βιομηχανικών Σχέσεων και οι πρόσφατες εξελίξεις στο περιεχόμενο και τις δομές τους υπό την επίδραση της διαδικασίας της παγκοσμιοποίησης, του παγκόσμιου οικονομικού περιβάλλοντος και της Ευρωπαϊκής Ένωσης. / The aim of the present study is the theoretical review and analysis of the defining factors, fields of conflicts, tendencies and perspectives of Industrial Relations, that are developed between collectively negotiating workers and the employers and are intermediated by the state and international organisations. It is also attempted to determinate their historical background and development, the catalytic role of working trade unions and to present significations such as Industrial Democracy and Industrial Conflict. The new post fordism mode of production in the frame of the new stage of capitalist development of totalitarian capitalism is examined, as well as the flexibility, the globalisation and the international enterprises as defining factors of modern Industrial Relations in the international environment. The tendencies of convergence of systems of Industrial Relations are also examined and a model of labor internationalism is presented as an answer of workers in international pressures. The study also focuses on the characteristics of workers’ and employers’ organisations at the level of trade-union density and industrial conflict, as well as on the institutions, the processes of dialogue and in the contemporary tendencies that are recorded in the Industrial Relations in European Union. It is attempted to determine how the policy of European Union - that it is expressed via “Green” and “White Papers” - constitutes a defining factor of Industrial Relations in the European Union and contributes to the growth of fields of conflicts and to the tendency to convergence of the national systems of Industrial Relations. The historical evolution, the characteristics, the levels and types of trade-union formation of labor and employing organisations, the political streaming activated in to the labor movement, the trade-union density and the evolution of strike action in Greece consist a major subject in the analysis of greek Industrial Relations. It is attempted a synopsis of the main characteristics and defining factors of greek labor movement and the imprinting of contemporary tendencies of internal and external organisation. The main characteristics of greek Industrial Relations and the recent developments of their content and structure under the effect of the globalisation process, the global economic environment and the European Union are recorded in the present study.

Εργατικό δίκαιο

Εργασιακές σχέσεις

Βιομηχανικές σχέσεις

Κοινωνικός διάλογος

Εργατικά συνδικάτα

331

Labour right

Industrial relations

Labour relations

Industrial democracy

Collective bargains

Industrial conflict

Social dialogue

Trade-unions

Employing organisations

Trade-union density