31 |
Secure and privacy-preserving protocols for VANETsChim, Tat-wing., 詹達榮. January 2011 (has links)
published_or_final_version / Computer Science / Doctoral / Doctor of Philosophy
|
32 |
Protocol design for scalable and reliable group rekeyingZhang, Xincheng 28 August 2008 (has links)
Not available / text
|
33 |
A hippocratic privacy protection framework for relational databases.Oberholzer, Hendrik Johannes Gerhardus. January 2012 (has links)
Thesis (DTech. degree in Computer Science and Data Processing: Software Development.)--Tshwane University of Technology, 2012. / Based on the fundamental assumption that individuals view their privacy differently, this study attempts to find a solution on how to protect the personal information of an individual stored in a relational database system against privacy violations. Secondly, to determine how the Hippocratic principles can be effectively applied to give individuals better control over their personal information, while at the same time allowing the organisation to process its transactions on the same personalised information. In answering these problems, the study established a set of extended principles to which the collection and the use of personal data should strictly hold.
|
34 |
Transparent safe settlement protocol and I-ticket booth user verification mechanism for electronic commerceSai, Ying 09 May 2011 (has links)
Not available / text
|
35 |
Automatic validation of secure authentication protocolsKim, Kyoil, 1964- 11 July 2011 (has links)
Not available / text
|
36 |
Complex network analysis for secure and robust communicationsKim, Hyoungshick January 2012 (has links)
No description available.
|
37 |
Honeynet design and implementationArtore, Diane 20 December 2007 (has links)
Over the past decade, webcriminality has become a real issue. Because they allow the botmasters to control hundreds to millions of machines, botnets became the first-choice attack platform for the network attackers, to launch distributed denial of service attacks, steal sensitive information and spend spam emails.
This work aims at designing and implementing a honeynet, specific to IRC bots. Our system works in 3 phasis: (1) binaries collection, (2) simulation, and (3) activity capturing and monitoring. Our phase 2 simulation uses an IRC redirection to extract the connection information thanks to a IRC redirection (using a DNS redirection and a "fakeserver"). In phase 3, we use the information previously extracted to launch our honeyclient, which will capture and monitor the traffic on the C&C channel.
Thanks to our honeynet, we create a database of the activity of IRC botnets (their connection characteristics, commands on the C&C ), and hope to learn more about their behavior and the underground market they create.
|
38 |
Limiting vulnerability exposure through effective patch management: threat mitigation through vulnerability remediationWhite, Dominic Stjohn Dolin 08 February 2007 (has links)
This document aims to provide a complete discussion on vulnerability and patch management. The first chapters look at the trends relating to vulnerabilities, exploits, attacks and patches. These trends describe the drivers of patch and vulnerability management and situate the discussion in the current security climate. The following chapters then aim to present both policy and technical solutions to the problem. The policies described lay out a comprehensive set of steps that can be followed by any organisation to implement their own patch management policy, including practical advice on integration with other policies, managing risk, identifying vulnerability, strategies for reducing downtime and generating metrics to measure progress. Having covered the steps that can be taken by users, a strategy describing how best a vendor should implement a related patch release policy is provided. An argument is made that current monthly patch release schedules are inadequate to allow users to most effectively and timeously mitigate vulnerabilities. The final chapters discuss the technical aspect of automating parts of the policies described. In particular the concept of 'defense in depth' is used to discuss additional strategies for 'buying time' during the patch process. The document then goes on to conclude that in the face of increasing malicious activity and more complex patching, solid frameworks such as those provided in this document are required to ensure an organisation can fully manage the patching process. However, more research is required to fully understand vulnerabilities and exploits. In particular more attention must be paid to threats, as little work as been done to fully understand threat-agent capabilities and activities from a day to day basis. / TeX output 2007.02.08:2212 / Adobe Acrobat 9.51 Paper Capture Plug-in
|
39 |
An evaluation of security issues in cloud-based file sharing technologiesFana, Akhona January 2015 (has links)
Cloud computing is one of the most promising technologies for backup and data storage that provides flexible access to data. Cloud computing plays a vital role in remote backup. It is so unfortunate that this computing technique has flaws that thrilled and edgy end users in implementing it effectively. These flaws include factors like lack of integrity, confidentiality and privacy to information. A secure cloud is impossible unless the computer-generated environment is appropriately secured. In any form of technology it is always advisable that security challenges must be prior identified and fixed before the implementation of that particular technology. Primarily, this study will focus on finding security issues in cloud computing with the objective of finding concerns like credential theft and session management in the ―Cloud‖. Main arguments like HTTP banner disclosure, Bash ―ShellShock‖ Injection and password issues were discovered during the stages of study implementation. These challenges may provide information that will permit hackers in manipulating and exploiting cloud environment. Identifying credential theft and session management in cloud-based file sharing technologies a mixed method approach was implemented throughout the course of the study due to the nature of study and unity of analysis. Penetration tests were performed as security testing technique. Prevention and guideline of security threats leads to a friendly and authentic world of technology.
|
40 |
The conflict of interest between data sharing and data privacy : a middleware approachMolema, Karabo Omphile January 2016 (has links)
Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2016. / People who are referred to as data owners in this study, use the Internet for various purposes and
one of those is using online services like Gmail, Facebook, Twitter and so on. These online services
are offered by organizations which are referred to as data controllers. When data owners use these
service provided by data controllers they usually have to agree to the terms and conditions which
gives data controllers indemnity against any privacy issues that may be raised by the data owner. Data
controllers are then free to share that data with any other organizations, referred to as third parties.
Though data controllers are protected from lawsuits it does not necessarily mean they are free of any
act that may be considered a privacy violation by the data owner. This thesis aims to arrive at a design
proposition using the design science research paradigm for a middleware extension, specifically
focused on the Tomcat server which is a servlet engine running on the JVM. The design proposition
proposes a client side annotation based API to be used by developers to specify classes which will
carry data outside the scope of the data controller's system to a third party system, the specified
classes will then have code weaved in that will communicate with a Privacy Engine component that
will determine based on data owner's preferences if their data should be shared or not. The output of
this study is a privacy enhancing platform that comprises of three components the client side
annotation based API used by developers, an extension to Tomcat and finally a Privacy Engine.
|
Page generated in 0.384 seconds