Développement des méthodes de calcul et de mesure de la courbe J-R d'un composite polymère particulaire propergol / : par Luc Giasson.

Giasson, Luc,

January 2003

Thèse (M.Eng.) -- Université du Québec à Chicoutimi, programme extensionné à l'Université du Québec à Rimouski, 2003. / Bibliogr.: f. 107-112. Document électronique également accessible en format PDF. CaQCU

Stress analysis of a glued timber beam

Williams, Walter Ray,

January 2009

Thesis (M.S.)--Mississippi State University. Department of Aerospace Engineering. / Title from title screen. Includes bibliographical references.

The role of parallel computing in bioinformatics /

Akhurst, Timothy John.

January 2005

Thesis (M. Sc. (Biochemistry, Microbiology and Biotechnology))--Rhodes University, 2005. / Research report submitted in partial fulfilment of the requirements for the degree of Master of Science.

The role of parallel computing in bioinformatics

Akhurst, Timothy John

January 2005

The need to intelligibly capture, manage and analyse the ever-increasing amount of publicly available genomic data is one of the challenges facing bioinformaticians today. Such analyses are in fact impractical using uniprocessor machines, which has led to an increasing reliance on clusters of commodity-priced computers. An existing network of cheap, commodity PCs was utilised as a single computational resource for parallel computing. The performance of the cluster was investigated using a whole genome-scanning program written in the Java programming language. The TSpaces framework, based on the Linda parallel programming model, was used to parallelise the application. Maximum speedup was achieved at between 30 and 50 processors, depending on the size of the genome being scanned. Together with this, the associated significant reductions in wall-clock time suggest that both parallel computing and Java have a significant role to play in the field of bioinformatics.

Bioinformatics

Parallel programming (Computer science)

LINDA (Computer system)

Java (Computer program language)

Genomics -- Data processing

O problema da coloração total em classes de grafos / The total colouring problem in classes of graphs

Campos, Christiane Neme, 1972-

04 May 2006

Orientador: Celia Picinin de Mello / Tese (doutorado) - Universidade Estadual de Campinas , Instituto de Computação / Made available in DSpace on 2018-08-06T12:11:33Z (GMT). No. of bitstreams: 1 Campos_ChristianeNeme_D.pdf: 1048367 bytes, checksum: e8270db6704873ddaf2043927ca93e99 (MD5) Previous issue date: 2006 / Doutorado / Teoria dos Grafos / Doutor em Ciência da Computação

Teoria dos grafos

Complexidade computacional

Grafo (Sistema de computador)

Coloração de grafos

Graph theory

Computational complexity

Graph (Computer system)

Graph coloring

Um modelo discricionário de delegação e revogação / A discretionary model of delegation and revocation

Negrello, Fabio

14 May 2007

Orientador: Jacques Wainer / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-08T19:38:38Z (GMT). No. of bitstreams: 1 Negrello_Fabio_M.pdf: 913255 bytes, checksum: eed18216c9a5ecc1e0eadf834fed5bc5 (MD5) Previous issue date: 2007 / Resumo: Esta dissertação apresenta um modelo discricionário de delegação que permite controlar a formação de cadeias de delegações, tanto através da limitação no comprimento de tais cadeias, como através da definição de condições para utilização e aceitação de novas delegações. Juntamente com o mecanismo de delegação proposto, é apresentado um mecanismo de revogação que considera o máximo comprimento de cada cadeia de delegações, e a relação de força entre delegações, permitindo assim que os sujeitos existentes permaneçam com o maior conjunto de direitos após uma revogação. Uma das principais vantagens em relação à definição de condições associadas à cada delegação é possibilidade de reforçar restrições por conteúdo e contexto. Enquanto o controle de acesso por conteúdo permite que o acesso a determinado objeto, ou recurso, seja controlado com base em atributos e características do próprio objeto em questão, o controle de acesso por contexto considera características de contexto relativas ao sistema como um todo, ou referentes ao contexto em que o usuário solicitou determinado acesso. Será apresentado um mecanismo que permite a utilização deste tipo de informação na definição de condições em delegações. Será apresentado um mecanismo para definição de proibições, que torna possível proibir que usuários utilizem determinadas direitos, mesmo que estes usuários tenham recebido, tais direitos através de delegaçõesde outros usuários do sistema. Através da utilização de condições também é possível a definição de delegações temporais, que são delegações que devem ser consideradas válidas somente durante determinados períodos de tempo, ou enquanto condições de dependência em relação a outras delegações forem atendidas, como será discutido. Finalmente, será apresentado um arcabouço de um servidor de autorizações, que permitiu avaliar o modelo proposto. Neste arcabouço foram implementados os principais algoritmos apresentados, e foi formulada uma arquitetura unificada para criação e revogação de delegações, bem como para verificação de autorizações / Abstract: This thesis presents a model of delegation that makes it possible to control the creation of delegation chains, both by limiting the lenght of such chains, and by defining restrictions for the use and acceptance of new delegations. Together with the proposed delegation mechanism, it is presented a revocation mechanism that considers the maximum length of each delegation chain, and the strength relation between delegations, allowing the existing subjects to retain the maximum set of rights after a revocation. One of the biggest advantages regarding the definition of conditions associated with each delegation is the possibility of enforcing context and content based restrictions. While the content based access control allows the access to a specific object to be controlled based on its attributes and characteristics, the context based access control considers context information related to the system as a whole, or regarding the context in which a user made an access request. It will be presented a mechanism that allows the use of this type of information in the definition of conditions in delegations. A prohibition mechanism will be presented, which prevents users from using certain rights, even though these users have received such rights through other users delegations. As it will be discussed, it is also possible, through the use of conditions, to define temporal delegations, which are delegations that must be considered valid only during specific periods of time, or while dependency condition regarding other delegations are met. Finally, it will be presented a prototype of an authorization server, that was used to validate the proposed model. In this prototype, the main algorithms were implemented, and a unified architecture was formulated both for the creation and recation of delegations, as well as for the verification of authorizations / Mestrado / Mestre em Ciência da Computação

Computadores - Controle de acesso

Computadores - Medidas de segurança

Banco de dados - Medidas de segurança

Computers - Acess control

Computer - System security

Data bases - Security measures

A utilização do sistema de informações educacionais de Pernambuco pelos gestores escolares

Lins, Carla Cavalcanti Fernandes

22 January 2015

Submitted by Renata Lopes (renatasil82@gmail.com) on 2016-04-18T11:52:25Z No. of bitstreams: 1 carlacavalcantifernandeslins.pdf: 3035057 bytes, checksum: bd094c518f6b410686ce318dbdc387e0 (MD5) / Approved for entry into archive by Adriana Oliveira (adriana.oliveira@ufjf.edu.br) on 2016-04-24T03:13:23Z (GMT) No. of bitstreams: 1 carlacavalcantifernandeslins.pdf: 3035057 bytes, checksum: bd094c518f6b410686ce318dbdc387e0 (MD5) / Made available in DSpace on 2016-04-24T03:13:23Z (GMT). No. of bitstreams: 1 carlacavalcantifernandeslins.pdf: 3035057 bytes, checksum: bd094c518f6b410686ce318dbdc387e0 (MD5) Previous issue date: 2015-01-22 / Este trabalho apresenta uma investigação sobre o Sistema de Informações Educacionais de Pernambuco (SIEPE) e sua utilização pelos gestores escolares de quatro escolas da Gerência Regional do Sertão Moxotó-Ipanema. O trabalho parte da seguinte questão norteadora: por que os gestores escolares não utilizam o SIEPE em todo o seu potencial? O objetivo do estudo foi analisar como esse sistema vem sendo implantado para fins de gestão, procurando levantar os pontos fortes, as dificuldades de utilização e as necessidades de melhorias na perspectiva dos gestores escolares para que tal recurso seja utilizado em todo o seu potencial. Para isso, foi resgatado o processo de desenvolvimento e implantação do SIEPE, bem como explicou-se o seu funcionamento, descrevendo o registro dos dados e a utilização das informações geradas pelo sistema e pela gestão escolar nos fins administrativos e pedagógicos. O estudo, de abordagem qualitativa, foi realizado em quatro escolas da Gerência Regional do Sertão Moxotó-Ipanema no estado de Pernambuco. Adotou-se como desenho de pesquisa o estudo de casos múltiplos, utilizando-se os procedimentos metodológicos de análise de documentos oficiais e entrevistas com o gestor escolar, o secretário e o técnico educacional de cada uma das quatro escolas. A análise indica que o SIEPE corrobora com a inclusão digital e a criação de uma cultura tecnológica, além de uma maior integração entre escola e comunidade, através da disponibilização de um ambiente colaborativo, da implantação de sistema de gestão escolar e do gerenciamento de programas e metas. Os pontos fortes mais destacados foram: a confiabilidade das informações, facilitar o trabalho e agilidade nos resultados. De modo geral, a pesquisa confirmou que o SIEPE possibilita uma melhor organização das escolas na realização de intervenções pedagógicas a partir das informações geradas pelo sistema. O estudo revela que, para ser utilizado em todo o seu potencial, o SIEPE deve ser aperfeiçoado com a criação de novas funções, deve haver a formação continuada para os usuários buscando a utilização dessa ferramenta enquanto instrumento do processo de gestão escolar e deve ser melhorado o acesso das escola à internet. Finalmente a partir dos resultados, foi proposto o Plano de Ação Educacional (PAE), que contempla as seguintes ações: tornar a rede de internet mais veloz nas escolas; formação continuada, ampliação do acesso das funções do sistema; agilizar o suporte técnico de informática; criação de nova resolução; e realizar monitoramento do sistema SIEPE. / This paper presents an investigation into the Educational Information System for California (SIEPE) and its use by school administrators from four schools of the Regional Management of the Wild-Moxotó Ipanema. The work of the following question: why school administrators did not use SIEPE at their full potential? The aim of the study was to analyze how this system is being implemented for management purposes, seeking to raise the strengths, difficulties in use and the need for improvements in the school managers prospect for such a remedy to be used in its full potential. For that was rescued in development and deployment of Siepe and explained the operation, describing the recording of data and the use of information generated by the system and school management in administrative and educational purposes. The study adopted a qualitative approach was conducted in four schools of the Regional Management of the Wild-Moxotó Ipanema in the state of Pernambuco. It was adopted as the research design multiple case study, using the methodological procedures for the analysis of official documents and interviews with the school manager, secretary and technical education of each of the four schools. The analysis indicates that the SIEPE corroborates digital inclusion and the creation of a technological culture, and greater integration between school and community, by providing a collaborative environment, the implementation of a school management system and management programs and goals. Strong salient points were: the reliability of the information, facilitate work and agility results. Overall, the survey confirmed that the SIEPE allows better organization of schools in the realization of educational interventions based on information generated by the system. The study reveals that to be used in its full potential, the SIEPE should be improved with the creation of new functions, there must be continuing education for users seeking to use this tool as a means of school management process and should be improved access the school internet. Finally from the results, it was proposed the Education Action Plan (PAE), which includes the following: make the network faster internet in schools; continuing education, expanding access system functions; speed up computer technical support; creating new resolution; and conduct monitoring SIEPE system.

CNPQ::CIENCIAS HUMANAS::EDUCACAO

Gestão escolar

Sistemas de informação gerencial

School management

Communication

Computer system

Continuing education

Anomaly Detection Techniques for the Protection of Database Systems against Insider Threats

Asmaa Mohamed Sallam (6387488)

15 May 2019

The mitigation of insider threats against databases is a challenging problem since insiders often have legitimate privileges to access sensitive data. Conventional security mechanisms, such as authentication and access control, are thus insufficient for the protection of databases against insider threats; such mechanisms need to be complemented with real-time anomaly detection techniques. Since the malicious activities aiming at stealing data may consist of multiple steps executed across temporal intervals, database anomaly detection is required to track users' actions across time in order to detect correlated actions that collectively indicate the occurrence of anomalies. The existing real-time anomaly detection techniques for databases can detect anomalies in the patterns of referencing the database entities, i.e., tables and columns, but are unable to detect the increase in the sizes of data retrieved by queries; neither can they detect changes in the users' data access frequencies. According to recent security reports, such changes are indicators of potential data misuse and may be the result of malicious intents for stealing or corrupting the data. In this thesis, we present techniques for monitoring database accesses and detecting anomalies that are considered early signs of data misuse by insiders. Our techniques are able to track the data retrieved by queries and sequences of queries, the frequencies of execution of periodic queries and the frequencies of referencing the database tuples and tables. We provide detailed algorithms and data structures that support the implementation of our techniques and the results of the evaluation of their implementation.<br>

Applied Computer Science

Computer Software

Computer System Security

Database Management

Insider Threats

Data Analytics for Security

Relational Databases

Anomaly Detection

Ranking of Android Apps based on Security Evidences

Ayush Maharjan (9728690)

07 January 2021

<p>With the large number of Android apps available in app stores such as Google Play, it has become increasingly challenging to choose among the apps. The users generally select the apps based on the ratings and reviews of other users, or the recommendations from the app store. But it is very important to take the security into consideration while choosing an app with the increasing security and privacy concerns with mobile apps. This thesis proposes different ranking schemes for Android apps based on security apps evaluated from the static code analysis tools that are available. It proposes the ranking schemes based on the categories of evidences reported by the tools, based on the frequency of each category, and based on the severity of each evidence. The evidences are gathered, and rankings are generated based on the theory of Subjective Logic. In addition to these ranking schemes, the tools are themselves evaluated against the Ghera benchmark. Finally, this work proposes two additional schemes to combine the evidences from difference tools to provide a combined ranking.</p>

Computer System Security

Mobile Technologies

ranking and selection

Android

Mobile application

static code analysis

security

Subjective Logic

benchmark

A Systematic Framework For Analyzing the Security and Privacy of Cellular Networks

Syed Rafiul Hussain (5929793)

16 January 2020

<div>Cellular networks are an indispensable part of a nation's critical infrastructure. They not only support functionality that are critical for our society as a whole (e.g., business, public-safety message dissemination) but also positively impact us at a more personal level by enabling applications that often improve our quality of life (e.g., navigation). Due to deployment constraints and backward compatibility issues, the various cellular protocol versions were not designed and deployed with a strong security and privacy focus. Because of their ubiquitous presence for connecting billions of users and use for critical applications, cellular networks are, however, lucrative attack targets of motivated and resourceful adversaries. </div><div><br></div><div></div><div>In this dissertation, we investigate the security and privacy of 4G LTE and 5G protocol designs and deployments. More precisely, we systematically identify design weaknesses and implementation oversights affecting the critical operations of the networks, and also design countermeasures to mitigate the identified vulnerabilities and attacks. Towards this goal, we developed a systematic model-based testing framework called LTEInspector. LTEInspector can be used to not only identify protocol design weaknesses but also deployment oversights. LTEInspector leverages the combined reasoning capabilities of a symbolic model checker and a cryptographic protocol verifier by combining them in a lazy fashion. We instantiated \system with three critical procedures (i.e., attach, detach, and paging) of 4G LTE. Our analysis uncovered 10 new exploitable vulnerabilities along with 9 prior attacks of 4G LTE all of which have been verified in a real testbed. Since identifying all classes of attacks with a unique framework like \system is nearly impossible, we show that it is possible to identify sophisticated security and privacy attacks by devising techniques specifically tailored for a particular protocol and by leveraging the findings of LTEInspector. As a case study, we analyzed the paging protocol of 4G LTE and the current version of 5G, and observed that by leveraging the findings from LTEInspector and other side-channel information and by using a probabilistic reasoning technique it is possible to mount sophisticated privacy attacks that can expose a victim device's coarse-grained location information and sensitive identifiers when the adversary is equipped only with the victim's phone number or other soft-identity (e.g., social networking profile). An analysis of LTEInspector's findings shows that the absence of broadcast authentication enables an adversary to mount a wide plethora of security and privacy attacks. We thus develop an attack-agnostic generic countermeasure that provides broadcast authentication without violating any common-sense deployment constraints. Finally, we design a practical countermeasure for mitigating the side-channel attacks in the paging procedure without breaking the backward compatibility.</div>

Computer System Security

Networking and Communications

Cellular Networks

security threats

Privacy

4G LTE

5G NR

Side Channel Attacks

Defenses