441 |
Design and implementation of an attribute-based authorization management systemMohan, Apurva 05 April 2011 (has links)
The proposed research is in the area of attribute-based authorization systems. We address two specific research problems in this area. First, evaluating authorization policies in multi-authority systems where there are multiple stakeholders in the disclosure of sensitive data. The research proposes to consider all the relevant policies related to authorization in real time upon the receipt of an access request and to resolve any differences that these individual policies may have in authorization. Second, to enable a lot of entities to participate in the authorization process by asserting attributes on behalf of the principal accessing resources. Since it is required that these asserted attributes be trusted by the authorization system, it is necessary that these entities are themselves trusted by the authorization system. Two frameworks are proposed to address these issues. In the first contribution a dynamic authorization system is proposed which provides conflict detection and resolution among applicable policies in a multi-authority system. The authorization system is dynamic in nature and considers the context of an access request to adapt its policy selection, execution and conflict handling based on the access environment. Efficient indexing techniques are used to increase the speed of authorization policy loading and evaluation. In the second contribution, we propose a framework for service providers to evaluate trust in entities asserting on behalf of service users in real time upon receipt of an access request. This trust evaluation is done based on a reputation system model, which is designed to protect itself against known attacks on reputation systems.
|
442 |
Flächennutzungsmonitoring VI09 September 2015 (has links) (PDF)
Das Thema Fläche gewinnt angesichts zunehmender Flächenkonkurrenzen und ambitionierter Flächensparziele an Bedeutung. Ein der Nachhaltigkeit verpflichtetes Flächenmanagement und ein zuverlässiges Flächennutzungsmonitoring sind für die Flächenhaushaltspolitik und die Bewertung der Flächenentwicklung unerlässlich. Doch wie implementiert man ein effizientes Siedlungsflächenmanagement und wie entwickeln sich die dafür notwendigen Geobasisdaten? Darauf neue Antworten aus Wissenschaft und Praxis zu geben ist Ziel der Buchreihe Flächennutzungsmonitoring. Im sechsten Band werden aktuelle Entwicklungen der Flächenhaushaltspolitik, der modellhafte Handel mit Flächenzertifikaten, die Erfassung von Innenentwicklungspotenzialen, Methoden zur Generierung kleinräumiger Daten, Indikatoren zur Beschreibung von Zersiedelung und Biodiversität, der Entwicklungsstand relevanter Geobasisdaten, sowie Methoden der Regional- und Städtestatistik einschließlich Prognosetechniken vorgestellt.
|
443 |
Information security issues facing internet café users.Kgopa, Alfred Thaga. January 2013 (has links)
M. Tech. Business Information Systems / Although owners of Internet cafés extend the freedom to have Internet access to the community, they fail to tighten their computer security to safeguard the private information of their customers. This dissertation provides a conceptual framework for improving information security in the Internet Café, to help and ensure data privacy, data integrity, risk management and information security (IS) behaviour. The study investigated the information security issues that are faced by users of Internet cafés and explored the effects of these issues. The framework shows how users can improve their physical security to reach higher standards of information privacy over the Internet.
|
444 |
Symmetric schemes for efficient range and error-tolerant search on encrypted dataChenette, Nathan Lee 05 July 2012 (has links)
Large-scale data management systems rely more and more on cloud storage, where the need for efficient search capabilities clashes with the need for data confidentiality. Encryption and efficient accessibility are naturally at odds, as for instance strong encryption necessitates that ciphertexts reveal nothing about underlying data. Searchable encryption is an active field in cryptography studying encryption schemes that provide varying levels of efficiency, functionality, and security, and efficient searchable encryption focuses on schemes enabling sub-linear (in the size of the database) search time. I present the first cryptographic study of efficient searchable symmetric encryption schemes supporting two types of search queries, range queries and error-tolerant queries. The natural solution to accommodate efficient range queries on ciphertexts is to use order-preserving encryption (OPE). I propose a security definition for OPE schemes, construct the first OPE scheme with provable security, and further analyze security by characterizing one-wayness of the scheme. Efficient error-tolerant queries are enabled by efficient fuzzy-searchable encryption (EFSE). For EFSE, I introduce relevant primitives, an optimal security definition and a (somewhat space-inefficient, but in a sense efficient as possible) scheme achieving it, and more efficient schemes that achieve a weaker, but practical, security notion. In all cases, I introduce new appropriate security definitions, construct novel schemes, and prove those schemes secure under standard assumptions. The goal of this line of research is to provide constructions and provable security analysis that should help practitioners decide whether OPE or FSE provides a suitable efficiency-security-functionality tradeoff for a given application.
|
445 |
Le couplage de données et la protection de la vie privée informationnelle sous l'article 8 de la Charte canadienne /Arès, Sébastien January 2005 (has links)
Data matching is the automated process permitting the comparison of significant amounts of personal data from two or more different databanks in order to produce new information. Its use by governments implicates many rights and freedoms, including the protection against unreasonable search and seizure under section 8 of the Canadian Charter. / In the author's opinion, a governmental data matching program will probably constitute a search or seizure under section 8 when a positive answer is given to two questions. First, is there a use or transfer of information which implicates constitutionally protected information? Generally, section 8 will only protect biographical personal information, as described in the Plant case. Second, one must determine if a reasonable expectation of privacy exists as to the purpose for which the information will be used. In other words, one must determine if the two governmental databanks are separate on the constitutional level. / However, a positive answer to both of theses questions does not mean that the matching program necessarily infringes section 8. It will not be considered unreasonable if it is authorised by law, if the law itself is reasonable, and if the execution of the program is reasonable. Presuming that the program is authorised by law, it is probable that a matching program aimed to detect individuals collecting illegally social benefits will not be considered unreasonable.
|
446 |
Toward securing links and large-scaleDelgosha, Farshid 13 September 2007 (has links)
Applications of finite-field wavelets, paraunitary matrices, and multivariate polynomials in the design of efficient cryptographic algorithms for resource-limited devices and wireless sensor nodes is the main topic of this thesis. In this research, multivariate paraunitary matrices over fields of characteristic two are of special importance. Therefore, the factorization of their bivariate counterpart into the product of fully-parameterized building blocks was studied. Result were a two-level factorization algorithm and new building blocks over the ring of polynomials that allow a complete first-level factorization.
One of the contributions in this thesis was a completely new design for self-synchronizing stream ciphers based on wavelets over fields of characteristic two. Since these wavelets can be efficiently designed and implemented using paraunitary matrices, the designed cipher is highly efficient in terms of encryption and decryption complexities. The cryptanalysis of the proposed cipher did not reveal any vulnerabilities to the current state of the art attacks developed for stream ciphers.
A completely novel framework for the design of multivariate asymmetric cryptosystems (based on paraunitary matrices) is a main contribution in this thesis. Using algebraic properties of paraunitary matrices, the computational security of systems designed based on this framework was studied. It was proved, for the first time, that breaking any instance of such systems provides a positive answer to an algebraic longstanding (non-
computational) open problem. Therefore, the proposed framework certainly is an improvement toward the design of provably secure multivariate cryptosystems. Using this approach, a public-key cryptosystem and a digital signature scheme was proposed.
Considering the attractiveness of algebraic techniques, their applications in the design of cryptographic algorithms for wireless sensor networks was investigated. A novel key pre-distribution scheme for data confidentiality in sensor networks was proposed. This scheme outperforms all previous designs in terms of network resiliency against the node capture. Theoretical analysis showed improvement over previous schemes and also robustness in design. In addition to key pre-distribution, a location-aware scheme was proposed that provides authenticity and availability for sensor networks. Main ingredients of this scheme are node collaboration for entity authenticity, hash tree for data authenticity, and random network coding for data availability. This scheme is the first one in its category that provides a practical solution to all the aforementioned security services.
|
447 |
Fernwartung : die rechtlichen Grenzen des IT-Outsourcing durch Banken /Bohnstedt, Jan. January 2005 (has links)
Zugl.: Frankfurt (Main), Universiẗat, Diss., 2004. / Includes bibliographical references (p. 169-177).
|
448 |
Um modelo complementar para aprimorar a segurança da informação no SDLC para dispositivos móveis: SDD - security driven developmentPaulo, Luis Gonzaga de 20 August 2015 (has links)
O uso de dispositivos móveis por um número cada vez maior de pessoas, e em um número crescente de atividades que requerem mais segurança da informação, coloca em evidência a necessidade de prover segurança nos softwares desse ambiente. O aspecto de segurança da informação em dispositivos móveis é preocupante. Entretanto os modelos utilizados pela indústria de software – e os encontrados na literatura atual - no desenvolvimento de aplicações móveis com requisitos de segurança da informação de alto nível ainda não respondem às necessidades de mais segurança reclamadas pelos usuários. O presente estudo considera que tais modelos podem ser melhorados com o incremento de métodos e técnicas específicas, algumas já utilizadas com sucesso no desenvolvimento de aplicações desktop ou não voltadas para o ambiente de dispositivos móveis. Este trabalho propõe a inclusão de abordagem de segurança da informação no início do ciclo de vida do desenvolvimento de software, a partir do estudo das ameaças e vulnerabilidades, da aplicação antecipada dos casos de abuso – aqui chamados de casos de uso impróprio, da análise de risco, dos testes de segurança baseados no risco e do uso de máquinas de ataque nos testes de segurança durante o processo de desenvolvimento do software. Para alcançar o objetivo desta pesquisa, os modelos mais conhecidos e utilizados no ciclo de vida do desenvolvimento de software são analisados do ponto de vista da segurança da informação, e uma nova abordagem é proposta por meio do uso de um modelo complementar de desenvolvimento de software voltado para a segurança. Alguns modelos de artefatos são apresentados e um estudo de caso aplicando os conceitos tratados na pesquisa é utilizado com o intuito de avaliar as principais contribuições discutidas no texto, e também alguns dos resultados preliminares obtidos com a realização do trabalho de pesquisa. / The increasingly wide and intense use of mobile devices - whose processing and storage capacity grows almost overcoming the desktops - exposes greatly issues relating to information security in this environment. This is a worrying fact. However, the models currently found in the literature and used by software industry in developing mobile applications with the highest information security requirements are not yet answering users’ needs for more security, and may be improved adding specific methods or techniques, sometimes already used in desktop - or not mobile ones - applications development. This work proposes to insert information security approach early in the software development life cycle using threats and vulnerabilities study, the early application of abuse case - also called misuse cases, the risk analysis, the risk based security test and the use of attack machines in the development process. To reach the research goal, this work analyzed usual models used on SDLC from the information security point of view, and presents a new approach thru the use of a security driven development complementary model. The work also presents some templates and uses a case study for apply the concepts and evaluate the main contributions discussed in the text, also as the preliminary results obtained on the research.
|
449 |
Compliance issues within Europe's General Data Protection Regulation in the context of information security and privacy governance in Swedish corporations : A mixed methods study of compliance practices towards GDPR readinessStauber, Sebastian January 2018 (has links)
The European Union has introduced a new General Data Protection Regulation that regulates all aspects of privacy and data protection for the data of European citizens. To transition to the new rules, companies and public institutions were given two years to adapt their systems and controls. Due to the large area of changes the GDPR requires, many companies are facing severe problems to adapt the rules to be ready for enforcement. This marks the purpose of this study which is to look into compliance practices in the implementation of GDPR requirements. This includes a prospect of compliance mechanisms that may remain insufficiently addressed when the regulation comes into force on May 25, 2018. The study is conducted in Sweden and aims to investigate the situation in corporations and not in public institutions. Mixed methods have been applied by surveying and interviewing Swedish GDPR experts and consultants to gain an understanding of their view by using capability maturity scales to assess a variety of security processes and controls. The analysis shows a low implementation in GDPR requirements while having seen improvements over the past two years of transition. It points out that a holistic strategy towards compliance is mostly missing and many companies face obstacles that are difficult to overcome in a short period. This may result in non-compliance in many Swedish corporations after the regulation comes into force on May 25.
|
450 |
Systém řízení kvality ve vybraném podniku se zaměřením na informační systémy / Quality management system focused on information system in the selected enterprisePAVLÍKOVÁ, Lucie January 2018 (has links)
This thesis is focused on the quality management system. The object of the thesis is to analyse the current situation of the quality management system. Based on the results, we suggest measures to increase security and data protection in the selected enterprise. The selected enterprise is GEFOS, a.s., which provides comprehensive services in geodesy, photogrammetry, geoinformation systems and land register. The thesis can be divided into the theoretical part and the practical part. The theoretical part is focused on definition of key concepts in the fields of quality management and information system. The practical part consists of four other separate parts, namely the characteristic of the selected company, an analysis of the current situation of the quality management system, and finally suggestions for improvement of security and data protection. The suggestions are focused on requirements provided by the General Data Protection Regulation (GDPR). Information for the practical part was obtained by document analysis and a semi-structured interview with the company management.
|
Page generated in 0.1005 seconds