Global ETD Search

481	Обработка клиентских запросов с использованием облачных технологий в банковской сфере : магистерская диссертация / Processing of client requests using cloud technologies in the banking sphere Чупракова, Т. С., Chuprakova, T. S. January 2018 (has links) Тема магистерской диссертации: «Обработка клиентских запросов с использованием облачных технологий в банковской сфере» Магистерская диссертация выполнена на 98 страницах, содержит 3 таблицы, 18 рисунков, 60 использованных источников. Актуальность использования облачных технологий в банках возросла в связи с переходом России на «цифровую» экономику, что подразумевает под собой перевод значительной части капитальных вложений в ИТ, а не в операционные расходы, сокращение затрат и ускорение цикла создания и вывода на рынок новых продуктов. Целью работы является внедрение и обеспечение безопасности облачных технологий для обработки клиентских запросов в банковской сфере. Задачи работы:  изучение теоретических основ облачных технологий и защиты информации;  анализ обработки запросов и выявление текущих проблем;  разработка методологии внедрения облачных технологий при обработке внешних запросов. Объект исследования является региональный̆ банк АО «ВУЗ-банк». Предмет исследования - обработка клиентских запросов. В первой главе был проведен обзор облачных технологий, характерных при развитии цифровой экономики, а также вопросы безопасности их применения в банковской сфере. Кроме того, были рассмотрены крупнейшие провайдеры и способы подбора лучшего из них для каждого конкретного предприятия. Во второй главе описывается методология внедрения облачных технологий при обработке внешних запросов клиента, подробно рассматривается политика информационной безопасности банка и принципы обучения сотрудников. Третья глава посвящена изучению характеристики предприятия АО «ВУЗ-банк», анализу обработки внешних запросов в компании и описанию основных проблем в ходе обработки данных при использовании облачных технологий. Результаты работы: внедрение и обеспечение безопасности облачных технологий для обработки клиентских запросов в банковской сфере была успешно доказана. / Theme of the master's thesis is: "Processing of client requests using cloud technologies in the banking sphere" The master's thesis is executed on 98 pages, contains 3 tables, 18 figures, 60 sources used. The urgency of using cloud technologies in banks has increased in connection with the transition of Russia to a "digital" economy, which implies the transfer of a significant part of capital investments in IT, rather than in operating expenses, reducing costs and accelerating the cycle of creating and launching new products. The goal of the work is to implement and provide security for cloud technologies for processing client requests in the banking sector. Objectives of work:  studying the theoretical foundations of cloud technologies and information protection;  analysis of query processing and identification of current problems;  development of a methodology for implementing cloud technologies for processing external requests. The object of the study is a regional bank of VUZ-Bank JSC. The subject of the research is the processing of client requests. In the first chapter, a review was made of cloud technologies, characteristic for the development of the digital economy, as well as the safety of their application in the banking sector. In addition, the largest providers and ways of selecting the best of them for each particular enterprise were considered. The second chapter describes the methodology for implementing cloud technologies when processing external customer requests, details the Bank's information security policy and the principles of employee training. The third chapter is devoted to the study of the characteristics of the enterprise JSC VUZ-Bank, the analysis of processing external requests in the company and a description of the main problems in the processing of data using cloud technologies. The results of the work: the introduction and security of cloud technologies for the processing of client requests in the banking sector has been successfully proven. ОБЛАЧНЫЕ ТЕХНОЛОГИИ ЗАЩИТА ДАННЫХ ШИФРОВАНИЕ АУТЕНТИФИКАЦИЯ ОБУЧЕНИЕ ЗАПРОС КЛИЕНТ MASTER'S THESIS CLOUD TECHNOLOGIES INFORMATION SECURITY DATA PROTECTION ENCRYPTION AUTHENTICATION TRAINING REQUEST CLIENT
482	[en] DATA PROTECTION IN THE SMART CITIES / [pt] PROTEÇÃO DE DADOS NAS CIDADES INTELIGENTES FREDERICO BOGHOSSIAN TORRES 22 September 2023 (has links) [pt] As cidades contemporâneas, cuja população está em tendência de crescimento, são palco dos desafios do presente, como as mudanças climáticas, o acesso a alimentos, os desastres ambientais, o consumo de energia e emissão de gases poluentes, a violência, a desigualdade social, entre outros. A solução desses problemas é complexa e necessita o envolvimento de múltiplos atores e o investimento de volumosos recursos financeiros. Com atenção a isso, surge o ideal da cidade inteligente, que busca utilizar as tecnologias da informação e comunicação para diagnosticar e enfrentar problemas urbanos a partir da coleta e uso de dados sobre a cidade e os cidadãos. Se, por um lado, a tecnologia pode e deve ser utilizada para a melhoria da qualidade de vida, por outro lado, o seu uso traz dúvidas sobre a violação da privacidade dos cidadãos. Por estes motivos, a presente pesquisa objetiva estudar de que forma é possível realizar as promessas da cidade inteligente sem que isso signifique a expansão da vigilância e a sistematização da violação às leis de proteção de dados. Para isso, o trabalho irá: estudar as definições do conceito de cidade inteligente, abordar os desafios para a proteção de dados neste contexto e propor medidas que mitiguem os danos à privacidade dos cidadãos. / [en] Contemporary cities, whose population is on a growing trend, are the main stage for the challenges of the present, such as climate change, access to food, environmental disasters, energy consumption and the emission of greenhouse gases, violence, social inequality, among others. The solution of these problems is complex, requiring the involvement of multiple actors and the investment of voluminous financial resources. With this in mind, the ideal of the smart city emerges, seeking to use information and communication technologies to diagnose and address urban problems by collecting and processing data about the city and its citizens. If, on the one hand, technology can and should be used to improve the quality of life, on the other hand, its use raises doubts about the violation of citizens privacy. For these reasons, the present research aims to study how it is possible to fulfill the promises of the smart city without this meaning the expansion of surveillance and the systematization of violations of data protection laws. For this, the work will: study the definitions of smart city, address the challenges for data protection in this context and propose measures that mitigate the damages to the privacy of urban citizens. [pt] SEGURANCA DA INFORMACAO [pt] PROTECAO DE DADOS [pt] DADOS PESSOAIS [pt] CIDADES INTELIGENTES [pt] PRIVACIDADE [pt] DIREITO A CIDADE [en] INFORMATION SECURITY [en] DATA PROTECTION [en] SMART CITIES [en] PRIVACY [en] RIGHT TO THE CITY
483	From whistleblowing tools to AI-supported data analysis: A compliance practitioner`s view on IT-tools for different aspects of investigations Endres, Markus 28 November 2023 (has links) The text discusses the evolving digital workplace, emphasizing the rise of cybercrime and the need for innovative investigative approaches. It explores the surge in web-based whistleblowing tools in Europe, driven by legislation, and delves into the functionalities and challenges of these tools, including issues of anonymity and data protection. The paper also highlights the role of AI-based forensic tools in government agencies, covering their benefits and potential risks. The use of AI in law enforcement is explored, acknowledging its effectiveness but also cautioning against biases and associated risks. The conclusion stresses the importance of balancing opportunities and risks, particularly in the context of legal and ethical considerations. info:eu-repo/classification/ddc/343 ddc:343
484	Operational Factors Affecting the Confidentiality of Proprietary Digital Assets Massimino, Brett J. 14 October 2014 (has links) No description available. Business Administration Information Security Intellectual Property Breach Digital Economy Supply Chain Management Confidentiality Asset Protections Software Development Worker Behaviors Behavioral Operations Management Data Protection Big Data
485	Defeating Critical Threats to Cloud User Data in Trusted Execution Environments Adil Ahmad (13150140) 26 July 2022 (has links) <p>In today’s world, cloud machines store an ever-increasing amount of sensitive user data, but it remains challenging to guarantee the security of our data. This is because a cloud machine’s system software—critical components like the operating system and hypervisor that can access and thus leak user data—is subject to attacks by numerous other tenants and cloud administrators. Trusted execution environments (TEEs) like Intel SGX promise to alter this landscape by leveraging a trusted CPU to create execution contexts (or enclaves) where data cannot be directly accessed by system software. Unfortunately, the protection provided by TEEs cannot guarantee complete data security. In particular, our data remains unprotected if a third-party service (e.g., Yelp) running inside an enclave is adversarial. Moreover, data can be indirectly leaked from the enclave using traditional memory side-channels.</p> <p><br></p> <p>This dissertation takes a significant stride towards strong user data protection in cloud machines using TEEs by defeating the critical threats of adversarial cloud services and memory side-channels. To defeat these threats, we systematically explore both software and hardware designs. In general, we designed software solutions to avoid costly hardware changes and present faster hardware alternatives.</p> <p><br></p> <p>We designed 4 solutions for this dissertation. Our Chancel system prevents data leaks from adversarial services by restricting data access capabilities through robust and efficient compiler-enforced software sandboxing. Moreover, our Obliviate and Obfuscuro systems leverage strong cryptographic randomization and prevent information leakage through memory side-channels. We also propose minimal CPU extensions to Intel SGX called Reparo that directly close the threat of memory side-channels efficiently. Importantly, each designed solution provides principled protection by addressing the underlying root-cause of a problem, instead of enabling partial mitigation.</p> <p><br></p> <p>Finally, in addition to the stride made by our work, future research thrust is required to make TEEs ubiquitous for cloud usage. We propose several such research directions to pursue the essential goal of strong user data protection in cloud machines.</p> Data security and protection Hardware security System and network security Cloud data protection Trusted Execution Environments (TEEs) Intel Software Guard eXtensions (SGX) Oblivious RAM (ORAM) Hardware extensions Compiler-aided protection
486	[pt] VULNERABILIDADE, HIPOSSUFICIÊNCIA E PROTEÇÃO DE DADOS NA JORNADA DE CONSUMO EM AMBIENTE DIGITAL / [en] VULNERABILITY, HYPOSUFFICIENCY AND DATA PROTECTION IN THE CONSUMER JOURNEY IN DIGITAL ENVIRONMENT MARIANA DE MORAES PALMEIRA 03 October 2022 (has links) [pt] Nessa tese são investigadas as transformações no ambiente digital circunscritas às interseções entre as novas práticas do marketing e a proteção do consumidor-titular de dados pessoais. O fio condutor é a consolidação da informação como um importante ativo na sociedade de consumo contemporânea. A partir da perspectiva do capitalismo de vigilância, os principais fenômenos que contribuem para o estabelecimento de uma estrutura de estímulos e controles que permeiam, de maneira imperceptível aos olhos do consumidor, a sua jornada de consumo, são analisados. Verifica-se que a publicidade digital, em especial a chamada publicidade comportamental direcionada conforme o perfil do consumidor, apesar de alvo de críticas da doutrina e de interesse por parte da legislação, é apenas a parte visível de uma arquitetura de escolhas permeada por dark patterns que atrapalham a proteção do consumidor em ambiente digital. Nesse cenário, a pesquisa investiga a suficiência dos mecanismos de proteção de dados pessoais, bem como a existência de uma nova e universal vulnerabilidade do consumidor. Trata-se da vulnerabilidade digital, que dá origem a um estado, também universal, de hipossuficiência do consumidor diante das práticas comerciais em ambiente digital. / [en] In this thesis examines the transformations in the digital environment circumscribed to the intersections between new marketing practices and the protection of the consumer-data subjects. The main drive is the strengthening of information as an important asset in contemporary consumer society. From the perspective of surveillance capitalism, it analyzes the central phenomena that contributes to the establishment of a structure of stimuli and controls that permeate, imperceptibly to the consumer s eyes, his journey. It is verified that digital advertising, especially the so-called behavioral advertising, directed according to the consumer s profile, despite being target of criticism by the doctrine and of interest by the legislation, is only the visible part of an architecture of choices permeated by dark patterns that hinder consumer protection in the digital environment. In this scenario, the research investigates the sufficiency of personal data protection mechanisms, as well as the existence of a new and universal consumer vulnerability. Which is the digital vulnerability that gives rise as well to a universal state of consumer hyposufficiency before commercial practices in the digital environment. [pt] VULNERABILIDADE [pt] DARK PATTERNS [pt] PUBLICIDADE DIGITAL [pt] CAPITALISMO DE VIGILANCIA [pt] PROTECAO DE DADOS [en] VULNERABILITY [en] DARK PATTERNS [en] DIGITAL ADVERTISING [en] SURVEILLANCE CAPITALISM [en] DATA PROTECTION
487	On the application areas of blockchain Ghaffari, Zahra January 2016 (has links) The goal of this study is to identify the current application areas and some possible application areas for blockchain; blockchain is a distributed database that is currently most known for being the technology used for storing transaction information of digital currencies such as the Bitcoin. Through a literature review and interviews with domain experts, we identified some current application areas for blockchain, that is, money transactions, decentralized data and privacy protection, and decentralized autonomous organizations (DAO). Within the area of decentralized data and privacy protection, we further identified the two sub-areas of smart contracts and secure identities. In addition, we identified some possible application areas by conducting a second literature review. Some of these application areas are: storing mind files and human intelligence, on-line voting, supply chain management, stock trading, Internet of Things (IoT), and banking. The contribution of this study can be used for further studies through each of the above application areas in order to identify possible advantages and disadvantages. Blockchain Bitcoin cryptocurrency decentralized privacy application area data protection secure identity smart contract decentralized autonomous organization DAO Internet of Things IoT Engineering and Technology Teknik och teknologier
488	Tredje gången gillt? : En analys av EU-US Data Privacy Framework / Third time’s the charm? : An analysis of the EU-US Data Privacy Framework Bjerselius, Nathalie January 2023 (has links) Through the GDPR, the member states of the EU and the EEA countries ensure equivalent protection for personal data which is why personal data within this area can be transferred freely. Transfers of personal data to a country outside the EU/EEA area, such as the U.S., are only permitted under the General Data Protection Regulation (GDPR) under certain conditions, including if the EU Commission has decided that the country in question ensures an adequate level of protection. The EU Commission has previously adopted two such decisions for the U.S., based on Safe Harbour and Privacy Shield. Those decisions were, however, struck down by the Court of Justice of the European Union (CJEU) in Schrems I and II since the CJEU did not consider that the U.S. could ensure an adequate level of protection for personal data that was transferred from the EU to the U.S. In July 2023, the EU Commission announced that it had once again adopted an adequacy decision for the U.S. meaning that personal data can now flow freely from the EU to companies and organizations in the U.S. certified under the EU-US Data Protection Framework (EU-US DPF). The adequacy decision followed a presidential order signed by U.S. President Biden in October 2022, which introduced new security measures intended to remedy the problems identified by the CJEU in Schrems I and II. On the one hand, the US intelligence agencies’ access to personal data is limited to what is proportionate. On the other hand, a data protection court is established. The purpose of this essay is to examine whether the changes that the presidential order has given rise to has changed the legal situation after Schrems II in such a way that the U.S. can now be considered to ensure an adequate level of protection for personal data that is being transferred from the EU to the U.S. By analyzing the EU-US DPF against the background of the jurisprudence of the CJEU and the European Court of Justice, I find that this is not the case. The U.S. intelligence agencies’ use of and access to EU citizens’ personal data is still not limited to what is proportionate and EU citizens whose personal data is processed still do not have access to an effective remedy to challenge surveillance measures. Thus, the new adequacy decision for the U.S. is likely to be struck down by the CJEU in the coming years. The consequences of such an invalidation are examined to some extent in this essay, particularly in relation to other transfer mechanisms in Chapter V of the GDPR, namely standard contractual clauses and binding corporate rules. EU-US Data Protection Framework EU-US DPF GDPR tredjelandsöverföringar adekvansbeslut Schrems I Schrems II Safe Harbour Privacy Shield personuppgifter Law Juridik
489	Using privacy calculus theory to explore entrepreneurial directions in mobile location-based advertising: Identifying intrusiveness as the critical risk factor Gutierrez, A., O'Leary, S., Rana, Nripendra P., Dwivedi, Y.K., Calle, T. 25 October 2019 (has links) Yes / Location-based advertising is an entrepreneurial and innovative means for advertisers to reach out through personalised messages sent directly to mobile phones using their geographic location. The mobile phone users' willingness to disclose their location and other personal information is essential for the successful implementation of mobile location-based advertising (MLBA). Despite the potential enhancement of the user experience through such personalisation and the improved interaction with the marketer, there is an increasing tension between that personalisation and mobile users' concerns about privacy. While the privacy calculus theory (PCT) suggests that consumers make privacy-based decisions by evaluating the benefits any information may bring against the risk of its disclosure, this study examines the specific risks and benefits that influence consumers' acceptance of MLBA. A conceptual model is proposed based on the existing literature and a standardised survey was developed and targeted at individuals with known interests in the subject matter. From these requests, 252 valid responses were received and used to evaluate the key benefits and risks of MLBA from the users' perspectives. While the results confirmed the importance of internet privacy concerns (IPC) as an important determinant, they also indicate that monetary rewards and intrusiveness have a notably stronger impact on acceptance intentions towards MLBA. Intrusiveness is the most important risk factor in determining mobile users' intentions to accept MLBA and therefore establishing effective means of minimising the perceived intrusiveness of MLBA can be expected to have the greatest impact on achieving effective communications with mobile phone users. Mobile location-based advertising (MLBA) Privacy calculus theory (PCT) Internet privacy concerns (IPC) Intrusiveness Personalisation Monetary rewards
490	Разработка методов детектирования искажения обучающих данных в задаче диагностики электрооборудования методами стеганоанализа : магистерская диссертация / Development of Methods for Detecting Distortion of Training Data in the Diagnosis of Electrical Equipment Using Steganalysis Techniques Шуркин, В. А., Shurkin, V. A. January 2024 (has links) The object of research is the information security of machine learning models in the electric power industry. The aim of the work is to develop an improved method for detecting the insertion of malicious software into a machine learning system for diagnosing electrical equipment using steganalysis. During the research, a literature review of steganography and steganalysis methods was conducted, as well as an examination of attacks on machine learning and ways to protect against them. Software was developed to simulate the real process of machine learning based on time series data. An analysis of embedding and detection methods for hidden messages based on the use of least significant bits was carried out. Parameters for representation applicable to training data were obtained to enhance the security of the intelligent system. / Объект исследования — информационная безопасность моделей на базе машинного обучения в электроэнергетике. Цель работы — разработка улучшенного метода обнаружения внедрения вредоносного программного обеспечения в систему машинного обучения в диагностике электрооборудования методом стегоанализа. В ходе работы проведен литературный обзор методов стеганографии и стегоанализа, а также рассмотрены атаки на машинное обучение и способы защиты от них. Разработано программное обеспечение, имитирующее реальный процесс машинного обучения на основе временных рядов. Проведен анализ методов встраивания и обнаружения скрытых сообщений на основе использования младших бит данных. Получены параметры представления, применимые к обучающим данным для увеличения безопасности интеллектуальной системы. MASTER'S THESIS STEGANOGRAPHY STEGANALYSIS LEAST SIGNIFICANT BIT METHOD MACHINE LEARNING DATA PROTECTION СТЕГАНОГРАФИЯ СТЕГОАНАЛИЗ МЕТОД МЛАДШИХ БИТ МАШИННОЕ ОБУЧЕНИЕ ЗАЩИТА ДАННЫХ

Search results