Global ETD Search

1	Security of Big Data: Focus on Data Leakage Prevention (DLP) Nyarko, Richard January 2018 (has links) Data has become an indispensable part of our daily lives in this era of information age. The amount of data which is generated is growing exponentially due to technological advances. This voluminous of data which is generated daily has brought about new term which is referred to as big data. Therefore, security is of great concern when it comes to securing big data processes. The survival of many organizations depends on the preventing of these data from falling into wrong hands. Because if these sensitive data fall into wrong hands it could cause serious consequences. For instance, the credibility of several businesses or organizations will be compromised when sensitive data such as trade secrets, project documents, and customer profiles are leaked to their competitors (Alneyadi et al, 2016). In addition, the traditional security mechanisms such as firewalls, virtual private networks (VPNs), and intrusion detection systems/intrusion prevention systems (IDSs/IPSs) are not enough to prevent against the leakage of such sensitive data. Therefore, to overcome this deficiency in protecting sensitive data, a new paradigm shift called data leakage prevention systems (DLPSs) have been introduced. Over the past years, many research contributions have been made to address data leakage. However, most of the past research focused on data leakage detection instead of preventing against the leakage. This thesis contributes to research by using the preventive approach of DLPS to propose hybrid symmetric-asymmetric encryption to prevent against data leakage. Also, this thesis followed the Design Science Research Methodology (DSRM) with CRISP-DM (CRoss Industry Standard Process for Data Mining) as the kernel theory or framework for the designing of the IT artifact (method). The proposed encryption method ensures that all confidential or sensitive documents of an organization are encrypted so that only users with access to the decrypting keys can have access. This is achieved after the documents have been classified into confidential and non-confidential ones with Naïve Bayes Classifier (NBC). Therefore, any organizations that need to prevent against data leakage before the leakage occurs can make use of this proposed hybrid encryption method. Big data big data security data leakage prevention data leakage prevention system Computer Sciences Datavetenskap (datalogi)
2	Improving DLP system security / Förbättring av säkerheten av DLP system Ghorbanian, Sara, Fryklund, Glenn January 2014 (has links) Context. Data leakage prevention (DLP), a system designed to prevent leakage and loss of secret sensitive data and at the same time not affect employees workflow. The aim is to have a system covering every possible leakage point that exist. Even if these are covered, there are ways of hiding information such as obfuscating a zip archive within an image file, detecting this hidden information and preventing it from leaking is a difficult task. Companies pay a great deal for these solutions and yet, as we uncover, the information is not safe. Objectives. In this thesis we evaluate four different existing types of DLP systems out on the market today, disclosing their weaknesses and found ways of improving their security. Methods. The four DLP systems tested in this study cover agentless, agent based, hybrids and regular expression DLP tools. The test cases simulate potential leakage points via every day used file transfer applications and media such as USB, Skype, email, etc. Results. We present a hypothetical solution in order to amend these weaknesses and to improve the efficiency of DLP systems today. In addition to these evaluations and experiments, a complementing proof of concept solution has been developed that can be integrated with other DLP solutions. Conclusions. We conclude that the exisiting DLP systems are still in need of improvement, none of the tested DLP solutions fully covered the possible leakage points that could exist in the corporate world. There is a need for continued evaluation of DLP systems, aspects and leakage points not covered in this thesis as well as a follow up on our suggested solution. Data leakage prevention (DLP) API hooking agent based agentless. Computer Sciences Datavetenskap (datalogi) Software Engineering Programvaruteknik
3	Evaluation of two methods of fissure treatment before sealant placement on different caries levels Chitre, Swati January 2009 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / Occlusal pits and fissures are ideal places for caries development. Placement of dental sealants has been reported to be effective in preventing this process. However, the effectiveness of dental sealants has been reported to be influenced by clinical factors, such as preparation and placement techniques. A report recently published by the American Dental Association on the clinical recommendations for use of pit-and-fissure sealants included critical evaluation and a summary of relevant scientific evidence on the use of sealants aimed at assisting clinicians. The report addressed concerns such as: Does placing sealants over early (noncavitated) lesions prevent progression of the lesions? Are there any techniques that could improve sealants’ retention and ffectiveness in caries prevention? The investigators concluded that there is limited and conflicting evidence to support that mechanical preparation with a bur results in higher retention rates in children and recommend that pit-and-fissure sealants should be placed on early (noncavitated) carious lesions. The purpose of this in vitro study was to evaluate two methods of fissure treatment before sealant placement on different caries levels. In this study, 135 extracted human molars (ICDAS codes 0 to 2) were collected and ranked by a calibrated examiner into three groups. These were further divided into three subgroups (nine total). Occlusal surfaces were prepared with: 1) a ¼-mm round bur, 2) air abrasion, and 3) no treatment as a control. All groups were etched with 3.0- percent phosphoric acid for 15 seconds, rinsed thoroughly, and dried with an air water syringe. Opaque dental sealants were placed on the etched occlusal surfaces according to the accepted clinical standards and light-cured for 30 seconds. All groups were thermocycled for 5000 cycles. The roots of the teeth were painted with nail varnish, root apices were sealed with wax, and the occlusal surfaces were immersed in 1.0-percent methylene blue for a full 24 hours. The next day the teeth were cleaned, and the roots were sectioned to expose the crowns. Crowns were cut along the occlusal surfaces in the buccolingual direction. The sectioned surfaces were examined under the Nikon SMZ 1500 microscope for sealant penetration in the fissure and microleakage along the sealant enamel interface. The analyses were performed on a transformation of the sealant penetration percentage commonly used for calculated percentages: sin-1(p1/2). The effects of the type of group, the ICDAS code, and the fissure type on sealant penetration percentage were compared using ANOVA. The effects on microleakage and bubbles were compared using GEE methods applied to logistic regression. The effects on dye penetration were compared using GEE methods applied to cumulative logistic regression to account for the ordered categories of the dye penetration scale. In the findings of sealant penetration, the group type did not have a significant effect on sealant penetration (p = 0.195). ICDAS codes had a significant effect on sealant penetration (p = 0.0113) where ICDAS Code 0 had greater penetration than ICDAS codes 1 and 2. Fissure type had a significant effect on sealant penetration (p = 0.0001) where fissure types V and U had greater sealant penetration than Fissure types Y and W. In the findings of microleakage, the type of group had a significant effect on microleakage (p = 0.0004) where the abrasion group had increased microleakage as compared with the 1/4 round bur and control groups. ICDAS code had a significant effect on microleakage (p = 0.0022) where ICDAS code 0 had less microleakage as compared with ICDAS code 1 and 2. Fissure types V, U, Y, and W did not have a significant effect on microleakage (p = 0.721). Fissure treatments Sealants ICDAS codes Dental Caries -- prevention and control Dental Leakage -- prevention and control Dental Fissures -- pathology Pit and Fissure Sealants -- chemistry
4	RADAR: compiler and architecture supported intrusion prevention, detection, analysis and recovery Zhang, Tao 25 August 2006 (has links) In this dissertation, we propose RADAR - compileR and micro-Architecture supported intrusion prevention, Detection, Analysis and Recovery. RADAR is an infrastructure to help prevent, detect and even recover from attacks to critical software. Our approach emphasizes collaborations between compiler and micro-architecture to avoid the problems of purely software or hardware based approaches. With hardware support for cryptographic operations, our infrastructure can achieve strong process isolation to prevent attacks from other processes and to prevent certain types of hardware attacks. Moreover, we show that an unprotected system address bus leaks critical control flow information of the protected software but has never been carefully addressed previously. To enhance intrusion prevention capability of our infrastructure further, we present a scheme with both innovative hardware modification and extensive compiler support to eliminate most of the information leakage on system address bus. However, no security system is able to prevent all attacks. In general, we have to assume that certain attacks will get through our intrusion prevention mechanisms. To protect software from those attacks, we build a second line of defense consisted of intrusion detection and intrusion recovery mechanisms. Our intrusion detection mechanisms are based on anomaly detection. In this dissertation, we propose three anomaly detection schemes. We demonstrate the effectiveness of our anomaly detection schemes thus the great potential of what compiler and micro-architecture can do for software security. The ability to recover from an attack is very important for systems providing critical services. Thus, intrusion recoverability is an important goal of our infrastructure. We focus on recovery of memory state in this dissertation, since most attacks break into a system by memory tampering. We propose two schemes for intrusion analysis. The execution logging based scheme incurs little performance overhead but has higher demand for storage and memory bandwidth. The external input points tagging based scheme is much more space and memory bandwidth efficient, but leads to significant performance degradation. After intrusion analysis is done and tampered memory state is identified, tampered memory state can be easily recovered through memory updates logging or memory state checkpointing. Software protection Compiler support Microarchitecture support Information leakage prevention Anomaly detection Intrusion recovery Computer networks Security measures Computer architecture Computer network protocols
5	Enamel conditioning effect on penetration and microleakage of glass ionemer-based sealants Ahmed, Senan Raad January 2009 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / While most sealants available are resin-based, glass ionomer-based cements can be used as sealants, with the advantage of being more tolerant to moisture during placement and of releasing fluoride. The objective of this study was to evaluate the influence of different fissure conditioning techniques on penetration and microleakage of glass ionomer (GI) and resin-modified glass ionomer cements (RMGI) used as sealants. Clinically sound extracted human molars were distributed into nine experimental groups (n = 15 each). Group 1 (control) was sealed with resin-based sealant (Delton) following clinically accepted techniques. Groups 2 through 6 were sealed with RMGI (Vitremer) after having the fissure conditioned with either polyacrylic acid (RMGI-control), 35-percent H3PO4, low viscosity 35-percent H3PO4 with a surfactant, self-etch conditioner, or 35-percent H3PO4 followed by self-etch conditioner. Groups 7 through 9 were sealed with GI sealant (Fuji Triage) after having the fissures conditioned with either polyacrylic acid (GI-control), 35- percent H3PO4 or low viscosity 35-percent H3PO4 with a surfactant. After aging through thermocycling (2500 cycles), specimens were incubated in methylene blue for four hours and sectioned at multiple locations. Digital images were obtained using a digital stereomicroscope, and microleakage was determined by scoring the dye penetration along the enamel-sealant interface. The penetration of the material was determined by calculating the percentage of the total length of the fissure penetrated by the material. Results: The use of self etch-conditioner significantly increased RMGI penetration, while surface conditioning with 35-percent phosphoric acid with surfactant significantly decreased microleakage of GI. The resin-based sealant placed after 35-percent phosphoric acid surface conditioning showed the best penetration and the least level of microleakage. In conclusion, results from this study suggest that the placement of glass ionomer-based sealants can be enhanced by modifying current conditioning methods. Pit and fissure sealants Fuji Triage self-etch conditioner for RMGI glass ionomer enamel conditioning Glass Ionomer Cements Acid Etching, Dental Dental Leakage -- prevention and control Pit and Fissure Sealants
6	Experimental study on CO2-sensitive polyacrylamide as potential in-situ sealing agent for CO2 leakage pathways in geological storage sites Quan Lopez, Iris Laihmen 09 August 2022 (has links) As the world pushes for ‘greener’ technologies and carbon neutrality, efforts have focused on creating novel ways to mitigate humankind’s carbon footprint. Carbon capture and storage (CCS) has become a prevalent technique that has proven to be an effective long-term method to safely relocate excess carbon dioxide (CO2) into subsurface formations. However, CCS is a newer technique which requires constant monitoring due to potential leakage pathways present in CO2 storage sites; therefore, a preventive approach to seal leakage pathways is recommended. This dissertation explores the potential of CO2-sensitive polyacrylamide (CO2-SPAM) as a novel sealing agent for enhanced oil recovery (EOR) and CCS applications. This manuscript explores the strength and weaknesses of various CO2-triggered chemicals and selects the appropriate fit for subsurface in-situ sealing. Relevant literature shows that CO2-SPAM can significantly reduce permeability in porous media. Additionally, organically cross-linked polyacrylamide-based gels, of which CO2-SPAM is one, are thermally stable, resistant to low pH levels, highly injectable, and widely used in various industrial processes. These characteristics make CO2-SPAM a suitable candidate for in-situ sealing. Further studies were performed to comprehend the chemical mechanism, rheological behavior, and injection effects of CO2-SPAM into subsurface formations. Firstly, past literature knowledge and organic chemistry principals were used to develop the complete chemical breakdown of CO2-SPAM gel’s synthesis. Secondly, the effect of salt and polyacrylamide (PAM) concentrations on gelation time, gel strength and viscosity were tested through qualitative (Sydansk gel strength coding system) and quantitative methods (rheometer measurement). The results showed that high salinities increase gelation time and decrease gel strength and viscosity, while high PAM concentrations do the opposite. Lastly, the effects on geomechanical stresses caused by CO2-SPAM injection into the subsurface are also addressed by using the image well method for pore pressure estimation, and frictional faulting theory. The final results determined that the injection of aqueous CO2-SPAM would induce seismicity in normal faulting zones dipping at a large array of angles in the plane of failure. These findings are significant as they determine the potential of induced seismicity in the area of CCS, which in this case was the Raton basin. CCUS polyacrylamide leakage prevention sealing agent rheology storage modulus frictional faulting mohr circle. Chemical Engineering Geological Engineering Petroleum Engineering Polymer Science
7	資料外洩稽核工具之設計與實作 / Design and implementation of an audit tool for data leakage 高華志, Kao, Hua Chih Unknown Date (has links) 隨著國內法令規範對於隱私政策更加重視，國內外企業組織因應鉅額罰款與政策的施行，再加上個人資料外洩事件頻傳，各企業無不擔心客戶資料的保護與落實內部資料控制。而大型政府機關或企業，由於服務範圍廣大，應用系統繁多，針對資料外洩的保護與落實，將更加的複雜。大部份的組織針對實體文件、安全性儲存設備管制、使用採購防火牆設備等，皆有進行相關的管理與設備的採購，但上述機制未能解決應用系統的資料外洩問題。對稽核人員而言稽查應用程式是否有資料外洩之虞，由應用程式原始程式碼相當實為不易，而新制定一套更安全存取控管的介面更需投入相當高的成本與時間。 / 本研究在設計與實作資料外洩稽核工具，參考國際標準ISO27002與ISO 13569資訊安全作法，摘選出應用系統資訊安全指引，並根據實務經驗與金融產業的系統特性，找出資料外洩存取規則(Rules)。除此之外需搭配資料庫執行指令記錄器(DB Logger)，由大量的資料庫指令紀錄中快速產生稽核報表，藉以協助稽核人員查核資料外洩的線索並督促組織內部問題的改善，以落實內部資料控管政策與外部法令要求。 / The rapid spread of information technologies into every facet of our life results in a surge in attention to privacy recently. Bills are enacted and a comprehensive privacy policy becomes a sign of a responsible corporation. However, the complexity and diversity of application systems of information makes it very difficult to ensure that the information systems conform to all the privacy regulations and polices. Although most corporations have established some privacy policies for controlling physical documents and various hardware devices, the main problem for data leakage is at application layer. Application developers could retrieve sensitive data by exploiting application flaws. This poses great challenges to information system auditors. Firstly, it is rather difficult for auditors to review the code to spot the flaws. Secondly, it is impractical to make a new coding standard and re-write the legacy applications accordingly. Thirdly, application developers lack the motivation to improve the protection level of existing systems. / This thesis argues that a database audit tool can partly address the above difficulties faced by auditors. Specifically, we design and implement a tool for data leakage auditing. We derive right rules for identifying the potential sources of data leakage by referencing to information security practices such as ISO27002 and ISO 13569, and our practical experience in financial industry. Our tool makes good use of the database logger to produce an audit report based on those rules. The audit reports provide not only useful hints for auditors to detect possible data leakage, but also good evidence for urging developers to enhance their applications for privacy protection. 資料外洩稽核工具資訊安全隱碼攻擊 ISO27002 ISO 13569 Data Leakage Prevention Audit Tools Information Security ISO27002 ISO 13569 Injection Flaws SQL Injection DLP

1

Page generated in 0.1184 seconds