Global ETD Search

681	Bridging the gap between Privacy by Design and mobile systems by patterns / Modèles pour les environnements de terminaux nomades "Privacy by Design" Sokolova, Karina 27 April 2016 (has links) De nos jours, les smartphones et les tablettes génèrent, reçoivent, mémorisent et transfèrent vers des serveurs une grande quantité de données en proposant des services aux utilisateurs via des applications mobiles facilement téléchargeables et installables. Le grand nombre de capteurs intégrés dans un smartphone lui permet de collecter de façon continue des informations très précise sur l'utilisateur et son environnement. Cette importante quantité de données privées et professionnelles devient difficile à superviser.L'approche «Privacy by Design», qui inclut sept principes, propose d'intégrer la notion du respect des données privées dès la phase de la conception d’un traitement informatique. En Europe, la directive européenne sur la protection des données privées (Directive 95/46/EC) intègre des notions du «Privacy by Design». La nouvelle loi européenne unifiée (General Data Protection Régulation) renforce la protection et le respect des données privées en prenant en compte les nouvelles technologies et confère au concept de «Privacy by Design» le rang d’une obligation légale dans le monde des services et des applications mobiles.L’objectif de cette thèse est de proposer des solutions pour améliorer la transparence des utilisations des données personnelles mobiles, la visibilité sur les systèmes informatiques, le consentement et la sécurité pour finalement rendre les applications et les systèmes mobiles plus conforme au «Privacy by (re)Design» / Nowadays, smartphones and smart tablets generate, receive, store and transfer substantial quantities of data, providing services for all possible user needs with easily installable programs, also known as mobile applications. A number of sensors integrated into smartphones allow the devices to collect very precise information about the owner and his environment at any time. The important flow of personal and business data becomes hard to manage.The “Privacy by Design” approach with 7 privacy principles states privacy can be integrated into any system from the software design stage. In Europe, the Data Protection Directive (Directive 95/46/EC) includes “Privacy by Design” principles. The new General Data Protection Regulation enforces privacy protection in the European Union, taking into account modern technologies such as mobile systems and making “Privacy by Design” not only a benefit for users, but also a legal obligation for system designers and developers.The goal of this thesis is to propose pattern-oriented solutions to cope with mobile privacy problems, such as lack of transparency, lack of consent, poor security and disregard for purpose limitation, thus giving mobile systems more Privacy by (re) Design Design patterns Droit à la vie privée Smartphones -- Accès -- Contrôle Software patterns Smartphones -- Access control Privacy, Right of Google Androïd (operating systems) 343.099
682	A duração das medidas de segurança na perspectiva do estado democrático de direito Jareño, Bruno José 22 February 2016 (has links) This paper deals with the search, based on fundamental rights and guarantees the rule of democratic rule, as may justify that the time of maximum security measure duration should not exceed the limit of the penalty abstractly restraint applied to the offense committed, with the March the theoretical garantismo Luigi Ferrajoli. In this sense, the text initially exposes ideas about garantismo, democratic rule of law and limiting principles of jus puniendi to address the theme. From there, they are treated arguments against and in favor of stipulating a maximum duration for the security measures. The central idea of the text is based on the inability of the security measures have their maximum duration is indeterminate, in the way currently to article 97, § 1, of the Brazilian Penal Code. The garantismo as jusfilosófico model adopted in this paper, provides tools for imposing any restrictions to the time duration of the security measures. In this sense, with the principles of legality, equality, proportionality, sealing the perpetual character of penalties, legal certainty and dignity of the human person, it appears that Article 97, § 1 of the Brazilian Penal Code It is unconstitutional and that it is up to the magistrate to fix a ceiling for the implementation of security measures at the time he pronouncing the sentence. So the idea is that there should be the establishment of a period of maximum duration for security measures and that the proposal more in line with these fundamentals is the establishment of a maximum term of compliance with security measures having as limit sentence in the abstract to the crime. / O presente trabalho trata da busca, com base nos direitos e garantias fundamentais do Estado Democrático de Direito, de elementos que justifiquem que o tempo de duração máximo da medida de segurança não deve ultrapassar o limite da pena abstratamente cominada ao delito praticado, tendo como marco teórico o garantismo de Luigi Ferrajoli. Neste sentido, o texto inicialmente expõe ideias sobre o garantismo, o Estado Democrático de Direito e os princípios limitadores do jus puniendi, para poder abordar o tema proposto. A partir daí, são tratados argumentos contrários e favoráveis à estipulação de um prazo máximo de duração para as medidas de segurança. A ideia central do texto é fundamentada na impossibilidade de as medidas de segurança terem seu prazo máximo de duração indeterminado, na forma como atualmente dispõe o artigo 97, § 1º, do Código Penal brasileiro. O garantismo, como modelo jusfilosófico adotado neste trabalho, oferece instrumentos para que sejam estabelecidos limites ao prazo duração das medidas de segurança. Neste sentido, com a aplicação dos princípios da legalidade, da isonomia, da proporcionalidade, da vedação das penas de caráter perpetuo, da segurança jurídica e da dignidade da pessoa humana, verifica-se que o artigo 97, § 1º, do Código Penal brasileiro não foi recepcionado pela Constituição e que cabe ao magistrado a fixação de um limite máximo para o cumprimento das medidas de segurança, no momento em que ele prolatar a sentença. Assim, a ideia é que deve existir a fixação de um prazo de duração máximo para as medidas de segurança e que a proposta que mais se coaduna com estes fundamentos, é a fixação de um prazo máximo de cumprimento das medidas de segurança tendo como limite a pena em abstrato para o crime. / Mestre em Direito Público Medidas de segurança Garantismo Estado democrático de direito Duração das medidas de segurança Direitos fundamentais Direito - Filosofia Security measures Guaranteeism Democratic state Duration of safety measures
683	Performance Analysis of Security Protocols Donta, Praveen Kumar 01 January 2007 (has links) Security is critical to a wide range of applications and services. Numerous security mechanisms and protocols have been developed and are widely used with today’s Internet. These protocols, which provide secrecy, authentication, and integrity control, are essential to protecting electronic information. There are many types of security protocols and mechanisms, such as symmetric key algorithms, asymmetric key algorithms, message digests, digital certificates, and secure socket layer (SSL) communication. Symmetric and asymmetric key algorithms provide secrecy. Message digests are used for authentication. SSL communication provides a secure connection between two sockets. The purpose of this graduate project was to do performance analysis on various security protocols. These are performance comparisons of symmetric key algorithms DES (Data Encryption Standard), 3DES (Triple DES), AES (Advanced Encryption Standard), and RC4; of public-private key algorithms RSA and ElGamal; of digital certificates using message digests SHA1 (Secure Hash Algorithm) and MD5; and of SSL (Secure Sockets Layer) communication using security algorithms 3DES with SHA1 and RC4 with MD5. UNF University of North Florida School of Computing Computer security -- Evaluation Computer network protocols -- Evaluation Computer Sciences
684	Misbehaviors detection schemes in mobile ad hoc networks / Une approche décentralisée pour la détection de comportements malveillants dans les réseaux MANETs Rmayti, Mohammad 30 September 2016 (has links) Avec l’évolution des besoins d’utilisateurs, plusieurs technologies de réseaux sans fil ont été développées. Parmi ces technologies, nous trouvons les réseaux mobiles ad hoc (MANETs) qui ont été conçus pour assurer la communication dans le cas où le déploiement d’une infrastructure réseaux est coûteux ou inapproprié. Dans ces réseaux, le routage est une fonction primordiale où chaque entité mobile joue le rôle d’un routeur et participe activement dans le routage. Cependant, les protocoles de routage ad hoc tel qu’ils sont conçus manquent de contrôle de sécurité. Sur un chemin emprunté, un nœud malveillant peut violemment perturber le routage en bloquant le trafic. Dans cette thèse, nous proposons une solution de détection des nœuds malveillants dans un réseau MANET basée sur l’analyse comportementale à travers les filtres bayésiens et les chaînes de Markov. L’idée de notre solution est d’évaluer le comportement d’un nœud en fonction de ses échanges avec ses voisins d’une manière complètement décentralisée. Par ailleurs, un modèle stochastique est utilisé afin de prédire la nature de comportement d’un nœud et vérifier sa fiabilité avant d’emprunter un chemin. Notre solution a été validée via de nombreuses simulations sur le simulateur NS-2. Les résultats montrent que la solution proposée permet de détecter avec précision les nœuds malveillants et d’améliorer la qualité de services de réseaux MANETs / With the evolution of user requirements, many network technologies have been developed. Among these technologies, we find mobile ad hoc networks (MANETs) that were designed to ensure communication in situations where the deployment of a network infrastructure is expensive or inappropriate. In this type of networks, routing is an important function where each mobile entity acts as a router and actively participates in routing services. However, routing protocols are not designed with security in mind and often are very vulnerable to node misbehavior. A malicious node included in a route between communicating nodes may severely disrupt the routing services and block the network traffic. In this thesis, we propose a solution for detecting malicious nodes in MANETs through a behavior-based analysis and using Bayesian filters and Markov chains. The core idea of our solution is to evaluate the behavior of a node based on its interaction with its neighbors using a completely decentralized scheme. Moreover, a stochastic model is used to predict the nature of behavior of a node and verify its reliability prior to selecting a path. Our solution has been validated through extensive simulations using the NS-2 simulator. The results show that the proposed solution ensures an accurate detection of malicious nodes and improve the quality of routing services in MANETs Réseaux ad hoc (informatique) Attaques par déni de service Statistique bayésienne Processus stochastiques Ad hoc networks (computer networks) Denial of service attacks Computer networks -- Security measures Bayesian statistical decision theory Stochastic processes 005.8
685	Towards an information security awareness process for engineering SMEs in emerging economies Gundu, Tapiwa January 2013 (has links) With most employees in Engineering Small and Medium Enterprises (SME) now having access to their own personal workstations, the need for information security management to safeguard against loss/alteration or theft of the firms’ important information has increased. These Engineering SMEs tend to be more concerned with vulnerabilities from external threats, although industry research suggests that a substantial proportion of security incidents originate from insiders within the firm. Hence, technical preventative measures such as antivirus software and firewalls are proving to solve only part of the problem as the employees controlling them lack adequate information security knowledge. This tends to expose a firm to risk and costly mistakes made by naïve/uninformed employees. This dissertation presents an information security awareness process that seeks to cultivate positive security behaviours using a behavioural intention model based on the Theory of Reasoned Action, Protection Motivation Theory and the Behaviourism Theory. The process and model have been refined and verified using expert review and tested through action research at an Engineering SME in South Africa. The main finding was information security levels of employees within the firm were low, but the proposed information security awareness process increased their knowledge thereby positively altering their behaviour. Computer security -- South Africa Information technology -- South Africa Small business -- South Africa Engineering firms -- South Africa Information Security Awareness Information Security Behaviour Information Security Training
686	Topics On Security In Sensor Networks And Energy Consumption In IEEE 802.11 WLANs Agrawal, Pranav 12 1900 (has links) (PDF) Our work focuses on wireless networks in general, but deals specifically with security in wireless sensor networks and energy consumption in IEEE 802.11 infrastructure WLANs. In the first part of our work, we focus on secure communication among sensor nodes in a wireless sensor network. These networks consists of large numbers of devices having limited energy and memory. Public key cryptography is too demanding for these resource-constrained devices because it requires high computation. So, we focus on symmetric key cryptography to achieve secure communication among nodes. For this cryptographic technique to work, two nodes have to agree upon a common key. To achieve this, many key distribution schemes have been proposed in the literature. Recently, several researchers have proposed schemes in which they have used group-based deployment models and assumed predeployment knowledge of the expected locations of nodes. They have shown that these schemes achieve better performance than the earlier schemes, in terms of connectivity, resilience against node capture and storage requirements. But in many situations expected locations of nodes are not available. We propose a solution which does not use the group-based deployment model and predeployment knowledge of the locations of nodes, and yet performs better than schemes which make the aforementioned assumptions. In our scheme, groups are formed after the deployment of sensor nodes on the basis of their physical locations. Nodes in different groups sample keys from disjoint key pools, so that compromise of a node affects secure links of its group only. Because of this reason, our scheme performs better than earlier schemes as well as the schemes using predeployment knowledge, in terms of connectivity, storage requirement, and security. Moreover, the post-deployment key generation process completes sooner than in schemes like LEAP+. In the second part of our work, we develop analytical models for estimating the energy spent by stations (STAs) in infrastructure WLANs when performing TCP-controlled file downloads. We focus on the energy spent in radio communication when the STAs are in the Continuously Active Mode (CAM), or in the static Power Save Mode (PSM). Our approach is to develop accurate models for obtaining the fractions of times the STA radios spend in idling, receiving and transmitting. We discuss two traffic models for each mode of operation: (i) each STA performs one large file download, and (ii) the STAs perform short file transfers with think times (short duration of inactivity)between two transfers. We evaluate the rate of STA energy expenditure with long file downloads, and show that static PSM is worse than using just CAM. For short file downloads, we compute the number of file downloads that can be completed with a given battery capacity, and show that PSM performs better than CAM for this case. We provide a validation of our analytical models using the NS-2 simulator. Although the PSM performs better than the CAM when the STAs download short files over TCP with think times, its performance degrades as the number of STAs associated to the access point (AP) increases. To address this problem, we propose an algorithm, which we call opportunistic PSM (OPSM). We show through simulations that OPSM performs better than PSM. The performance gain achieved by OPSM increases as the file size requested by the STAs or the number of STAs associated with the AP increases. We implemented OPSM in NS-2.33, and to compare the performance of OPSM and PSM, we evaluate the number of file downloads that can be completed with a given battery capacity and the average time taken to download a file. Sensor Network Wireless Sensor Networks Wireless Local Area Networks IEEE 802.11 OPSM Opportunistic Power Save Mode WLANs Communication Engineering
687	Vers une solution de contrôle d’admission sécurisée dans les réseaux mesh sans fil / Towards a secure admission control in a wireless mesh networks Dromard, Juliette 06 December 2013 (has links) Les réseaux mesh sans fil (Wireless Mesh Networks-WMNs) sont des réseaux facilement déployables et à faible coût qui peuvent étendre l’Internet dans des zones où les autres réseaux peuvent difficilement accéder. Cependant, plusieurs problèmes de qualité de service (QoS) et de sécurité freinent le déploiement à grande échelle des WMNs. Dans cette thèse, nous proposons un modèle de contrôle d’admission (CA) et un système de réputation afin d’améliorer les performances du réseau mesh et de le protéger des nœuds malveillants. Notre système de CA vise à assurer la QoS des flux admis dans le réseau en termes de bande passante et de délai tout en maximisant l’utilisation de la capacité du canal. L’idée de notre solution est d’associer au contrôle d’admission une planification de liens afin d’augmenter la bande passante disponible. Nous proposons également un système de réputation ayant pour but de détecter les nœuds malveillants et de limiter les fausses alertes induites par la perte de paquets sur les liens du réseau. L’idée de notre solution est d’utiliser des tests statistiques comparant la perte de paquets sur les liens avec un modèle de perte préétabli. De plus, il comprend un système de surveillance composé de plusieurs modules lui permettant détecter un grand nombre d’attaques. Notre CA et notre système de réputation ont été validés, les résultats montrent qu’ils atteignent tous deux leurs objectifs / Wireless mesh networks (WMNs) are a very attractive new ﬁeld of research. They are low cost, easily deployed and high performance solution to last mile broadband Internet access. However, they have to deal with security and quality of service issues which prevent them from being largely deployed. In order to overcome these problems, we propose in this thesis two solutions: an admission control with links scheduling and a reputation system which detects bad nodes. These solutions have been devised in order to further merge into a secure admission control. Our admission control schedules dynamically the network’s links each time a new flow is accepted in the network. Its goal is to accept only flows which constraints in terms of delay and bandwidth can be respected, increase the network capacity and decrease the packet loss. Our reputation system aims at assigning each node of the network a reputation which value reflects the real behavior of the node. To reach this goal this reputation system is made of a monitoring tool which can watch many types of attacks and consider the packet loss of the network. The evaluations of our solutions show that they both meet their objectives in terms of quality of service and security Contrôle d'admission des connexions Systèmes de communication sans fil Network performance (telecommunication) Wireless communication system Time division multiple access Computer network -- security measures 621 004
688	The utilization of a midwifery obstetrical unit in a metropolitan area Mashazi, Maboikanyo Imogen 23 August 2012 (has links) M.Cur. / In this study a qualitative design which is explorative, descriptive and contextual in nature is followed. The objective of the study is three-fold: firstly, to explore and describe the opinions of members of the community about the reasons for the under-utilization of the Midwifery Obstetrical Unit ; secondly, to explore and describe the suggestions of the community for improving the utilization of the Midwifery Obstetrical Unit and, thirdly, to formulate intervention strategies for community nurses to improve the utilization of the MOU. Data was collected by means of focus group interviews, and was analysed using Tesch's method of data analysis. Trustworthiness was ensured by using the method of Guba and Lincoln. The participants in research were mothers who delivered their babies at the hospital, mothers who delivered their babies at the MOU, members of the Community Health Committee and MOU nurses. Childbirth - Research - South Africa
689	A study and implementation of an electronic commerce website using active server pages Boutkhil, Soumaya 01 January 2001 (has links) The purpose of this project is to design an electronic commerce site for MarocMart company. MarocMart.com is an one-stop shopping company for a number of high quality products: carpets, jewelry, pottery, wood, leather, metals, and fashion items, etc... Each article is unique, hand-made by Moroccan craftsmen. Web site development Client/server computing World Wide Web -- Economic aspects Distributors (Commerce) Handicraft -- Morocco -- Marketing Digital Communications and Networking Marketing
690	A web application for Medasolution Healthcare Company customer service system Jia, Hao 01 January 2005 (has links) Medasolution is a virtual company designed by the author to handle Medicare insurance business. The web application (which uses ASP.net and SQL Server 2000) facilitates communication between Medasolution and all its clients: members, employers, brokers, and medicare providers through separate web pages based on their category levels. The program incorporates security so that it follows government privacy rules regarding client information. Electronic commerce Software Medicare Database management Relational databases Web sites Design Web servers Security measures SQL (Computer program language) Database management Electronic commerce Medicare Relational databases SQL (Computer program language) Web sites Design. Software Engineering

Search results