Global ETD Search

11	Enhancing Information Security in Cloud Computing Services using SLA based metrics / Enhancing Information Security in Cloud Computing Services using SLA based metrics , Nia, Mganga, Ramadianti Putri;, Charles, Medard January 2011 (has links) Context: Cloud computing is a prospering technology that most organizations are considering for adoption as a cost effective strategy for managing IT. However, organizations also still consider the technology to be associated with many business risks that are not yet resolved. Such issues include security, privacy as well as legal and regulatory risks. As an initiative to address such risks, organizations can develop and implement SLA to establish common expectations and goals between the cloud provider and customer. Organizations can base on the SLA to measure the achievement of the outsourced service. However, many SLAs tend to focus on cloud computing performance whilst neglecting information security issues. Objective: We identify threats and security attributes applicable in cloud computing. We also select a framework suitable for identifying information security metrics. Moreover, we identify SLA based information security metrics in the cloud in line with the COBIT framework. Methods: We conducted a systematic literature review (SLR) to identify studies focusing on information security threats in the cloud computing. We also used SLR to select frameworks available for identification of security metrics. We used Engineering Village and Scopus online citation databases as primary sources of data for SLR. Studies were selected based on the inclusion/exclusion criteria we defined. A suitable framework was selected based on defined framework selection criteria. Based on the selected framework and conceptual review of the COBIT framework we identified SLA based information security metrics in the cloud. Results: Based on the SLR we identified security threats and attributes in the cloud. The Goal Question Metric (GQM) framework was selected as a framework suitable for identification of security metrics. Following the GQM approach and the COBIT framework we identified ten areas that are essential and related with information security in the cloud computing. In addition, covering the ten essential areas we identified 41 SLA based information security metrics that are relevant for measuring and monitoring security performance of cloud computing services. Conclusions: Cloud computing faces similar threats as traditional computing. Depending on the service and deployment model adopted, addressing security risks in the cloud may become a more challenging and complex undertaking. This situation therefore appeals to the cloud providers the need to execute their key responsibilities of creating not only a cost effective but also a secure cloud computing service. In this study, we assist both cloud provider and customers on the security issues that are to be considered for inclusion in their SLA. We have identified 41 SLA based information security metrics to aid both cloud providers and customers obtain common security performance expectations and goals. We anticipate that adoption of these metrics can help cloud providers in enhancing security in the cloud environment. The metrics will also assist cloud customers in evaluating security performance of the cloud for improvements. cloud computing security metrics security threats security measurement frameworks Computer Sciences Datavetenskap (datalogi)
12	Säkerställning av Kunddata i ett Distribuerat System / Securing Customer Data in a Distributed System Gjertz, Johan January 2005 (has links) This work presents a security analysis of a distributed software system. Relevant threats have been identified and a set of possible countermeasures are presented. The different countermeasures have been compared against each other by looking at performance, scalability, flexibility, usability and cost considerations. A prototype system has been implemented as a proof-of-concept with database encryption, logging and access control. / Detta magisterarbete presenterar en säkerhetsanalys av ett distribuerat mjukvarusystem. Relevanta hot har blivit identifierade och ett antal möjliga säkerhetslösningar har blivit presenterade. Lösningarna har blivit jämförda med varandra genom att titta på prestanda, skalbarhet, flexibilitet, användbarhet och kostnader. Ett prototypsystem har blivit implementerat som ”proof- of-concept” med databas kryptering, loggning och rättighetskontroll. Database encryption performance VPN Security threats Computer Sciences Datavetenskap (datalogi) Software Engineering Programvaruteknik
13	Architecture for IMS Security to Mobile:Focusing on Artificial Immune System and Mobile Agents Integration / English to Swedish Chalamalasetty, Kalyani January 2009 (has links) The IP Multimedia Subsystem (IMS) is an open IP based service infrastructure that enables an easy deployment of new rich multimedia services mixing voice and data. The IMS is an overlay network on top of IP that uses SIP as the primary signaling mechanism. As an emerging technology, the SIP standard will certainly be the target of Denial of Service (DoS) attacks and consequently IMS will also inherit this problem. The objective of proposed architecture for IMS is to cram the potential attacks and security threats to IP Multimedia Subsystem (IMS) and explore the security solutions developed by 3GPP. This research work incorporates the ideas of immune system and multiagent architecture that is capable of detecting, identifying and recovering from an attack. The proposed architecture protects IMS core components i.e. P-CSCF (Proxy- Call Session Control Function), I-CSCF (Interrogating-Call Session Control Function), S-CSCF (Serving Call Session Control Function) and HSS (Home Subscriber Server) from external and internal threats like eavesdropping, SQL injection and denial-ofservice (DoS) attacks. In the first level i.e. CPU under normal load all incoming and out going messages were investigated to detect and prevent SQL injection. Second level considers Denial of Service (DOS) attacks when CPU load exceeds threshold limit. Proposed architecture is designed and evaluated by using an approach called Architecture Tradeoff Analysis Method (ATAM). The results obtained confirm consistency of the architecture. / kalyani-0046737527800 IP Multimedia Subsystem (IMS) security threats Denial of Service (DoS) SQL Computer Sciences Datavetenskap (datalogi) Telecommunications Telekommunikation
14	Security analysis of the WiMAX technology in Wireless Mesh networks Siddiqui, Md. Rezaul Karim, Rahman, Sayed Mohammad Atiqur January 2009 (has links) The IEEE 802.16 (WiMAX) is the promising technique to overcome some disadvantages on the Security concern of the widespread IEEE 802.11 standard. For providing high speed wide area broadband wireless access, WiMAX is an emerging wireless technology for creating multi-hop Mesh network. Based on the wired backbone wireless Mesh networks serve to get over present dependencies of wireless system. Wireless operates on Physical later and MAC layer in the air interface to provide fixed and Mobile Broadband Wireless Access (BWA) in broad range of frequencies. Due to the lack of Physical infrastructure of wireless networks are inherently less secure. In order to protect data exchange between the MAC layer and PHY layer WiMAX specifies a security sub-layer at the bottom of the MAC layer. The security sub-layer provides privacy with SS and BS from service hijacking. For providing authentication, data traffic privacy services and key management a PKM protocol defined by the WiMAX MAC as a sub-layer where the PKM protocol is the main protocol work in the security sub-layer. WiMAX is only a “Paper based” newly established technology based on Wi-Fi system then it is tough to find out its security holes in all the way. Keeping all the fact in mind the objectives of the thesis are to analyze the WiMAX security architecture security keys (AK, KEK and HMAC) are used for authorization, authentication and key management and TEK is for secure data transmission, possible security vulnerabilities, threats and risks are classified according to different layer with 802.16 std Mesh network. In addition, vulnerabilities comparison between IEEE 802.11 and 802.16 std has been pointed out in details, as well as security improvements and possible solutions has been proposed to protect WiMAX attacks. IEEE 802.16 WiMAX Mesh mode Mesh network Vulnerability Security threats Computer Sciences Datavetenskap (datalogi) Telecommunications Telekommunikation
15	The PHP programmer`s guide to secure code Clarinsson, Richard, Magnusson, Samuel January 2005 (has links) Abstract Security threats against computer systems are a big problem today which also includes PHP made applications. The report is focused on protection with the help of code and not how you protect a web server. Its purpose is not to educate the readers of the thesis how to make a PHP application, the purpose is how to program a safer PHP application. The thesis contains information about common security threats against PHP scripts. It contains in most cases examples of what an attack can look like and how a protection for that example can be achieved. We have tested all code examples if they work by installing our own server with the configurations according to the delimitations of the thesis and putting up small PHP applications, which we have attacked and then protected. The contents and result of this thesis can benefit developers that use PHP as a programming language for creating web applications, by giving them information about common threats and protection. Keywords: security PHP security threats programming code protectio Information Systems
16	Bezpečnost v databázi Oracle / Security in Oracle database Lukanič, Michal January 2010 (has links) The amount of electronically stored data is constantly growing. That's why we should consider the data security. Most electronic information is stored in the database. This thesis is concerned with ensuring data security in the Oracle database. First of all, I describe some of the available security surveys, to make it clear why we need to ensure the data security. In addition, I also describe the main aspects of information security. The aim is to introduce what we mean by security of information. Then I examine the recommendations of ISO 17799 standard, which is one of the sources for the measures described in the main part of this thesis. The next part is dedicated to finding the important security threats, which are used as a basis for following description of security tools. The aim of described recommendations and threats is to discover what is needed to ensure the data security. In the main part of this thesis I discuss the various security tools and procedures. The main objective of this thesis is the description of tools and procedures to ensure data security, following the recommendations of international standards and typical security threats. All described tools are part of the Oracle database. I place emphasis on the user access control.
17	Informační a kybernetické hrozby v roce 2019 / Information and Cyber Threats in 2019 Bača, Jonatán January 2020 (has links) Diploma thesis focuses on information and cyber threats in 2019. It comprises theoretical basis for better understanding of the issue. Afterward the thesis describes the analysis of the current situation which combined several analyses primarily aimed on Czech companies. In the last part draft measures is created which contain predictions and preventive actions and recommendations for companies.
18	Identifikace počítače pomocí vzorů v síťovém provozu / Computer Identification Based on Its Network Behaviour Myška, Michal January 2014 (has links) This diploma thesis deals with computer identification using network behavioral patterns. Security functions providing privacy are described together with user privacy threats. Then, several approaches to the computer identification based on network behaviour are described. The proposed tool is based on data mining method Multinomial Naive Bayes. Then, the implementation of proposed tool is described and the experiments recognizing success in the identification are performed.
19	Ochrana datové sítě s využitím NetFlow dat / Network Protection Using NetFlow Data Hlavatý, Ivo January 2011 (has links) This document focuses on Cisco Netflow technology and its possible usage in monitoring networks and detecting network anomalies. Based on the analysis of attacks at the network and transport layer is designed an application for selected security threats which detects its presence. The implementation section provides a system for predicting network traffic and related detecting deviations from the baseline on the basis of statistical data. Use of NetFlow technolgy is demonstrated on examples where the results of other current security and monitoring techniques have failed or did not provide sufficiently good results.
20	Monitoring for Reliable and Secure Power Management Integrated Circuits via Built-In Self-Test January 2019 (has links) abstract: Power management circuits are employed in most electronic integrated systems, including applications for automotive, IoT, and smart wearables. Oftentimes, these power management circuits become a single point of system failure, and since they are present in most modern electronic devices, they become a target for hardware security attacks. Digital circuits are typically more prone to security attacks compared to analog circuits, but malfunctions in digital circuitry can affect the analog performance/parameters of power management circuits. This research studies the effect that these hacks will have on the analog performance of power circuits, specifically linear and switching power regulators/converters. Apart from security attacks, these circuits suffer from performance degradations due to temperature, aging, and load stress. Power management circuits usually consist of regulators or converters that regulate the load’s voltage supply by employing a feedback loop, and the stability of the feedback loop is a critical parameter in the system design. Oftentimes, the passive components employed in these circuits shift in value over varying conditions and may cause instability within the power converter. Therefore, variations in the passive components, as well as malicious hardware security attacks, can degrade regulator performance and affect the system’s stability. The traditional ways of detecting phase margin, which indicates system stability, employ techniques that require the converter to be in open loop, and hence can’t be used while the system is deployed in-the-field under normal operation. Aging of components and security attacks may occur after the power management systems have completed post-production test and have been deployed, and they may not cause catastrophic failure of the system, hence making them difficult to detect. These two issues of component variations and security attacks can be detected during normal operation over the product lifetime, if the frequency response of the power converter can be monitored in-situ and in-field. This work presents a method to monitor the phase margin (stability) of a power converter without affecting its normal mode of operation by injecting a white noise/ pseudo random binary sequence (PRBS). Furthermore, this work investigates the analog performance parameters, including phase margin, that are affected by various digital hacks on the control circuitry associated with power converters. A case study of potential hardware attacks is completed for a linear low-dropout regulator (LDO). / Dissertation/Thesis / Masters Thesis Electrical Engineering 2019 Engineering BIST DC DC converters Hardware Trojans LDO Power management Security threats

Search results