21 |
Monitoring for Reliable and Secure Power Management Integrated Circuits via Built-In Self-TestJanuary 2019 (has links)
abstract: Power management circuits are employed in most electronic integrated systems, including applications for automotive, IoT, and smart wearables. Oftentimes, these power management circuits become a single point of system failure, and since they are present in most modern electronic devices, they become a target for hardware security attacks. Digital circuits are typically more prone to security attacks compared to analog circuits, but malfunctions in digital circuitry can affect the analog performance/parameters of power management circuits. This research studies the effect that these hacks will have on the analog performance of power circuits, specifically linear and switching power regulators/converters. Apart from security attacks, these circuits suffer from performance degradations due to temperature, aging, and load stress. Power management circuits usually consist of regulators or converters that regulate the load’s voltage supply by employing a feedback loop, and the stability of the feedback loop is a critical parameter in the system design. Oftentimes, the passive components employed in these circuits shift in value over varying conditions and may cause instability within the power converter. Therefore, variations in the passive components, as well as malicious hardware security attacks, can degrade regulator performance and affect the system’s stability. The traditional ways of detecting phase margin, which indicates system stability, employ techniques that require the converter to be in open loop, and hence can’t be used while the system is deployed in-the-field under normal operation. Aging of components and security attacks may occur after the power management systems have completed post-production test and have been deployed, and they may not cause catastrophic failure of the system, hence making them difficult to detect. These two issues of component variations and security attacks can be detected during normal operation over the product lifetime, if the frequency response of the power converter can be monitored in-situ and in-field. This work presents a method to monitor the phase margin (stability) of a power converter without affecting its normal mode of operation by injecting a white noise/ pseudo random binary sequence (PRBS). Furthermore, this work investigates the analog performance parameters, including phase margin, that are affected by various digital hacks on the control circuitry associated with power converters. A case study of potential hardware attacks is completed for a linear low-dropout regulator (LDO). / Dissertation/Thesis / Masters Thesis Electrical Engineering 2019
|
22 |
Assessing Practices of Cloud Storage Security Among Users : A Study on Security Threats in Storage as a Service EnvironmentJoo Jonsson, Hugo, Karlsson, Vilgot January 2023 (has links)
With the immense amount of data generated daily, relying solely on physical storage is insufficient. Therefore, Cloud services have become a big part of our day-to-day life, as they allow users to store data and relieve customers from the burden of maintenance. However, this technology relies on the internet, which increases the potential security risks and threats. This survey-based study investigates users' security practices concerning Storage as a Service, along with a literature review of current security threats targeting users of these services. Additionally, a comparative analysis is conducted to compare the security features offered by the cloud storage providers. The study shows that users are generally concerned about internet security, and service providers have implemented appropriate security features to protect users.
|
23 |
Russia-Ukraine War: A Critical Assessment of Youth’s Security Threat Perceptions in VäxjöNgissa, Emmanuel Sitta January 2023 (has links)
Since the end of the Cold War, security and security threats have transcended beyond the traditional security aspects due to changed global interactions in the facets of economic, political, diplomatic and even domestic policies of individual states. The ongoing war between Russia and Ukraine has not only heightened defence and security concerns in Europe and globally but has also revived the Cold War security tensions in some way necessitating an understanding of how contemporary security threats and crisis preparedness are perceived by civilians in this modern day and age. Building from Ontological Security theory which holds that when an individual's sense of self and stability is challenged, they experience enormous anxiety, this study examines the attitudes and perceptions of the youths (many of whom were born and raised in the post-Cold War era) on security threats as well as their knowledge and trust in the government's civil defence and crisis preparedness in Växjö, Sweden. The study's analysis concludes that, despite being barely informed on civil defence crisis preparedness, Växjö's youths regard the ongoing war in Ukraine as less threatening to their ontological security but rather other human security issues due to factors like the war's narrative bearing little relevance, youth's media scepticism and refraining from negative news. Furthermore, the findings present a dramatic range of trust among the youths in the government's competence to handle emergencies, reflecting on crisis preparedness knowledge among the youths in Växjö.
|
24 |
Comparative Analysis and Development of Security Tools for Vulnerability Detection : Exploring the Complexity of Developing Robust Security SolutionsWiklund, Milton January 2024 (has links)
Detta examensarbete ålägger en omfattande studie riktad mot att granska de komplexiteter och utmaningar som förekommer vid utveckling av robusta och effektiva verktyg som upptäcker säkerhetsrisker i kod. Genom att bestyra en jämförande analys av redan existerande säkerhetsverktyg, och engagera sig i ett försök av att utveckla ett säkerhetsverktyg från en grundläggande nivå, strävar detta arbete efter att uppenbara de underliggande anledningarna bakom varför det, inom cybersäkerhet, ännu är en stor utmaning att ligga steget före skadliga aktörer. Inledande bidrar forskningen med en överblick av aktuella säkerhetsverktyg, och samtidigt undersöks deras effektivitet, metoder, samt de typer av sårbarheter som verktygen är designade för att upptäcka. Genom systematiska mätningar betonar studien styrkor och svagheter av säkerhetsverktygen, och samtidigt dokumenteras utvecklingsprocessen av ett nytt säkerhetsverktyg med syfte att upptäcka liknande sårbarheter som de jämförda verktygen. De bemötta utmaningarna vid utvecklande—som att behandla moderna säkerhetshot, och integrera komplexa upptäckningsalgoritmer—diskuteras för att förevisa de övertygande hinder som utvecklare påträffar. Därutöver bedöms viktigheten av att effektivt kunna upptäcka sårbarheter, och hur det kan hjälpa att bevara integritet och pålitlighet av applikationer. Examensarbetet siktar mot att bidra med viktig insyn i området cybersäkerhet, samt stödja fortsatt utveckling i mån av att mildra säkerhetshot. Sammanfattningsvis visar resultatet från denna studie att det krävs både kunskap och ambition för att utveckla ett säkerhetsverktyg från grunden, eftersom nya hot uppstår nästan varenda dag. Studien avslöjar också att skadliga aktörer är kända för att regelbundet leta efter sårbarheter i system, och är en av de ledande anledningarna till varför det är så svårt att bekämpa cyberhot. / This thesis stipulates a comprehensive study aimed at examining the complexities and challenges in developing robust and effective tools for detecting security vulnerabilities in code. By performing a comparative analysis of already existing security tools, and engaging in an attempt of developing a security tool from a foundational level, this work strives to disclose the underlying reasons as to why staying one step ahead of malicious actors remains a difficult challenge in cybersecurity. Introductory, the study provides an overview of current security tools while examining their effectiveness, methodologies, and the types of vulnerabilities they are designed to detect. Through systematic measurements, the study highlights strengths and weaknesses of the security tools while, simultaneously, documenting the process of developing a new security tool designed to detect similar vulnerabilities to the compared tools. The challenges faced during development—such as treating modern security threats, and integrating complex detection algorithms—are discussed to portray the compelling hurdles that developers encounter. Moreover, this thesis assesses the importance of effectively detecting vulnerabilities, and how it can aid in maintaining integrity and trustworthiness of applications. The thesis aims to contribute with valuable insight into the field of cybersecurity and support continued development for mitigating cyber threats. In conclusion, the outcome from this study shows that developing a security tool from a foundational level requires both knowledge and ambition, since new threats occur almost every day. The study also reveals that malicious actors are known for frequently looking for vulnerabilities in systems, making it one of the leading reasons why it is difficult to fight cyber threats.
|
25 |
Analysis of security issues in cloud based e-learningKumar, Gunasekar, Chelikani, Anirudh January 2011 (has links)
Cloud based E-Learning is one of the booming technologies in IT field which brings powerful e-learning products with the help of cloud power. Cloud technology has numerous advantages over the existing traditional E-Learning systems but at the same time, security is a major concern in cloud based e-learning. So security measures are unavoidable to prevent the loss of users’ valuable data from the security vulnerabilities. Cloud based e-learning products also need to satisfy the security needs of customers and overcome various security threats which attack valuable data stored in cloud servers.So the study investigates various security issues involved in cloud based e-learning technology with an aim to suggest solutions in the form of security measures and security management standards. These will help to overcome the security threats in cloud based e-learning technology. To achieve our thesis aim, we used theoretical and empirical studies. Empirical study is made through the information gathered through various cloud based e-learning solution vendors websites. And the theoretical study is made through the text analysis on various research articles related to our subject areas. And finally the constant comparative method is used to compare the empirical findings with the facts discovered from our theoretical findings. These analysis and research studies are leads to find various security issues in cloud based e-learning technology. / Program: Magisterutbildning i informatik
|
26 |
ARTSY : A Reproduction Transaction SystemBjörk, Mårten, Max, Sofia January 2003 (has links)
<p>A Transaction Reproduction System (ARTSY) is a distributed system that enables secure transactions and reproductions of digital content over an insecure network. A field of application is reproductions of visual arts: A print workshop could for example use ARTSY to print a digital image that is located at a remote museum. The purpose of this master thesis project was to propose a specification for ARTSY and to show that it is technically feasible to implement it. </p><p>An analysis of the security threats in the ARTSY context was performed and a security model was developed. The security model was approved by a leading computer security expert. The security mechanisms that were chosen for the model were: Asymmetric cryptology, digital signatures, symmetric cryptology and a public key registry. A Software Requirements Specification was developed. It contains extra directives for image reproduction systems but it is possible to use it for an arbitrary type of reproduction system. A prototype of ARTSY was implemented using the Java programming language. The prototype uses XML to manage information and Java RMI to enable remote communication between its components. It was built as a platform independent system and it has been tested and proven to be operational on the Sun Solaris platform as well as the Win32 platform.</p>
|
27 |
ARTSY : A Reproduction Transaction SystemBjörk, Mårten, Max, Sofia January 2003 (has links)
A Transaction Reproduction System (ARTSY) is a distributed system that enables secure transactions and reproductions of digital content over an insecure network. A field of application is reproductions of visual arts: A print workshop could for example use ARTSY to print a digital image that is located at a remote museum. The purpose of this master thesis project was to propose a specification for ARTSY and to show that it is technically feasible to implement it. An analysis of the security threats in the ARTSY context was performed and a security model was developed. The security model was approved by a leading computer security expert. The security mechanisms that were chosen for the model were: Asymmetric cryptology, digital signatures, symmetric cryptology and a public key registry. A Software Requirements Specification was developed. It contains extra directives for image reproduction systems but it is possible to use it for an arbitrary type of reproduction system. A prototype of ARTSY was implemented using the Java programming language. The prototype uses XML to manage information and Java RMI to enable remote communication between its components. It was built as a platform independent system and it has been tested and proven to be operational on the Sun Solaris platform as well as the Win32 platform.
|
28 |
Collecive Security Treaty Organization (csto) And The Limitations Of RussiaBorkoeva, Janargul 01 August 2011 (has links) (PDF)
This thesis aims to discuss the Collective Security Treaty Organization (CSTO)
and the sources of Russia&rsquo / s influence over its other member-states. It focuses on
the origins of the CSTO and the development of security cooperation within the
CSTO framework. The thesis argues that although the CSTO continues to be a
Russia-centric regional security organization, Russia&rsquo / s influence over the other
CSTO member states has been gradually limited throughout the 2000s due to the
increasing diversity in the threat perception of the other CSTO member states and
the increasing penetration of the other regional security organizations into the post-
Soviet space.
Following the Introduction chapter, the second chapter discusses the origins of
security cooperation within the framework of the CIS. The third chapter analyzes
the CSTO in terms of its structure and activities since its establishment in 2002. The
next chapter outlines the transnational challenges to the security of the post-Soviet
states and their threat perception, as well as the efforts to promote regional security
by the regional actors. The fifth chapter analyzes the increasing involvement of other
regional security organizations, such as SCO, OSCE, and NATO into the post-Soviet
space. The concluding chapter discusses the main finding of the thesis.
|
29 |
Mexico’s national security framework in the context of an interdependent world : a comparative architecture approachMartinez Espinosa, Cesar Alfredo 04 February 2014 (has links)
In a more complex and interdependent world, nations face new challenges that threaten their national security. National security should not be understood exclusively in the way of military threats by adversarial states but in a broader way: how old and new sectoral threats affect not only a state and its institutions but a nation as a whole, physically and economically. This dissertation looks into how the nature of security threats and risks has evolved in recent years. This dissertation then explores how different nations have decided to publish national security strategy documents and analyzes the way in which they include this broadened understanding of security: it finds that there is evidence of international policy diffusion related to the publication of such security strategies and that nations are evolving towards a broader understanding of security that includes models like whole-of-government, and whole-of-society. In the second half, this dissertation analyzes the route through which Mexico has reformed its national security framework since the year 2000 through a policy streams approach. After looking at the path that led to the creation of Mexico’s modern national security institutions, it analyzes the way in which Mexico national interests can be determined and how these interests inform the way in which Mexico understands national security threats and risks in the 21st Century. / text
|
30 |
Diseño de arquitectura de seguridad perimetral para una empresa dedicada a la actividad inmobiliariaMontes Larios, Jose Manuel, Iturrizaga Hernández, Manuel Antonio January 2015 (has links)
Debido a que el uso de Internet se encuentra en aumento, cada vez más compañías permiten a sus socios y proveedores acceder a sus sistemas de información. Por lo tanto, es fundamental saber qué recursos de la compañía necesitan protección para así controlar el acceso al sistema y los derechos de los usuarios del sistema de información. A su vez día a día se descubren nuevas vulnerabilidades, nuevos tipos de ataques y nuevos parches que aplicar los sistemas institucionales, convirtiendo la operación de la seguridad en una tarea sumamente compleja y demandante.
El presente documento es sobre el desarrollo de la seguridad perimetral en la empresa Los Portales, vale indicar que dicha empresa es una de las más renombradas a nivel de la actividad inmobiliaria en el Perú, por ende se está considerando las amenazas de seguridad desde perspectivas diferentes para permitir de esta forma conocer algunos riesgos que puedan afectar a la institución, así como determinar el nivel de madurez de la seguridad informática, a su vez se demostrara a detalle el diseño e implementación de la solución así como el alcance económico.
Because Internet use is increasing, more and more companies allow their partners and suppliers access to their information systems. Therefore, it is essential to know what company resources need protection so as to control system access and the rights of users of the information system. In turn every day new vulnerabilities, new types of attacks and new patches to apply institutional systems, making the security operation in an extremely complex and demanding task are discovered.
This thesis is on the development of perimeter security at Los Portales, it indicate that the company is one of the most renowned level of real estate activity in Peru, thus being considered security threats from different perspectives to meet thus enable some risks that may affect the institution, and to determine the maturity level of computer security, in turn demonstrate in detail the design and implementation of the solution as well as the economic scope.
|
Page generated in 0.0661 seconds