Página 6 dos resultados de 8247 itens digitais encontrados em 0.017 segundos

Sistema de gestão de segurança da informação em organizações da área da saúde; Information security management system in a healthcare organization

Ribas, Carlos Eduardo
Fonte: Biblioteca Digitais de Teses e Dissertações da USP Publicador: Biblioteca Digitais de Teses e Dissertações da USP
Tipo: Dissertação de Mestrado Formato: application/pdf
Publicado em 03/09/2010 Português
Relevância na Pesquisa
46.92222%
INTRODUÇÃO: Este estudo descreve o processo de implantação de um sistema de gestão de segurança da informação em uma organização de saúde, visando assegurar a confidencialidade, a integridade e a disponibilidade das informações. MÉTODOS: Utilizou-se a norma ISO 27001 para o desenvolvimento do projeto e o seu anexo A, através de uma nova metodologia, para avaliar a organização. Um questionário foi elaborado para avaliar a percepção dos funcionários com a segurança da informação e também para checar itens relacionados ao escopo do projeto. Avaliamos a segurança da informação no início e ao término do estudo. A análise estatística foi realizada com o teste do qui-quadrado com correção de Yates. O resultado foi considerado significante para P < 0,05. RESULTADOS: Houve resultado significativo na pontuação obtida pela organização, no total de controles implementados e no total de controles não implementados. Não houve resultados significativos com o questionário. CONCLUSÃO: O uso do SGSI trouxe benefícios para a organização com melhoras significativas no nível de conformidade com a norma de referência, além da redução dos riscos aos ativos da organização por meio da implementação de controles; INTRODUCTION: This study describes the implementations process of an Information Security Management System in a healthcare organization in order to assure the confidentiality...

Um sistema para análise e detecção de ataques ao navegador Web; A system for analysis and detection of browser attacks

Vitor Monte Afonso
Fonte: Biblioteca Digital da Unicamp Publicador: Biblioteca Digital da Unicamp
Tipo: Dissertação de Mestrado Formato: application/pdf
Publicado em 06/10/2011 Português
Relevância na Pesquisa
46.999927%
Páginas Web com conteúdo malicioso são uma das grandes ameaças à segurança de sistemas atualmente. Elas são a principal forma utilizada por atacantes para instalar programas maliciosos (malware) no sistema operacional dos usuários. Para desenvolver mecanismos de proteção contra essas páginas, elas precisam ser estudadas e entendidas profundamente. Existem diversos sistemas de análise que são capazes de analisar páginas Web, prover informações sobre elas e classificá-las como maliciosas ou benignas. Entretanto, estes sistemas possuem diversas limitações em relação ao tipo de código que pode ser analisado e aos tipos de ataque que podem ser detectados. Para suprir tal deficiência nos sistemas de análise de páginas Web maliciosas foi desenvolvido um sistema, chamado de BroAD (Browser Attacks Detection), que faz a análise destas páginas de forma dinâmica, monitorando tanto as chamadas de sistemas realizadas pelo navegador enquanto as processa, quanto as ações realizadas pelo código JavaScript contido na página. A detecção dos comportamentos maliciosos é feita em quatro etapas, utilizando técnicas de aprendizado de máquina e assinaturas. Estas etapas incluem a detecção de shellcodes, a detecção de anomalias no comportamento do JavaScript e a análise de chamadas de sistema e assinaturas de código JavaScript. Foram realizados testes que demonstram que o sistema desenvolvido possui taxas de detecção superiores aos sistemas do estado-da-arte de análise de páginas Web maliciosas e ainda provê mais informações a respeito delas...

NetSPA : a Network Security Planning Architecture; Network Security Planning Architecture

Artz, Michael Lyle, 1979-
Fonte: Massachusetts Institute of Technology Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado Formato: 96 leaves; 6148150 bytes; 6159472 bytes; application/pdf; application/pdf
Português
Relevância na Pesquisa
46.932695%
by Michael Lyle Artz.; Thesis (M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2002.; Includes bibliographical references (leaves 93-96).

Asbestos : operating system security for mobile devices; Operating system security for mobile devices

Stevenson, Martijn
Fonte: Massachusetts Institute of Technology Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado Formato: 78 p.
Português
Relevância na Pesquisa
46.999927%
This thesis presents the design and implementation of a port of the Asbestos operating system to the ARM processor. The port to the ARM allows Asbestos to run on mobile devices such as cell phones and personal digital assistants. These mobile, wireless-enabled devices are at risk for data attacks because they store private data but often roam in public networks. The Asbestos operating system is designed to prevent disclosure of such data. The port includes a file system and a network driver, which together enable future development of Asbestos applications on the ARM platform. This thesis evaluates the port with a performance comparison between Asbestos running on an HP iPAQ hand held computer and the original x86 Asbestos.; by Martijn Stevenson.; Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.; Includes bibliographical references (p. 75-78).

YAMA : a system for marking network traffic; System for marking network traffic

Hernández González, Néstor Felipe
Fonte: Massachusetts Institute of Technology Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado Formato: 108 p.
Português
Relevância na Pesquisa
46.999927%
Computer security performance analysis requires precise labeling of traffic as either background or attack traffic. When an experiment is performed on-line, it may also be important to identify traffic from the security system. Today this is tedious and difficult, requiring personnel with a deep understanding of multiple protocols. YAMA (Your Able Marking Aide) is a tool that labels sessions and packets associated with a set of user actions given those actions, the traffic, and a network configuration (host information and web page corpus). An evaluation of a version that processes web traffic is performed using data from Alexas Top 100 Sites. YAMA 1.0 correctly associates the action of visiting a specific site with 90% of all HTTP packets, and 99% of both HTTP GET and DNS packets. Furthermore, YAMA 1.0 produces zero false positives when given a high-level event indicating a user visited one web site and packets from a different site.; by Néstor Felipe Hernández González.; Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.; Includes bibliographical references (p. 105-108).

Security and decentralized control of the SFS global file system; Security and decentralized control of the secure file system global file system

Mazières, David (David Folkman), 1972-
Fonte: Massachusetts Institute of Technology Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado Formato: 53 p.
Português
Relevância na Pesquisa
46.932695%
by David Mazières.; Thesis (M.S.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1997.; Includes bibliographical references (p. 47-53).

Towards integrated security for sensor network aplications

Cionca, Victor; Newe, Thomas; Dadârlat, Vasile
Fonte: IEEE Computer Society Publicador: IEEE Computer Society
Tipo: info:eu-repo/semantics/conferenceObject; all_ul_research; ul_published_reviewed
Português
Relevância na Pesquisa
46.967754%
peer-reviewed; Widespread and commercial usage of Wireless Sensor Networks is kept back by the lack of strong and easy to use security. The wide range of applications of WSNs implies different and often contradictory security requirements. This paper argues the need for a configurable security architecture for WSNs and presents a methodology and software implementation to determine the most resource efficient suite of security protocols for a given application.

Personal computer security system

Besada, Jorge L.
Fonte: FIU Digital Commons Publicador: FIU Digital Commons
Tipo: Artigo de Revista Científica Formato: application/pdf
Português
Relevância na Pesquisa
46.999927%
This work consists on the design and implementation of a complete monitored security system. Two computers make up the basic system: one computer is the transmitter and the other is the receiver. Both computers interconnect by modems. Depending on the status of the input sensors (magnetic contacts, motion detectors and others) the transmitter detects an alarm condition and sends a detailed report of the event via modem to the receiver computer.

Security: Where Testing Fails

Irvine, Cynthia E.
Fonte: ITEA Journal Publicador: ITEA Journal
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
46.97468%
Computer security addresses the problem of enforcement of security policies in the presence of malicious users and software. Systems enforcing mandatory policies can create confinement domains that limit the damage incurred by malicious software executing in applications. To achieve assurance that the confinement domains cannot be breached, the underlying enforcement mechanism must be constructed to ensure that it is resistant to penetration by malicious software and is free of malicious artifacts. The limitations and contributions of testing in achieving these goals are discussed.

Toward a Medium-Robustness Separation Kernel Protection Profile

DeLong, Rance J.; Nguyen, Thuy D.; Irvine, Cynthia E.; Levin, Timothy E.
Fonte: Computer Security Applications Conference (ACSAC) Publicador: Computer Security Applications Conference (ACSAC)
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
46.97468%
Annual Computer Security Applications Conference (ACSAC); A protection profile for high-robustness separation kernels has recently been validated and several implementations are under development. However, medium-robustness separation kernel development efforts have no protection profile, although the US Government has published guidance for authoring such a profile. As a step toward a protection profile, a set of security requirements for medium-robustness separation kernels is proposed. These requirements result from an informal, yet principled, approach. By bracketing the problem with appropriate reference points and elaborating a method for interpolating the requirements both a measure of uniformity and a basis for further discussion are achieved. Our reference points include the high robustness protection profile, the existing medium robustness consistency instruction, and our familiarity with the nuances of separation kernels. This practitioner-oriented study is intended to advance the prevailing practices for commercial software development, which presently falls far short of the rigor needed for either high-robustness or medium-robustness systems. These requirements represent an incremental improvement in the pursuit of secure software � and is intended to be a step forward on the road to higher assurance.

Autonomous agents for distributed intrusion detection in a multi-host environment

Ingram, Dennis J.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado Formato: xiv, 66 p.;28 cm.
Português
Relevância na Pesquisa
46.932695%
Approved for public release; distribution is unlimited; Because computer security in today's networks is one of the fastest expanding areas of the computer industry, protecting resources from intruders is an arduous task that must be automated to be efficient and responsive. Most intrusion-detection systems currently rely on some type of centralized processing to analyze the data necessary to detect an intruder in real time. A centralized approach can be vulnerable to attack. If an intruder can disable the central detection system, then most, if not all, protection is subverted. The research presented here demonstrates that independent detection agents can be run in a distributed fashion, each operating mostly independent of the others, yet cooperating and communicating to provide a truly distributed detection mechanism without a single point of failure. The agents can run along with user and system software without noticeable consumption of system resources, and without generating an overwhelming amount of network traffic during an attack; http://www.archive.org/details/autonomousagents00ingr; Captain, United States Marine Corps

Scripting quality of security service (QoSS) safeguard measures for the suggested INFOCON system

Guild, Jennifer A.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado Formato: xviii, 124 p. : ill. (some col.)
Português
Relevância na Pesquisa
46.97468%
Approved for public release, distribution is unlimited; The existing INFOCON system is an information warning system that the DOD maintains. It is not formally correlated to other warning systems, such as DEFCON, FPCON/THREATCON, WATCHCONs, SANS INFOCON, or the Homeland Security Advisory System Threat condition. The criteria for each INFOCON level are subjective. The INFOCON recommended actions are a mix of policy and general technical measures. The INFOCON system vaguely follows the Defense in Depth network defense methodology. This thesis examines the foundations for the existing INFOCON system and presents an evolved INFOCON system. The focus will be on the security of the DOD information infrastructure and the accomplishment of the mission, as well as the usability and the standardization of the INFOCON warning system. The end result is a prototype that is a set of predefined escalation scripts for the evolved INFOCON system's safeguard measures.; Civilian, Federal Cyber Service Corps, Naval Postgraduate School

Security issues for the software evolution model

Rambidis, Anastasios X.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado Formato: xii, 103 p.;28 cm.
Português
Relevância na Pesquisa
46.967754%
This thesis examines the security requirements of the software evolution model and identifies possible security mechanisms called "control classes" that are applicable to the model. Then, based on combinations of "control lasses," proposes a suitable security level for each of the model's databases. Furthermore this thesis deals with the possibility of using Pretty Good Privacy as a method for protection of software data stored in databases. The software evolution model captures all the necessary changes in requirements early during the development process in order to help in minimization of project cancellation, delivery delays and extra costs for fixing errors. The protection of software data against unauthorized accesses and modifications is a primary consideration for the software evolution process. In this way, we can develop a secure environment on which the software evolution can rely for accomplishing its goal; http://www.archive.org/details/securityissuesfo00ramb; Lieutenant, Hellenic Navy

A framework for dynamic subversion

Rogers, David T.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado Formato: xvi, 110 p. : ill. (some col.) ;
Português
Relevância na Pesquisa
46.97468%
Approved for public release, distribution is unlimited; The subversion technique of attacking an operating system is often overlooked in information security. Operating Systems are vulnerable throughout their lifecycle in that small artifices can be inserted into an operating system's code that, on command, can completely disable its security mechanisms. To illustrate that this threat is viable, it is shown that it is not difficult for an attacker to implement the framework for the "two-card loader" type of subversion, a trap door which enables the insertion of arbitrary code into the operating system while the system is deployed and running. This framework provides several services such as memory allocation in the attacked system, and mechanisms for relocating, linking and loading the inserted attack code. Additionally, this thesis shows how Windows XP embedded designers can use Intel's x86 hardware more effectively to build a higher assurance operating system. Principles of hardware support are discussed and recommendations are presented. Subversion is overlooked because critics believe the attack is too difficult to carry out. It is illustrated in this thesis that this is simply not the case. Anyone with access to the operating system code at some point in its lifecycle can design a fairly elaborate subversion artifice with modest effort.; Ensign...

Developing a reliable methodology for assessing the computer network operations threat of North Korea

Brown, Christopher
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado Formato: xiv, 77 p. : ill. (some col.) ;
Português
Relevância na Pesquisa
46.89017%
Approved for release; distribution is unlimited; Computer network operations (CNO) can be considered a relatively new phenomenon being encount modern warfare. Computer network operation is comprised of three components, computer network attack computer network exploitation (CNE), and computer network defense (CND). Computer network attack is def operations to disrupt, deny, degrade, or destroy information resident in computer networks, or the computers and ne themselves. Computer network exploitation is the intelligence collection and enabling operations to gather data from adversary automated information systems (AIS) or networks. Finally, computer network defense are those me internal to the protected entity, taken to protect and defend information, computers, and networks from disruption, degradation, or destruction. No longer is warfare limited to the use of kinetic weapons and conventional methods of war. Computer network operations have become an integral part of our adversary's arsenal and more attention must be paid to the effects of CNO activities, particularly CNA and CNE being conducted by our adversaries. Of the many states suspected of conducting active CNO activities against the United States and other nations, none warrants more attention than North Korea. This thesis presents the development of methodology using information available from open sources. This work is intended to prove that a useful methodology for assessing the CNO capabilities and limitations of North Korea can be developed using only open source information.; Lieutenant...

A Sound Type System for Secure Flow Analysis

Smith, Geoffrey; Irvine, Cynthia E.; Volpano, Dennis
Fonte: Journal of Computer Security Publicador: Journal of Computer Security
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
46.932695%
Ensuring secure information flow within programs in the context of multiple sensitivity levels has been widely studied Especially noteworthy is Denning' s work in secure flow analysis and the lattice model. Until now however the soundness of Denning s analysis has not been established satisfactorily We formulate Denning's approach as a type system and present a notion of soundness for the system that can be viewed as a form of noninterference Soundness is established by proving with respect to a standard programming language semantics that all well typed programs have this noninterference property.

Modeling and design for future wireless cellular networks: coverage, rate, and security

Wang, He
Fonte: Universidade Nacional da Austrália Publicador: Universidade Nacional da Austrália
Tipo: Thesis (PhD); Doctor of Philosophy (PhD)
Português
Relevância na Pesquisa
46.92222%
Accompanied by the wide penetration of smartphones and other personal mobile devices in recent years, the foremost demand for cellular communications has been transformed from offering subscribers a way to communicate through low data rate voice call connections initially, into providing connectivity with good coverage, high data rate, as well as strong security for sensitive data transmission. To satisfy the demands for improved coverage and data rate, the cellular network is undergoing a significant transition from conventional macrocell-only deployment to heterogeneous network (HetNet), in which a multitude of radio access technologies can be co-deployed intelligently and flexibly. However, the small cells newly introduced in HetNet, such as picocells and femtocells, have complicated the network topology and the interference environment, thus presenting new challenges in network modeling and design. In recent studies, performance analyses were carried out accurately and tractably with the help of Poisson point process (PPP)-based base station (BS) model. This PPP-based model is extended in this work with the impact of directional antennas taken into account. The significance of this extension is emphasized by the wide usage of directional antennas in sectorized macrocell cells. Moreover...

El riesgo y la falta de políticas de seguridad informática una amenaza en las empresas certificadas BASC

González Agudelo, Daniel Felipe; Cabrera Albornoz, Luis alfredo
Fonte: Universidad Militar Nueva Granada; Facultad de Relaciones Internacionales, Estrategia y Seguridad; Administración de la Seguridad y Salud Ocupacional Publicador: Universidad Militar Nueva Granada; Facultad de Relaciones Internacionales, Estrategia y Seguridad; Administración de la Seguridad y Salud Ocupacional
Tipo: bachelorThesis; Trabajo de grado Formato: pdf; pdf
Português
Relevância na Pesquisa
46.97468%
El presente ensayo está enfocado en el numeral 7 de los estándares de seguridad de la norma BASC, el cual menciona la seguridad en las tecnologías de la información (protección con contraseñas, responsabilidad y protección a los sistemas y datos). El tema a desarrollar se enfoca en la problemática que conlleva no tener políticas, procedimientos y/o normas de seguridad informática en las empresas certificadas BASC. La protección de datos, documentos y control de acceso a la información es un tema que cada día toma más fuerza en las grandes compañías, debido a las diferentes especialidades de hackers y crackers que roban información vital.; This essay focuses on paragraph 7 of the safety standards of the BASC norm, which mentions security in information technology (password protection, accountability and protection for systems and data). The theme focuses on developing the problems that entails not have policies, procedures and / or rules of computer security companies certified BASC. The protection of data, documents and control access to information is an issue that every day takes more strength in large companies due to the different specialties of hackers and crackers to steal vital information.

DETERMINING FACTORS OF BANK EMPLOYEE READING HABITS OF INFORMATION SECURITY POLICIES

Allassani,William
Fonte: TECSI Laboratório de Tecnologia e Sistemas de Informação - FEA/USP Publicador: TECSI Laboratório de Tecnologia e Sistemas de Informação - FEA/USP
Tipo: Artigo de Revista Científica Formato: text/html
Publicado em 01/12/2014 Português
Relevância na Pesquisa
47.002183%
This paper seeks to answer the question 'What factors determine bank employee reading habits of security policies? Using the chi-square test, this research analyses the reading habits of bank staff to ascertain whether there is significant difference in their reading habits with regards to the following independent variable- gender, the section of bank the employee works (whether department or branch), number of years the staff has worked with the bank and the ownership status of the bank (public, private or foreign owned). In addition, logistic regression was employed to determine the predictors of these reading habits. This paper adopts a quantitative research methodology to study the information security reading habits of 136 Ghanaian bank staff from various banks and concludes that bank staffs working in departments are more likely to regularly read their banks policies than employees working in a branch. This paper also shows that there is statistical significant difference in reading habits with regards to the number of years an employee has worked with the bank. The paper finally shows that there is no statistical significant difference in security reading habits with regards to gender and ownership status of the bank. The logistic regression analysis also reveals that a respondent in a department is 4.4 times more likely to read the security policies relative to those in a branch. The analysis also concludes that ...

Improvement of reconciliation for quantum key distribution

Chen, Keath
Fonte: Rochester Instituto de Tecnologia Publicador: Rochester Instituto de Tecnologia
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
46.999927%
Quantum Key Distribution is meant to be an ultimate computer security system that will not need upgrade/overhaul from time to time. QKD allows the generation of long key length on demand. QKD, coupled with the unconditional secure "one-time pad" encryption system, will be unbreakable for eavesdropper with infinite resources. Numerous experimental QKD prototypes have demonstrated that QKD is likely to be a reality before quantum computer. One of the steps in a Quantum Key Distribution protocol is to remove the transmission errors from quantum communication, which typically has a high error rate (one percent or higher). An interactive error control method is utilized in the reconciliation of QKD. This procedure divides transmitted bits into blocks. The size of the block is chosen so that the chance of having multiple error bits in one block is small. By checking parity and doing interactive BINARY search when a parity error is found, error bits can be located and removed. Some error bits escape the detection from the first pass. By repeating this procedure several times, each time randomly dividing bits into blocks, most error bits can be detected and removed. Each parity check means loss of one bit. The goal is to minimize the number of parity checks to locate all (or most) errors and to have a high reliability that the remaining bits have very small residue error rate. Brassard and Salvail devised a better error control procedure in 1993. By keeping track of block parity information from pass to pass...