A melhor ferramenta para a sua pesquisa, trabalho e TCC!
Página 13 dos resultados de 8247 itens digitais encontrados em 0.012 segundos
Segurança em processamento de dados; Data processing security
Fonte: Biblioteca Digitais de Teses e Dissertações da USP
Publicador: Biblioteca Digitais de Teses e Dissertações da USP
Tipo: Dissertação de Mestrado
Formato: application/pdf
Publicado em 16/10/1981
Português
Relevância na Pesquisa
371.30035%
#Administração de TI#Auditoria de sistemas#Data processing#Governança em TI#Information systems#Information technology#IT governance#IT management#Processamento de dados#Security#Segurança
A comunidade empresarial e os profissionais de Sistemas e Processamento de Dados enfrentam atualmente um novo tipo de desafio: A ameaça dos computadores. O crescente volume de computadores e a larga utilização das tecnologias de teleprocessamento e de redes estão levando as organizações à crescente dependencia de sua Estrutura de Informatica e de seu principal produto: os sistemas de informação e os demais elementos a eles associados. Não é dificil constatar que o impacto destas tecnologias tem sido absorvido apenas parcialmente não só por usuários mas tambem pelos profissionais. De fato o desenvolvimento dos computadores não é acompanhado pelo correspondente desenvolvimento dos princípios de Administração de Processamento de Dados. Isso significa que os princípios e normas administrativos e de controle para este tipo de atividade não se encontram no estágio desejado, isto é, não foram estabelecidos princípios e normas definitivos para obter-se uma area de Processamento de Dados completamente segura e confiável. Esta "janela aberta" é, como consequência, o caminho mais curto para práticas criminosas e erros generalizados, os quais resultarão em danos ás operações e aos ativos das organizações. O conceito de segurança amplamente utilizado atualmente refere-se mais à segurança física e não inclui todos os componentes de uma área de Processamento de Dados...
Link permanente para citações:
Identifying Supervisory Control and Data Acquisition (SCADA) systems on a network via remote reconnaissance
Fonte: Monterey, California. Naval Postgraduate School
Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
371.30035%
Presidential Decision Directive (PDD) 63 calls for improving the security of Supervisory Control and Data Acquisition (SCADA) and other control systems which operate the critical infrastructure of the United States. In the past, these industrial computer systems relied on security through obscurity. Recent economic and technical shifts within the controls industry have increased their vulnerability to cyber attack. Concurrently, their value as a target has been recognized by terrorist organizations and competing nation states. Network reconnaissance is a basic tool that allows computer security managers to understand their complex systems. However, existing reconnaissance tools incorporate little or no understanding of control systems. This thesis provides a conceptual analysis for the creation of a SCADA network exploration/reconnaissance tool. Several reconnaissance techniques were researched and reviewed in a laboratory environment to determine their utility for SCADA system discovery. Additionally, an application framework using common non-SCADA security tools was created to provide a proof of concept. Development of a viable tool for identifying SCADA systems remotely will help improve critical infrastructure security by improving situational awareness for network managers.
Link permanente para citações:
Mass dissemination of INFOSEC lectures via the World Wide Web.
Fonte: Monterey, California. Naval Postgraduate School
Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
371.30035%
Approved for public release; distribution is unlimited; The Naval Postgraduate School (NPS) Center for Information Systems Security (INFOSEC) Studies and Research (NPS CISR) invites experts in the field of INFOSEC to NPS to lecture on computer security. Other universities, government, and non-government organizations need similar lectures. Two problems arise: experienced security practitioners are few in number and cannot spend a considerable amount of time on the lecture circuit. Also, for many institutions a regular lecture series would be too costly. To solve these problems a method for mass distribution of the NPS security lectures must be designed. Multi media tools were used to capture INFOSEC lectures for cost effective mass dissemination. By using the appropriate equipment, computer technology, and software, a tool was developed which can distribute security lectures to an unlimited audience in multiple formats. The resulting product is a tutorial to give content providers a technique to take archived video tapes, digitize them, edit them, and export them. These lectures can be delivered in HTML, compact disk, and video taped formats. An analysis of the production process yields a set of recommendations for optimizing the user interface and balancing producer and user requirements such as memory conservation...
Link permanente para citações:
Single sign-on solution for MYSEA services
Fonte: Monterey, California. Naval Postgraduate School
Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado
Formato: xvi, 88 p. : ill. ;
Português
Relevância na Pesquisa
371.30035%
The Monterey Security Architecture (MYSEA) is a trusted distributed environment enforcing multilevel security policies. To provide a scaleable architecture, a federation of MYSEA servers handles service requests. However, the introduction of multiple servers creates security and usability problems associated with multiple user logins. A single sign-on solution for the MYSEA server federation is needed. After user authenticates once to a single MYSEA server, the user's credentials are used to sign on to the other MYSEA servers. The goal of this thesis is to create a high-level design and specification of a single sign-on framework for MYSEA. This has entailed a review and comparison of existing single sign-on architectures and solutions, a study of the current MYSEA design, the development of a new architecture for single sign-on, an analysis of single signon threats within a MYSEA context, a derivation of single sign-on objectives in MYSEA, leading up to the security requirements for single sign-on in MYSEA. Security and functionality are the main driving factors in the design. Others factors include performance, reliability, and the feasibility of integration into the existing MYSEA MLS network. These results will serve as a basis for a detailed design and future development of sign-on in MYSEA.
Link permanente para citações:
Computational soundness for standard assumptions of formal cryptography
Fonte: Massachusetts Institute of Technology
Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado
Formato: 100 p.; 4682230 bytes; 4693726 bytes; application/pdf; application/pdf
Português
Relevância na Pesquisa
371.30035%
This implementation is conceptually simple, and relies only on general assumptions. Specifically, it can be thought of as a 'self-referential' variation on a well-known encryption scheme. 4. Lastly, we show how the computational soundness of the Dolev-Yao model can be maintained even as it is extended to include new operators. In particular, we show how the Diffie-Hellman key-agreement scheme and the computational Diffie-Hellman assumption can be added to the Dolev-Yao model in a computationally sound way.; The Dolev-Yao model is a useful and well-known framework in which to analyze security protocols. However, it models the messages of the protocol at a very high level and makes extremely strong assumptions about the power of the adversary. The computational model of cryptography, on the other hand, takes a much lower-level view of messages and uses much weaker assumptions. Despite the large differences between these two models, we have been able to show that there exists a relationship between them. Previous results of ours demonstrate that certain kinds of computational cryptography can result in an equivalence of sorts between the formal and computational adversary. Specifically: * We gave an interpretation to the messages of the Dolev-Yao model in terms of computational cryptography...
Link permanente para citações:
Maintaining secrecy when information leakage is unavoidable
Fonte: Massachusetts Institute of Technology
Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado
Formato: 121 p.; 9107724 bytes; 9122773 bytes; application/pdf; application/pdf
Português
Relevância na Pesquisa
371.30035%
(cont.) We apply the framework to get new results, creating (a) encryption schemes with very short keys, and (b) hash functions that leak no information about their input, yet-paradoxically-allow testing if a candidate vector is close to the input. One of the technical contributions of this research is to provide new, cryptographic uses of mathematical tools from complexity theory known as randomness extractors.; Sharing and maintaining long, random keys is one of the central problems in cryptography. This thesis provides about ensuring the security of a cryptographic key when partial information about it has been, or must be, leaked to an adversary. We consider two basic approaches: 1. Extracting a new, shorter, secret key from one that has been partially compromised. Specifically, we study the use of noisy data, such as biometrics and personal information, as cryptographic keys. Such data can vary drastically from one measurement to the next. We would like to store enough information to handle these variations, without having to rely on any secure storage-in particular, without storing the key itself in the clear. We solve the problem by casting it in terms of key extraction. We give a precise definition of what "security" should mean in this setting...
Link permanente para citações:
The analysis of cryptographic APIs using the theorem prover Otter; Analysis of cryptographic application programming interfaces using the theorem prover Otter
Fonte: Massachusetts Institute of Technology
Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado
Formato: 81 p.; 3655429 bytes; 3664202 bytes; application/pdf; application/pdf
Português
Relevância na Pesquisa
371.30035%
In 2000, Bond and Anderson exposed a new family of attacks on application programming interfaces (APIs) of security modules. These attacks elicit compromising behaviors using an unexpected sequence of legal calls to the module, uncovering severe security flaws even in widely-deployed cryptographic hardware. Because these attacks do not depend on the underlying ryptographic mechanisms, they often succeed even under the assumption of ideal cryptographic primitives. This thesis presents a methodology for the automatic detection of API attacks. Taking a cue from previous work on the formal analysis of security protocols and noting these attacks' independence from precise cryptographic mechanisms, we model APIs opaquely, purely according to specifications. We use a theorem prover tool and adapt it to the security API context. Several specifications of Cryptographic APIs are implemented for analysis using a theorem prover known as OTTER. These implementations successfully found known attacks, and provide evidence that OTTER will also be able to find new attacks, and perhaps eventually verify security in arbitrary Cryptographic APIs. Based on these implementations, various strategies, potential problems, and solutions are discussed that can be applied towards the formal analysis of Cryptographic APIs. We detail how...
Link permanente para citações:
Malware Detection Module using Machine Learning Algorithms to Assist in Centralized Security in Enterprise Networks
Fonte: Universidade Cornell
Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 08/02/2012
Português
Relevância na Pesquisa
371.30035%
Malicious software is abundant in a world of innumerable computer users, who
are constantly faced with these threats from various sources like the internet,
local networks and portable drives. Malware is potentially low to high risk and
can cause systems to function incorrectly, steal data and even crash. Malware
may be executable or system library files in the form of viruses, worms,
Trojans, all aimed at breaching the security of the system and compromising
user privacy. Typically, anti-virus software is based on a signature definition
system which keeps updating from the internet and thus keeping track of known
viruses. While this may be sufficient for home-users, a security risk from a
new virus could threaten an entire enterprise network. This paper proposes a
new and more sophisticated antivirus engine that can not only scan files, but
also build knowledge and detect files as potential viruses. This is done by
extracting system API calls made by various normal and harmful executable, and
using machine learning algorithms to classify and hence, rank files on a scale
of security risk. While such a system is processor heavy, it is very effective
when used centrally to protect an enterprise network which maybe more prone to
such threats.; Comment: 6 pages
Link permanente para citações:
Mobile Agent Systems, Recent Security Threats and Counter Measures
Fonte: Universidade Cornell
Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 06/10/2014
Português
Relevância na Pesquisa
371.30035%
Mobile agent technology offers a dramatically evolving computing paradigm in
which a program, in the form of a software agent, can suspend its execution on
a host computer, transfers itself to another agent-enabled host on the network,
and resumes execution on the new host. It is 1960's since mobile code has been
used in the form of remote job entry systems. Today's mobile agents can be
characterized in a number of ways ranging from simple distributed objects to
highly organized intelligent softwares. As a result of this rapid evolvement of
mobile agents, plenty of critical security issues has risen and plenty of work
is being done to address these problems. The aim is to provide trusted mobile
agent systems that can be easily deployed and widely adopted. In this paper, we
provide an overview of the most recent threats facing the designers of agent
platforms and the developers of agent-based applications. The paper also
identifies security objectives, and measures for countering the identified
threats and fulfilling those security objectives.; Comment: international journal of computer science issues, march 2014
Link permanente para citações:
Functional Programming and Security
Fonte: Universidade Cornell
Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 27/01/2012
Português
Relevância na Pesquisa
371.30035%
#Computer Science - Cryptography and Security#Computer Science - Programming Languages#Computer Science - Software Engineering
This paper analyses the security contribution of typical functional-language
features by examining them in the light of accepted information security
principles. Imperative and functional code are compared to illustrate various
cases. In conclusion, there may be an excellent case for the use of functional
languages on the grounds of better security; however, empirical research should
be done to validate this possibility.
Link permanente para citações:
CD-PHY: Physical Layer Security in Wireless Networks through Constellation Diversity
Fonte: Universidade Cornell
Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 25/08/2011
Português
Relevância na Pesquisa
371.30035%
#Computer Science - Cryptography and Security#Computer Science - Computational Complexity#Computer Science - Networking and Internet Architecture
A common approach for introducing security at the physical layer is to rely
on the channel variations of the wireless environment. This type of approach is
not always suitable for wireless networks where the channel remains static for
most of the network lifetime. For these scenarios, a channel independent
physical layer security measure is more appropriate which will rely on a secret
known to the sender and the receiver but not to the eavesdropper. In this
paper, we propose CD-PHY, a physical layer security technique that exploits the
constellation diversity of wireless networks which is independent of the
channel variations. The sender and the receiver use a custom bit sequence to
constellation symbol mapping to secure the physical layer communication which
is not known a priori to the eavesdropper. Through theoretical modeling and
experimental simulation, we show that this information theoretic construct can
achieve Shannon secrecy and any brute force attack from the eavesdropper incurs
high overhead and minuscule probability of success. Our results also show that
the high bit error rate also makes decoding practically infeasible for the
eavesdropper, thus securing the communication between the sender and receiver.; Comment: 9 pages...
Link permanente para citações:
Physical Layer Security: Coalitional Games for Distributed Cooperation
Fonte: Universidade Cornell
Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 25/06/2009
Português
Relevância na Pesquisa
371.30035%
Cooperation between wireless network nodes is a promising technique for
improving the physical layer security of wireless transmission, in terms of
secrecy capacity, in the presence of multiple eavesdroppers. While existing
physical layer security literature answered the question "what are the
link-level secrecy capacity gains from cooperation?", this paper attempts to
answer the question of "how to achieve those gains in a practical decentralized
wireless network and in the presence of a secrecy capacity cost for information
exchange?". For this purpose, we model the physical layer security cooperation
problem as a coalitional game with non-transferable utility and propose a
distributed algorithm for coalition formation. Through the proposed algorithm,
the wireless users can autonomously cooperate and self-organize into disjoint
independent coalitions, while maximizing their secrecy capacity taking into
account the security costs during information exchange. We analyze the
resulting coalitional structures, discuss their properties, and study how the
users can self-adapt the network topology to environmental changes such as
mobility. Simulation results show that the proposed algorithm allows the users
to cooperate and self-organize while improving the average secrecy capacity per
user up to 25.32% relative to the non-cooperative case.; Comment: Best paper Award at Wiopt 2009
Link permanente para citações:
Soft Constraint Programming to Analysing Security Protocols
Fonte: Universidade Cornell
Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 14/12/2003
Português
Relevância na Pesquisa
371.30035%
#Computer Science - Cryptography and Security#Computer Science - Artificial Intelligence#D.3.3#K.6.5#D.4.6
Security protocols stipulate how the remote principals of a computer network
should interact in order to obtain specific security goals. The crucial goals
of confidentiality and authentication may be achieved in various forms, each of
different strength. Using soft (rather than crisp) constraints, we develop a
uniform formal notion for the two goals. They are no longer formalised as mere
yes/no properties as in the existing literature, but gain an extra parameter,
the security level. For example, different messages can enjoy different levels
of confidentiality, or a principal can achieve different levels of
authentication with different principals.
The goals are formalised within a general framework for protocol analysis
that is amenable to mechanisation by model checking. Following the application
of the framework to analysing the asymmetric Needham-Schroeder protocol, we
have recently discovered a new attack on that protocol as a form of retaliation
by principals who have been attacked previously. Having commented on that
attack, we then demonstrate the framework on a bigger, largely deployed
protocol consisting of three phases, Kerberos.; Comment: 29 pages, To appear in Theory and Practice of Logic Programming
(TPLP) Paper for Special Issue (Verification and Computational Logic)
Link permanente para citações:
To Make a Robot Secure: An Experimental Analysis of Cyber Security Threats Against Teleoperated Surgical Robots
Fonte: Universidade Cornell
Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
371.30035%
Teleoperated robots are playing an increasingly important role in military
actions and medical services. In the future, remotely operated surgical robots
will likely be used in more scenarios such as battlefields and emergency
response. But rapidly growing applications of teleoperated surgery raise the
question; what if the computer systems for these robots are attacked, taken
over and even turned into weapons? Our work seeks to answer this question by
systematically analyzing possible cyber security attacks against Raven II, an
advanced teleoperated robotic surgery system. We identify a slew of possible
cyber security threats, and experimentally evaluate their scopes and impacts.
We demonstrate the ability to maliciously control a wide range of robots
functions, and even to completely ignore or override command inputs from the
surgeon. We further find that it is possible to abuse the robot's existing
emergency stop (E-stop) mechanism to execute efficient (single packet) attacks.
We then consider steps to mitigate these identified attacks, and experimentally
evaluate the feasibility of applying the existing security solutions against
these threats. The broader goal of our paper, however, is to raise awareness
and increase understanding of these emerging threats. We anticipate that the
majority of attacks against telerobotic surgery will also be relevant to other
teleoperated robotic and co-robotic systems.
Link permanente para citações:
Partial Order Reduction for Security Protocols
Fonte: Universidade Cornell
Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
371.30035%
Security protocols are concurrent processes that communicate using
cryptography with the aim of achieving various security properties. Recent work
on their formal verification has brought procedures and tools for deciding
trace equivalence properties (e.g., anonymity, unlinkability, vote secrecy) for
a bounded number of sessions. However, these procedures are based on a naive
symbolic exploration of all traces of the considered processes which,
unsurprisingly, greatly limits the scalability and practical impact of the
verification tools.
In this paper, we overcome this difficulty by developing partial order
reduction techniques for the verification of security protocols. We provide
reduced transition systems that optimally eliminate redundant traces, and which
are adequate for model-checking trace equivalence properties of protocols by
means of symbolic execution. We have implemented our reductions in the tool
Apte, and demonstrated that it achieves the expected speedup on various
protocols.
Link permanente para citações:
The Effect of Visual Noise on The Completion of Security Critical Tasks
Fonte: Universidade Cornell
Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
371.30035%
User errors while performing security-critical tasks can lead to undesirable
or even disastrous consequences. One major factor influencing mistakes and
failures is complexity of such tasks, which has been studied extensively in
prior research. Another important issue which hardly received any attention is
the impact of both accidental and intended distractions on users performing
security-critical tasks. In particular, it is unclear whether, and to what
extent, unexpected sensory cues (e.g., auditory or visual) can influence user
behavior and/or trigger mistakes. Better understanding of the effects of
intended distractions will help clarify their role in adversarial models. As
part of the research effort described in this paper, we administered a range of
naturally occurring -- yet unexpected -- sounds while study participants
attempted to perform a security-critical task. We found that, although these
auditory cues lowered participants' failure rates, they had no discernible
effect on their task completion times. To this end, we overview some relevant
literature that explains these somewhat counter-intuitive findings.
Conducting a thorough and meaningful study on user errors requires a large
number of participants, since errors are typically infrequent and should not be
instigated more than once per subject. To reduce the effort of running numerous
subjects...
Link permanente para citações:
Modeling and performance evaluation of computer systems security operation
Fonte: Universidade Cornell
Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 20/12/2012
Português
Relevância na Pesquisa
371.4336%
#Computer Science - Cryptography and Security#Computer Science - Systems and Control#Mathematics - Optimization and Control#68M20 (Primary) 93C65, 15A80, 90B15, 90B22 (Secondary)
A model of computer system security operation is developed based on the
fork-join queueing network formalism. We introduce a security operation
performance measure, and show how it may be used to performance evaluation of
actual systems.; Comment: Simulation 2001: 4th St. Petersburg Workshop on Simulation, St.
Petersburg, Russia, June 18-22, 2001; ISBN 5-7997-0304-9
Link permanente para citações:
Heuristic Methods for Security Protocols
Fonte: Universidade Cornell
Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 21/10/2009
Português
Relevância na Pesquisa
371.4336%
#Computer Science - Cryptography and Security#Computer Science - Logic in Computer Science#Computer Science - Programming Languages
Model checking is an automatic verification technique to verify hardware and
software systems. However it suffers from state-space explosion problem. In
this paper we address this problem in the context of cryptographic protocols by
proposing a security property-dependent heuristic. The heuristic weights the
state space by exploiting the security formulae; the weights may then be used
to explore the state space when searching for attacks.
Link permanente para citações:
Guessing human-chosen secrets
Fonte: University of Cambridge; Faculty of Computer Science and Technology; Computer Laboratory
Publicador: University of Cambridge; Faculty of Computer Science and Technology; Computer Laboratory
Tipo: Thesis; doctoral; PhD
Português
Relevância na Pesquisa
371.4336%
Authenticating humans to computers remains a notable weak point in computer security despite decades of effort. Although the security research community has explored dozens of proposals for replacing or strengthening passwords, they appear likely to remain entrenched as the standard mechanism of human-computer authentication on the Internet for years to come. Even in the optimistic scenario of eliminating passwords from most of today's authentication protocols using trusted hardware devices or trusted servers to perform federated authentication, passwords will persist as a means of "last-mile" authentication between humans and these trusted single sign-on deputies. This dissertation studies the difficulty of guessing human-chosen secrets, introducing a sound mathematical framework modeling human choice as a skewed probability distribution. We introduce a new metric, alpha-guesswork, which can accurately models the resistance of a distribution against all possible guessing attacks. We also study the statistical challenges of estimating this metric using empirical data sets which can be modeled as a large random sample from the underlying probability distribution. This framework is then used to evaluate several representative data sets from the most important categories of human-chosen secrets to provide reliable estimates of security against guessing attacks. This includes collecting the largest-ever corpus of user-chosen passwords...
Link permanente para citações:
The performance of Group Diffie-Hellman paradigms: a software framework and analysis
Fonte: Rochester Instituto de Tecnologia
Publicador: Rochester Instituto de Tecnologia
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
371.4336%
#Contributory#Diffie#Hellman#Scalability#Security#QA76.9.A25 H349 2007#Public key infrastructure (Computer security)--Evaluation#Computer networks--Security measures#Data encryption (Computer science)#Computer networks--Scalability
A mobile computing environment typically involves groups of small, low-power devices
interconnected through a mobile and dynamic network. Attempts to secure communication over these “ad-hoc” networks must be scalable to conserve the minimal resources of mobile devices as network sizes grow. In this project, the scalability of differing Group Diffie-Hellman security key generation implementations is examined. In theory, the implementation utilizing a data structure with the lowest theoretical run-time complexity for building the Diffie-Hellman group should prove the most scalable experimentally. A common modular framework was implemented to support generic Group Diffie-Hellman key agreement implementations abstracted from the underlying data structure and traversal mechanism. For comparison, linear, tree-based, and hypercubic Group Diffie-Hellman topologies were implemented
and tested. Studies were conducted upon the results to compare the experimental
scalability of each implementation to the other implementations as well as the theoretic predictions. The results indicate that the benefits of implementations with
low theoretic-complexity are rarely experienced in smaller networks (less than 100 nodes,) and conversely implementations with high theoretic-complexities become unsuitable in larger networks (more than 100 nodes.) These experimental results match
the theoretical predictions based on the mathematical properties of each implementation. Since mobile ad-hoc networks are typically small...
Link permanente para citações: