Página 5 dos resultados de 8247 itens digitais encontrados em 0.020 segundos

Uso de informações de contexto em segurança computacional; Use of context information on computer security

Milagres, Francisco Gomes
Fonte: Biblioteca Digitais de Teses e Dissertações da USP Publicador: Biblioteca Digitais de Teses e Dissertações da USP
Tipo: Dissertação de Mestrado Formato: application/pdf
Publicado em 07/10/2004 Português
Relevância na Pesquisa
463.7291%
Diariamente, novos sistemas ubíquos são desenvolvidos e integrados ao nosso cotidiano, cuja presença às vezes não é percebida pelos seus usuários. O objetivo deste trabalho é investigar as questões de segurança e privacidade existentes nos paradigmas de computação ubíqua e ciente de contexto. Utilizando um protótipo de TV interativa - TV-I (Goularte, 2003) - que possui características de mobilidade e ciência de contexto, este trabalho define um conjunto de requisitos mínimos para a garantia de segurança e privacidade em sistemas ubíquos. É também objetivo deste trabalho utilizar informações contextuais para gerenciamento dinâmico de requisitos de segurança e privacidade por meio de políticas expressas em linguagem EPAL. Para validar os resultados desta pesquisa, foi implementado o Gerente de Segurança como um serviço do protótipo TV-I. A principal característica desse gerente é controlar o acesso a informações pessoais por meio de informações de contexto fornecidas pelo Gerente de Contexto, de autoria de Santos (2004); Every day, new ubiquitous systems are being developed and integrated into our daily routines, whose presence is sometimes not even perceived by the casual user. The aim of this work is to investigate questions of security and privacy in ubiquitous and context aware computing. Using a prototype for interactive television - TV-I (Goularte...

Aspectos de segurança em jogos online; Security issues in online games

Andre Gustavo Gontijo Penha
Fonte: Biblioteca Digital da Unicamp Publicador: Biblioteca Digital da Unicamp
Tipo: Dissertação de Mestrado Formato: application/pdf
Publicado em 17/08/2007 Português
Relevância na Pesquisa
465.81605%
Jogos online e jogos móveis são os nichos que mais crescem na bilionária indústria de entretenimento eletrônico. Em países fortemente afetados por pirataria, como Brasil, Rússia e China, modelos de jogos em rede são vistos por publicadores como alternativas para contornar o problema. Essa expansão online traz consigo, no entanto, as preocupações usuais de sistemas em rede: disponibilidade, escalabilidade, segurança. Jogos, em particular, são normalmente ambientes de disputa. Joga-se em rede contra alguém, seja por batalhas sangrentas, pela construção de impérios que se enfrentam ou na administração de ferrovias concorrentes. É justamente esta concorrência que motiva grande parte dos ataques a jogos. Para combater os ataques, um primeiro passo é entender as vulnerabilidades, que podem estar na concepção de um jogo, no software criado para implementá-lo, nos drivers (de vídeo, por exemplo), nos protocolos utilizados. Nesta dissertação procuro identificar pontos de vulnerabilidade, apresentando uma classificação taxonômica de ataques e estudando soluções já conhecidas para alguns casos. Além disso, proponho a junção de uma solução de segurança a um modelo híbrido de distribuição de jogos (que utiliza conceitos de distribuição em peers e de arquitetura cliente-servidor); Online and mobile games are two of the fastest growing niches inside the billionaire game industry. Countries like Brazil...

POSH : a generalized CAPTCHA with security applications; Generalized CAPTCHA with security applications

Daher, Waseem S. (Waseem Sebastian)
Fonte: Massachusetts Institute of Technology Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado Formato: 53 p.
Português
Relevância na Pesquisa
466.15402%
A puzzle only solvable by humans, or POSH, is a prompt or question with three important properties: it can be generated by a computer, it can be answered consistently by a human, and a human answer cannot be efficiently predicted by a computer. In fact, a POSH does not necessarily have to be verifiable by a computer at all. One application of POSHes is a scheme proposed by Canetti et al. that limits on-line dictionary attacks against password-protected local storage, without the use of any secure hardware or secret storage. We explore the area of POSHes, implement several candidate POSHes and have users solve them, to evaluate their effectiveness. Given these data, we then implement the above scheme as an extension to the Mozilla Firefox web browser, where it is used to protect user certificates and saved passwords. In the course of doing so, we also define certain aspects of the threat model for our implementation (and the scheme) more precisely.; by Waseem S. Daher.; Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2008.; This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.; Includes bibliographical references (p. 51-53).

On the role of primary and secondary assets in adaptive security: an application in smart grids

Pasquale, Liliana; Mazeiar, Salehie; Ali, Raian; Omoronyia, Inah; Nuseibeh, Bashar
Fonte: IEEE Computer Society Publicador: IEEE Computer Society
Tipo: info:eu-repo/semantics/conferenceObject; all_ul_research; ul_published_reviewed
Português
Relevância na Pesquisa
465.27617%
peer-reviewed; Adaptive security aims to protect valuable assets managed by a system, by applying a varying set of security controls. Engineering adaptive security is not an easy task. A set of effective security countermeasures should be identified. These countermeasures should not only be applied to (primary) assets that customers desire to protect, but also to other (secondary) assets that can be exploited by attackers to harm the primary assets. Another challenge arises when assets vary dynamically at runtime. To accommodate these variabilities, it is necessary to monitor changes in assets, and apply the most appropriate countermeasures at runtime. The paper provides three main contributions for engineering adaptive security. First, it proposes a modeling notation to represent primary and secondary assets, along with their variability. Second, it describes how to use the extended models in engineering security requirements and designing required monitoring functions. Third, the paper illustrates our approach through a set of adaptive security scenarios in the customer domain of a smart grid. We suggest that modeling secondary assets aids the deployment of countermeasures, and, in combination with a representation of assets variability...

Engineering security into distributed systems: a survey of methodologies

Uzunov, A.; Fernandez, E.; Falkner, K.
Fonte: Springer Publicador: Springer
Tipo: Artigo de Revista Científica
Publicado em //2012 Português
Relevância na Pesquisa
466.316%
Rapid technological advances in recent years have precipitated a general shift towards software distribution as a central computing paradigm. This has been accompanied by a corresponding increase in the dangers of security breaches, often causing security attributes to become an inhibiting factor for use and adoption. Despite the acknowledged importance of security, especially in the context of open and collaborative environments, there is a growing gap in the survey literature relating to systematic approaches (methodologies) for engineering secure distributed systems. In this paper, we attempt to fill the aforementioned gap by surveying and critically analyzing the state-of-the-art in security methodologies based on some form of abstract modeling (i.e. model-based methodologies) for, or applicable to, distributed systems. Our detailed reviews can be seen as a step towards increasing awareness and appreciation of a range of methodologies, allowing researchers and industry stakeholders to gain a comprehensive view of the field and make informed decisions. Following the comprehensive survey we propose a number of criteria reflecting the characteristics security methodologies should possess to be adopted in real-life industry scenarios...

Quality of Security Service

Irvine, Cynthia E.; Levin, Timothy E.
Fonte: Proceedings of the New Security Paradigms Workshop, Ballycotton, Ireland Publicador: Proceedings of the New Security Paradigms Workshop, Ballycotton, Ireland
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
464.5867%
We examine the concept of security as a dimension of Quality of Service in distributed systems. Implicit to the concept of Quality of Service is the notion of choice or variation. Security services also offer a range of choice both from the user perspective and among the underlying resources. We provide a discussion and examples of user-specified security variables and show how the range of service levels associated with these variables can support the provision of Quality of Security Service, whereby security is a constructive network management tool rather than a performance obstacle. We also discuss various design implications regarding security ranges provided in a QoS-aware distributed system.

Extended Abstract: Trustworthy System Security through 3-D Integrated Hardware

Huffmire, Ted; Valamehr, Jonathan; Sherwood, Timothy; Kastner, Ryan; Levin, Timothy; Nguyen, Thuy D.; Irvine, Cynthia E.
Fonte: IEEE International Workshop on Hardware-Oriented Security and Trust Publicador: IEEE International Workshop on Hardware-Oriented Security and Trust
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
463.7291%
While hardware resources in the form of both transistors and full microprocessor cores are now abundant, economic factors prevent specialized hardware mechanisms required for secure processing from being integrated into commodity parts. We are exploring a novel way in which commodity hardware can be augmented after fabrication to enhance secure operation for only those systems that require it. Our methods will be applicable to a wide range of security problems, including the detection and isolation of hardware subversion and Trojan horses, cache-based side channels in chip multi-processors (CMPs), embedded systems security, and hardware intrusion detection and prevention. Utilizing off-the-shelf components to build trustworthy systems results in a constant battle with the underlying machine to provide separation, isolation, and protection. This problem is exacerbated by the movement to multi-core processors since security functionality (e.g., strong security primitives) is rarely considered a priority at the platform ISA or micro-architecture levels and since features exploitable by adversaries (e.g., resource sharing) are included for performance at the expense of security. Without a significant shift in the way computing systems are constructed (from the software down to the circuits)...

Measuring the Human Factor of Cyber Security

Bowen, Brian M.; Stolfo, Salvatore J.; Devarajan, Ramaswamy
Fonte: Monterey, California. Naval Postgraduate School; Center for Homeland Defense and Security Publicador: Monterey, California. Naval Postgraduate School; Center for Homeland Defense and Security
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
463.7291%
This article appeared in Homeland Security Affairs (May 2012), supplement 5, article 2; "This paper investigates new methods to measure, quantify and evaluate the security posture of human organizations especially within large corporations and government agencies. Computer security is not just about technology and systems. It is also about the people that use those systems and how their vulnerable behaviors can lead to exploitation. We focus on measuring enterprise-level susceptibility to phishing attacks. Results of experiments conducted at Columbia University and the system used to conduct the experiments are presented that show how the system can also be effective for training users. We include a description of follow-on work that has been proposed to DHS that aims to measure and improve the security posture of government departments and agencies, as well as for comparing security postures of individual agencies against one another."

A 3D Split Manufacturing Approach to Trustworthy System Development

Valamehr, Jonathan; Sherwood, Timothy; Kastner, Ryan; Marangoni-Simonsen, David; Huffmire, Ted; Irvine, Cynthia; Levin, Timothy
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório
Português
Relevância na Pesquisa
465.81605%
Approved for public release; distribution is unlimited.; Securing the supply chain of integrated circuits is of the utmost importance to computer security. In addition to counterfeit microelectronics, the theft or malicious modification of designs in the foundry can result in catastrophic damage to critical systems and large projects. In this Technical Report, we describe a 3D architecture that splits a design into two separate tiers: one tier that contains critical security functions is manufactured in a trusted foundry; another tier is manufactured in an unsecured foundry. We argue that a split manufacturing approach to hardware trust based on 3D integration is viable and provides several advantages over other approaches.

The benefits of student research in information systems security education

Irvine, Cynthia E.
Fonte: Escola de Pós-Graduação Naval Publicador: Escola de Pós-Graduação Naval
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
465.81605%
"Today we are all taking our first steps in a new world. One in which information technology will transform practically every aspect of our lives. We as individuals, small businesses, corporations, and nations cannot accomplish our work using computers without computer security. For this reason, we need computer security education programs, but more importantly, we need people to help us build this new world. We need to product graduates who are enthusiastic and creative. Research is one of the best ways to achieve this objective."

Evaluation and interoperatibility of security protocols and arquitectures

Sierra Cámara, José María
Fonte: Universidade Carlos III de Madrid Publicador: Universidade Carlos III de Madrid
Tipo: Relatório Formato: application/pdf
Publicado em 14/04/2008 Português
Relevância na Pesquisa
463.7291%
During the last years, use of security protocols has increased significantly. Protection of the communications had been provided by security protocols and architectures, however some problems have appeared, revealing that the potential expansion of ICT can be limited if some interoperability problems are not solved. Our group have created and implemented a new methodology in order to reduce the interoperability problems of the implementations of security protocols and architectures. This methodology develops a completed conformance evaluation with the particular security standard and furthermore realizes a performance analysis of the more important parameters for the development of security protocols.

Valuing Security by Getting [d0x3d!] Experiences with a network security board game

Gondree, Mark; Peterson, Zachary N. J.
Fonte: Escola de Pós-Graduação Naval Publicador: Escola de Pós-Graduação Naval
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
465.81605%
We motivate using non-digital games to teach computer security concepts and describe the inspirations driving the design of our board game, [d0x3d!]. We describe our experiences in designing game mechanics that teach security principles and our observations in developing an open-source game product. We survey our experiences with playing the game with students and our plans for supporting the game in and out of the classroom.; The US National Science Foundation (NSF) provided partial support for this work under award #1140561.

Policy enforced remote login

Levin, Timothy E.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório Formato: 7 p.: ill.;28 cm.
Português
Relevância na Pesquisa
465.81605%
This document describes enhancements made to the popular OpenSSH authentication service to restrict the execution of OpenSSH processes by applying a ring-based program execution policy. We also apply a label-based mandatory access control (MAC) policy to limit a user's login shell to run at a specific security level within the user's authorized security clearance range. While still rudimentary, these enhancements illustrate the usefulness of a ring- based execution mechanism for restricting program behavior.

Design principles for security

Benzel, Terry V.; Irvine, Cynthia E.; Levin, Timothy E.; Nguyen, Thuy D.; Clark, Paul C.; Bhaskare, Ganesha
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório Formato: iv, 23 p.: ill.;28 cm.
Português
Relevância na Pesquisa
465.81605%
As a prelude to the clean-slate design for the SecureCore project, the fundamental security principles from more than four decades of research and development in information security technology were reviewed. As a result of advancing technology, some of the early principles required re-examination. For example, previous worked examples of combinations of hardware, and software may have encountered problems of performance and extensibility, which may no longer exist in today's environment. Moore's law in combination with other advances has yielded better performance processors, memory and context switching mechanisms. Secure systems design approaches to networking and communication are beginning to emerge and new technologies in hardware-assisted trusted platform development and processor virtualization open hither to previously unavailable possibilities. The results of this analysis have been distilled into a review of the principles that underlie the design and implementation of trustworthy systems.; CNS-0430566;National Science Foundation

Wireless network security: design considerations for an enterprise network

Oh, Khoon Wee
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado Formato: xiv, 63 p. : ill. (some col.)
Português
Relevância na Pesquisa
465.81605%
Approved for public release, distribution is unlimited; Since its introduction in 1999, the Institute of Electrical and Electronics Engineers (IEEE) 802.11 Wireless Local Area Network (WLAN) has become the de-facto standard for wireless networking, providing convenient and low cost connectivity. Increasingly, enterprises are extending their networks with 802.11-based WLANs to provide mobility and information-on-the-move for its employees. However, the introduction of WLANs into enterprise networks has raised major concerns about security. A poorly implemented WLAN introduces weaknesses in the enterprise network which can be exploited by attackers, resulting in severe consequences for the enterprise. This thesis was sponsored by the DoD to study the problem of designing a secure wireless architecture for an enterprise network. The specific requirements for the enterprise network were based extensively on DoD and the intelligence community's security guidelines and policies. This thesis provides an indepth analysis into the 802.11 standard and measures how far the standard goes in meeting the specific requirements of the enterprise network. This thesis presents a layered-defense architecture to provide a scalable design for secure wireless networks. A prototype system utilizing XML to control the flow of classified information in wireless networks is also presented. .; Civilian...

Toward an internet service provider (ISP) centric security

Price, Patrick D.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado Formato: xi, 78 p. : ill. (some col.), col. map ;
Português
Relevância na Pesquisa
463.7291%
Approved for public release; distribution is unlimited; This thesis was completed in cooperation with the Institute for Information Superiority and Innovation.; Individual users, businesses, and governments have become functionally dependent on the Internet's connectivity to interact at the most basic levels of social and economic intercourse. Yet self-propagating worms and distributed denial of service attacks have demonstrated that disruption of the Internet infrastructure can be quickly achieved despite the vast knowledge of vulnerabilities and readily available subscriber-based countermeasures. In part, this condition is made possible because networks continue to operate under an obsolete subscriber-centric security paradigm that is based on all end users being trusted to act appropriately. This thesis develops the idea of an Internet Service Provider (ISP)- centric security approach by examining the types, roles, security mechanisms, and operational precepts of ISP's to illustrate their functional control within the infrastructure. Denial of service and worm attacks are detailed to provide the context for an emerging set of conditions that forms the basis of the requirement for the ISP approach. This paper concludes by examining four enabling technologies currently available that...

Risk and arguments: a risk-based argumentation method for practical security

Franqueira, Virginia N L; Tun, Thein Than; Yu, Yijun; Wieringa, Roel; Nuseibeh, Bashar
Fonte: IEEE Computer Society Publicador: IEEE Computer Society
Tipo: Conference item; all_ul_research; ul_published_reviewed; none
Português
Relevância na Pesquisa
464.5867%
non-peer-reviewed; When showing that a software system meets certain security requirements, it is often necessary to work with formal and informal descriptions of the system behavior, vulnerabilities, and the threats from potential attackers. In earlier work, Haley et al. [4] showed structured argumentation could deal with such mixed descriptions. However, incomplete and uncertain information, and limited resources force practitioners to settle for good-enough security. To deal with these conditions of practice, we extend the method of Haley et al. with risk assessment. The proposed method, RISA (RIsk assessment in Security Argumentation), uses public catalogs of security expertise to support the risk assessment, and to guide the security argumentation in identifying rebuttals and mitigations for security requirements satisfaction. We illustrate RISA with a realistic example of PIN entry device.

The Security Plan: Effectively Teaching How To Write One

Clark, Paul C.
Fonte: Naval Postgraduate School (U.S). Publicador: Naval Postgraduate School (U.S).
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
464.5867%
The United States government requires all federal systems to have a customized security plan. In addition, the National Training Standard for Information Systems Security (INFOSEC) Professionals requires programs that meet this standard to produce students capable of developing a security plan. The Naval Postgraduate School (NPS) teaches courses that comply with several CNSS standards, and therefore requires students to develop a security plan for a hypothetical scenario. Experience in these courses has shown that the same strategies for teaching high school students how to write a research report can successfully be used to teach university students how to write a security plan that is compliant with NIST guidelines.

Evaluating the usability and security of a video CAPTCHA

Kluever, Kurt Alfred
Fonte: Rochester Instituto de Tecnologia Publicador: Rochester Instituto de Tecnologia
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
465.81605%
A CAPTCHA is a variation of the Turing test, in which a challenge is used to distinguish humans from computers (`bots') on the internet. They are commonly used to prevent the abuse of online services. CAPTCHAs discriminate using hard articial intelligence problems: the most common type requires a user to transcribe distorted characters displayed within a noisy image. Unfortunately, many users and them frustrating and break rates as high as 60% have been reported (for Microsoft's Hotmail). We present a new CAPTCHA in which users provide three words (`tags') that describe a video. A challenge is passed if a user's tag belongs to a set of automatically generated ground-truth tags. In an experiment, we were able to increase human pass rates for our video CAPTCHAs from 69.7% to 90.2% (184 participants over 20 videos). Under the same conditions, the pass rate for an attack submitting the three most frequent tags (estimated over 86,368 videos) remained nearly constant (5% over the 20 videos, roughly 12.9% over a separate sample of 5146 videos). Challenge videos were taken from YouTube.com. For each video, 90 tags were added from related videos to the ground-truth set; security was maintained by pruning all tags with a frequency 0.6%. Tag stemming and approximate matching were also used to increase human pass rates. Only 20.1% of participants preferred text-based CAPTCHAs...

Experience with software watermarking

Palsberg, Jens; Krishnaswamy, Sowmya; Kwon, Minseok; Ma, Di; Shao, Qiuyun; Zhang, Yi
Fonte: IEEE: Proceedings of the Annual Computer Security Applications Conference Publicador: IEEE: Proceedings of the Annual Computer Security Applications Conference
Tipo: Proceedings
Português
Relevância na Pesquisa
466.33117%
©2000 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. …………………………………………………………………………………………………………………………………………………............................................. "Experience in Software Watermarking," Proceedings of the Annual Computer Security Applications Conference (ACSAC). December 2000.; 2000 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.; Applied Computer Security Associates