Relevant bibliographies by topics / Application security verification standard

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Application security verification standard'

Author: Grafiati
Published: 4 June 2021
Last updated: 13 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Application security verification standard.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Application security verification standard"

1

Hamdy, Safuat. "Der OWASP Application Security Verification Standard." Datenschutz und Datensicherheit - DuD 36, no. 11 (October 23, 2012): 797–800. http://dx.doi.org/10.1007/s11623-012-0274-4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Bicaku, Ani, Markus Tauber, and Jerker Delsing. "Security standard compliance and continuous verification for Industrial Internet of Things." International Journal of Distributed Sensor Networks 16, no. 6 (June 2020): 155014772092273. http://dx.doi.org/10.1177/1550147720922731.

Full text
Abstract:
Due to globalization and digitalization of industrial systems, standard compliance is gaining more attention. In order to stay competitive and remain in business, different sectors within industry are required to comply with multiple regulations. Compliance aims to fulfill regulations by including all measures imposed by laws and standards. Every device, application, or service implements several technologies at many levels, and standards support interoperability across them. They help to create global markets for industries and enable networked development in order to be successful and sustainable. This work highlights the importance of standard compliance and continuous verification in industrial Internet of Things and implements an automatic monitoring and standard compliance verification framework. In this work, we focus on security, safety, and organizational aspects of industrial Internet of Things. We identify a number of standards and best practice guidelines, which are used to extract security, safety, and organizational measurable indicator points. In addition, a metric model is provided that forms the basis for the necessary information needed for compliance verification, including requirements, standards, and metrics. Also, we present the prototype of the monitoring and standard compliance verification framework used to show the security compliance of an industrial Internet of Things use case.
APA, Harvard, Vancouver, ISO, and other styles
3

Jendrian, Kai. "Überprüfung von Webanwendungen mit dem „OWASP Application Security Verification Standard 2009“." Datenschutz und Datensicherheit - DuD 34, no. 3 (February 24, 2010): 138–42. http://dx.doi.org/10.1007/s11623-010-0022-6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Garmash, D. V., G. A. Maleeva, and S. O. Kandiy. "Draft of Rainbow electronic signature standard and its main properties and application possibilities." Radiotekhnika, no. 203 (December 23, 2020): 82–90. http://dx.doi.org/10.30837/rt.2020.4.203.07.

Full text
Abstract:
According to the results of the second stage of the international competition for research and development of standards for asymmetric cryptographic transformations of the post-quantum period, the Rainbow electronic signature (ES) mechanism received a positive assessment and recognition as a finalist. Its important advantages over other post-quantum ESs consist in less complexity of direct and inverse transformations, i.e., signature generation and verification, as well as significantly reduced signature length. At the same time, the length of its public key is quite large. Therefore, it is thought that Rainbow is not suitable as a general-purpose ES algorithm to replace the algorithms currently defined in FIPS 186-4. In particular, large public keys make certificate chains extremely large. However, there are applications that do not need to send keys too often, so this disadvantage in these cases may be insignificant. Under these conditions, the Rainbow ES mechanism can find application, including that one increasing the diversity of postquantum ESs. Also, it is significantly problematic to limit the security levels of Rainbow ES 256 bits against classical and 128 bits against quantum cryptanalysis. The subject of this article is the analysis and generalization of designs of the Oil-Vinegar public key authentication systems mechanism based on the Rainbow ES use. This is an important direction in creating secure and efficient authentication systems for practical applications using public keys, such as inexpensive smart cards, when speed is required in the production and verification of ES. A feature of such authentication mechanism is the implementation of the idea of a multilevel Oil-Vinegar system. It is believed that the ES-based authentication system should be more secure in terms of cryptographic stability and more efficient in terms of widespread use in low-power, etc. applications. The importance of solving this problem lies in the potential use of the Rainbow mechanism as a secure and highly efficient public-key authentication system based on ES.
APA, Harvard, Vancouver, ISO, and other styles
5

Remlein, Piotr, and Urszula Stachowiak. "Security Verification in the Context of 5G Sensor Networks." Journal of Telecommunications and Information Technology 2 (March 30, 2021): 107–19. http://dx.doi.org/10.26636/jtit.2021.153221.

Full text
Abstract:
In order to develop reliable safety standards for 5G sensor networks (SN) and the Internet of Things, appropriate verification tools are needed, including those offering the ability to perform automated symbolic analysis process. The Tamarin prover is one of such software-based solutions. It allows to formally prove security protocols. This paper shows the modus operandi of the tool in question. Its application has been illustrated using an example of an exchange of messages between two agents, with asynchronous encryption. The scheme may be implemented, for instance, in the TLS/DTLS protocol to create a secure cryptographic key exchange mechanism. The aim of the publication is to demonstrate that automated symbolic analysis may be relied upon to model 5G sensor networks security protocols. Also, a use case in which the process of modeling the DTLS 1.2 handshake protocol enriched with the TCP SYN Cookies mechanism, used to preventing DoS attacks, is presented
APA, Harvard, Vancouver, ISO, and other styles
6

Vikhe, Ms Prajakta. "Secured Application Environment using Enhanced Graphical Passwords." International Journal for Research in Applied Science and Engineering Technology 9, no. VI (June 20, 2021): 1462–69. http://dx.doi.org/10.22214/ijraset.2021.35293.

Full text
Abstract:
Today computer and mobile based applications has become an integral part of our life. Thus, there arises a need of a reliable security while using these applications using authentication techniques that are most secured and hard to crack. Today many authentication techniques are introduced for better security and replace textual authentication technique. But these techniques are proving insufficient, so new ways should be studied and introduced for better security. So, we are concentrating on two such techniques, first we studied graphical authentication systems using images. The one such technique called gRat which uses set of images for authentication was found to be useful. The second for searching a different authentication technique we came across ENP which explains how to provide security using to an application by using hashing, ascii, negation and cryptography together for a secured application. So, we find out that one technique is insufficient and more than two techniques should be combined together. So, in this paper we are recommending a dual authentication technique. First technique will be used for login id and other will be used for login password. The first technique uses a set of images with specific border colors for authentication and is called Graphical random authentication technique (gRat). In this technique a set of images with different boundary colors are displayed for the user which are shown randomly each time a user attempts a login ID. The user has to select the same set of images with same boundary color in same format for login ID verification than only second technique for login password will be shown. The second technique uses encryption and negative password together called as Encrypted negative password (ENP). In this technique while deciding a password a plain textual password is accepted from the user and then it is converted to hash code using hashing algorithm. Then the hash code is converted to an ascii code od 0’s and 1’s. Then negation is applied to the ascii where we get a negative text. The negative text is then encrypted. This process is followed in reverse while authentication. After second correct verification main application will be started. Both authentication data will be secured by Advanced encryption standard (AES) algorithm and saved on cloud. We are using public cloud Google drive as our cloud as it is free and more secured. Thus, while testing the application for authentication using both techniques together our system becomes very secured and almost unbreakable.
APA, Harvard, Vancouver, ISO, and other styles
7

Dewani, Amirita, Pirah Memon, Veena Kumari, Anum Arain, Ayaz Jiskani, and Sania Bhatti. "Keyless Smart Home: An application of Home Security and Automation." Oriental journal of computer science and technology 11, no. 2 (May 7, 2018): 107–14. http://dx.doi.org/10.13005/ojcst11.02.06.

Full text
Abstract:
The rapid and revolutionary advancement in technology has increased the demand for advanced ubiquitous mobile applications in our daily lives. Home automation system uses collective smart technology to elevate sphere of security and human living standards. Wireless Smart home systems have been prototyped by researchers to realize different applications in vast contexts. In this paper we propose a keyless smart home security system which uses Bluetooth as a communication protocol to automate door locks based on a security code and predefined user credentials. The system combines Android phone as a signal sender to dispatch the input signal from an end users side, Bluetooth communication module as signal receiver, ARDUINO microcontroller as CPU and servo motor and light emitting diodes as an output. The system integrates two modules: one of which is Arduino microcontroller which is responsible for authentication and verification of security code and allows servo motor to process the output according to the received input. The second is android Application which provides an interface to the user to set credentials and security code which is then transmitted to the Arduino microcontroller via Bluetooth technology. Since Arduino and Android are open source, hence implementation rate of the proposed system is inexpensive and feasible.
APA, Harvard, Vancouver, ISO, and other styles
8

Adil Yazdeen, Abdulmajeed, Subhi R. M. Zeebaree, Mohammed Mohammed Sadeeq, Shakir Fattah Kak, Omar M. Ahmed, and Rizgar R. Zebari. "FPGA Implementations for Data Encryption and Decryption via Concurrent and Parallel Computation: A Review." Qubahan Academic Journal 1, no. 2 (March 15, 2021): 8–16. http://dx.doi.org/10.48161/qaj.v1n2a38.

Full text
Abstract:
In recent days, increasing numbers of Internet and wireless network users have helped accelerate the need for encryption mechanisms and devices to protect user data sharing across an unsecured network. Data security, integrity, and verification may be used due to these features. In internet traffic encryption, symmetrical block chips play an essential role. Data Encryption Standard (DES) and Advanced Encryption Standard (AES) ensure privacy encryption underlying data protection standards. The DES and the AES provide information security. DES and AES have the distinction of being introduced in both hardware and applications. DES and AES hardware implementation has many advantages, such as increased performance and improved safety. This paper provides an exhaustive study of the implementation by DES and AES of field programming gate arrays (FPGAs) using both DES and AES. Since FPGAs can be defined as just one mission, computers are superior to them.
APA, Harvard, Vancouver, ISO, and other styles
9

KASHTANOV, Serhii F., Yury O. POLUKAROV, Oleksiy I. POLUKAROV, Liudmyla O. MITIUK, and Nataliia F. KACHYNSKA. "Specifics of modern security requirements for software of electronic machine control systems." INCAS BULLETIN 13, S (August 3, 2021): 87–97. http://dx.doi.org/10.13111/2066-8201.2021.13.s.9.

Full text
Abstract:
The required level of safety of machines and mechanisms is achieved through the use of appropriate safety management systems for industrial equipment, including programmable electronic ones. Such systems usually include a variety of security devices for managing industrial equipment settings. Since electronic control systems are currently considered the most promising control systems in this area, the study of the security parameters of their application support determines the relevance of this study. This study analyses the main requirements of IEC 61508 and IEC 62061 standards for compliance with modern safety requirements of embedded and applied software for electronic control systems of machines and mechanisms. This study proposes an algorithm for step-by-step implementation of software for electronic machine control systems in accordance with basic security standards for both built-in and application software. Testing has been determined as the main method of verification of application software. Based on the results of the analysis, it was found that the specification of security requirements, both built-in and application software, should highlight the necessary characteristics of each subsystem, providing information that allows choosing the equipment that meets existing security requirements. Relevant recommendations are given on the specifics of practical application of these standards.
APA, Harvard, Vancouver, ISO, and other styles
10

Pan, Mingming, Shiming Tian, Jindou Yuan, and Songsong Chen. "Simulation of Dynamic User Network Connection Anti-Interference and Security Authentication Method Based on Ubiquitous Internet of Things." Mathematical Problems in Engineering 2021 (June 21, 2021): 1–8. http://dx.doi.org/10.1155/2021/5687208.

Full text
Abstract:
Ubiquitous Internet of Things includes criteria, applications, and technologies for providing standard data. The system can be used to establish a comprehensive data database to facilitate people to better analyze, organize, and use these data, so as to improve the reliability and sharing of data, to provide better services for users. The purpose of this study is to propose and establish a specific and reliable data exchange program to ensure the security of data exchange. Data security is to ensure the reliability of specific security exchange process. The emphasis of this study is the reliability analysis method and the verification method of exchange process behavior. Based on the analysis of all abnormal phenomena in the Internet of Things traffic, the basic characteristics of network traffic, the basic properties of network traffic, and the theory of multiterminal power communication network anti-interference model construction and noninterference model, the simulation experiment of anti-interference and security authentication method is carried out. The results show that, with the increase of the number of antennas, the false detection probability decreases from 10−1 to 10−4, which can achieve better performance in the detection of active users. When network is used in applications, HTTP + SSL is the most widely used application for data authentication and security authentication. The market of anti-interference technology is developing rapidly. The complex annual growth rate almost doubled in the international market, and the market scale was significantly expanded, with an annual growth rate of about 50%.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Application security verification standard"

1

Christiaens, Steven A. "Evaluating the Security of Smart Home Hubs." BYU ScholarsArchive, 2015. https://scholarsarchive.byu.edu/etd/5631.

Full text
Abstract:
The goal of this research is to improve the security of smart home hubs by developing a standard against which hubs can be evaluated. This was done by first reviewing existing standards, guides, and collections of best practices. I determined that adapting or extending an existing standard was the best way to proceed. Potential candidates were selected, and after thorough comparison, I chose to extend the OWASP Application Security Verification Standard (ASVS). Extensions were composed of additional security requirements to address smart home hub functionality not covered by the existing requirements of the ASVS. These additional requirements were developed based upon existing best practices and are referred to as the Smart Home Extensions. Where a best practice or guidance did not yet exist for a particular hub functionality, guidance from related fields was adapted. The entire set of Smart Home Extensions were reviewed by industry experts, updated based on feedback, and then sent on for further peer review. Four smart home hubs – VeraLite, Wink, Connect, and SmartThings – were evaluated using the ASVS with the Smart Home Extensions. The evaluation uncovered security vulnerabilities in all four hubs, some previously disclosed by other researchers, and others new. Analysis of the evaluation data suggests that authentication is a common problem area, among others. Based on the performance of the hubs and the data collected, I suggest that the ASVS and Smart Home Extensions can be an effective tool to provide insight into the security posture of smart home hubs.
APA, Harvard, Vancouver, ISO, and other styles
2

Frazier, Edward Snead. "Assessing Security Vulnerabilities: An Application of Partial and End-Game Verification and Validation." Thesis, Virginia Tech, 2010. http://hdl.handle.net/10919/31849.

Full text
Abstract:
Modern software applications are becoming increasingly complex, prompting a need for expandable software security assessment tools. Violable constraints/assumptions presented by Bazaz [1] are expandable and can be modified to fit the changing landscape of software systems. Partial and End-Game Verification, Validation, and Testing (VV&T) strategies utilize the violable constraints/assumptions and are established by this research as viable software security assessment tools. The application of Partial VV&T to the Horticulture Club Sales Assistant is documented in this work. Development artifacts relevant to Partial VV&T review are identified. Each artifact is reviewed for the presence of constraints/assumptions by translating the constraints/assumptions to target the specific artifact and software system. A constraint/assumption review table and accompanying status nomenclature are presented that support the application of Partial VV&T. Both the constraint/assumption review table and status nomenclature are generic, allowing them to be used in applying Partial VV&T to any software system. Partial VV&T, using the constraint/assumption review table and associated status nomenclature, is able to effectively identify software vulnerabilities. End-Game VV&T is also applied to the Horticulture Club Sales Assistant. Base test strategies presented by Bazaz [1] are refined to target system specific resources such as user input, database interaction, and network connections. Refined test strategies are used to detect violations of the constraints/assumptions within the Horticulture Club Sales Assistant. End-Game VV&T is able to identify violation of constraints/assumptions, indicating vulnerabilities within the Horticulture Club Sales Assistant. Addressing vulnerabilities identified by Partial and End-Game VV&T will enhance the overall security of a software system.
Master of Science
APA, Harvard, Vancouver, ISO, and other styles
3

Shaffer, Alan B. "An application of Alloy to static analysis for secure information flow and verification of software systems." Monterey, Calif. : Naval Postgraduate School, 2008. http://edocs.nps.edu/npspubs/scholarly/dissert/2008/Dec/08Dec%5FShaffer_PhD.pdf.

Full text
Abstract:
Dissertation (Ph.D. in Computer Science)--Naval Postgraduate School, December 2008.
Dissertation Supervisor: Auguston, Mikhail. "December 2008." Description based on title screen as viewed on January 29, 2009. Includes bibliographical references (p. 87-93). Also available in print.
APA, Harvard, Vancouver, ISO, and other styles
4

Tarigopula, Mohan Krishna. "Integrity Verification of Applications on RADIUM Architecture." Thesis, University of North Texas, 2015. https://digital.library.unt.edu/ark:/67531/metadc804915/.

Full text
Abstract:
Trusted Computing capability has become ubiquitous these days, and it is being widely deployed into consumer devices as well as enterprise platforms. As the number of threats is increasing at an exponential rate, it is becoming a daunting task to secure the systems against them. In this context, the software integrity measurement at runtime with the support of trusted platforms can be a better security strategy. Trusted Computing devices like TPM secure the evidence of a breach or an attack. These devices remain tamper proof if the hardware platform is physically secured. This type of trusted security is crucial for forensic analysis in the aftermath of a breach. The advantages of trusted platforms can be further leveraged if they can be used wisely. RADIUM (Race-free on-demand Integrity Measurement Architecture) is one such architecture, which is built on the strength of TPM. RADIUM provides an asynchronous root of trust to overcome the TOC condition of DRTM. Even though the underlying architecture is trusted, attacks can still compromise applications during runtime by exploiting their vulnerabilities. I propose an application-level integrity measurement solution that fits into RADIUM, to expand the trusted computing capability to the application layer. This is based on the concept of program invariants that can be used to learn the correct behavior of an application. I used Daikon, a tool to obtain dynamic likely invariants, and developed a method of observing these properties at runtime to verify the integrity. The integrity measurement component was implemented as a Python module on top of Volatility, a virtual machine introspection tool. My approach is a first step towards integrity attestation, using hypervisor-based introspection on RADIUM and a proof of concept of application-level measurement capability.
APA, Harvard, Vancouver, ISO, and other styles
5

Debant, Alexandre. "Symbolic verification of distance-bounding protocols : application to payment protocols." Thesis, Rennes 1, 2020. http://www.theses.fr/2020REN1S057.

Full text
Abstract:
L’essor des nouvelles technologies, et en particulier la Communication en Champ Proche (NFC), a permis l’apparition de nouvelles applications. Á ce titre, nous pouvons mentionner le paiement sans contact, les clefs mains libres ou encore les carte d’abonnement dans les transports en commun. Afin de sécuriser l’ensemble de ces applications, des protocoles de sécurité, appelés protocoles délimiteurs de distance on été développés. Ces protocoles ont pour objectif d’assurer la proximité physique des appareils mis en jeu afin protocole cryptographique, protocole de paiement de limiter le risque d’attaque. Dans ce manuscrit, nous présentons diverses approches permettant une analyse formelle de ces protocoles. Dans ce but, nous proposons un modèle symbolique permettant une modélisation précise du temps ainsi que des positions dans l’espace de chaque participant. Nous proposons ensuite deux approches : la première développant une nouvelle procédure de vérification, la seconde permettant la ré-utilisation d’outils existants tels que Proverif. Tout au long de ce manuscrit, nous porterons une attention parti- culières aux protocoles de paiement sans contact
The rise of new technologies, and in particular Near Field Communication (NFC) tags, offers new applications such as contactless payments, key-less entry systems, transport ticketing... Due to their security concerns, new security protocols, called distance-bounding protocols, have been developed to ensure the physical proximity of the de- vices during a session. In order to prevent flaws and attacks, these protocols require formal verification. In this manuscript, we present several techniques that allow for an automatic verification of such protocols. To this aim, we first present a symbolic model which faithfully models time and locations. Then we develop two approaches : either ba- sed on a new verification procedure, or leveraging existing tools like Proverif. Along this manuscript, we pay a particular attention to apply our results to contactless payment protocols
APA, Harvard, Vancouver, ISO, and other styles
6

Konstantaras, Dimitrios, and Mustafa Tahir. "Securing Network Connected Applications with Proposed Security Models." Thesis, Växjö University, School of Mathematics and Systems Engineering, 2008. http://urn.kb.se/resolve?urn=urn:nbn:se:vxu:diva-2022.

Full text
Abstract:

In today’s society, serious organizations need protection against both internal and external attacks. There are many different technologies available that organizations can incorporate into their organization in order to enhance security for their networking applications. Unfortunately, security is way to often considered as an afterthought and therefore implemented as an external part of the applications. This is usually performed by introducing general security models and technologies.

However, an already developed, well structured and considered security approach – with proper implementation of security services and mechanisms – different security models can be used to apply security

within the security perimeter of an organization. It can range from built into the application to the edge of a private network, e.g. an appliance. No matter the choice, the involved people must possess security expertise to deploy the proposed security models in this paper, that have the soul purpose to secure applications.

By using the Recommendation X.800 as a comparison framework, the proposed models will be analyzed in detail and evaluated of how they provide the security services concerned in X.800. By reasoning about what security services that ought to be implemented in order to prevent or detect diverse security attacks, the organization needs to carry out a security plan and have a common understanding of the defined security policies.

An interesting finding during our work was that, using a methodology that leads to low KLOC-values results in high security, though low KLOC-values and high security go hand-in-hand.

APA, Harvard, Vancouver, ISO, and other styles
7

Yang, Xiaokun. "A High Performance Advanced Encryption Standard (AES) Encrypted On-Chip Bus Architecture for Internet-of-Things (IoT) System-on-Chips (SoC)." FIU Digital Commons, 2016. http://digitalcommons.fiu.edu/etd/2477.

Full text
Abstract:
With industry expectations of billions of Internet-connected things, commonly referred to as the IoT, we see a growing demand for high-performance on-chip bus architectures with the following attributes: small scale, low energy, high security, and highly configurable structures for integration, verification, and performance estimation. Our research thus mainly focuses on addressing these key problems and finding the balance among all these requirements that often work against each other. First of all, we proposed a low-cost and low-power System-on-Chips (SoCs) architecture (IBUS) that can frame data transfers differently. The IBUS protocol provides two novel transfer modes – the block and state modes, and is also backward compatible with the conventional linear mode. In order to evaluate the bus performance automatically and accurately, we also proposed an evaluation methodology based on the standard circuit design flow. Experimental results show that the IBUS based design uses the least hardware resource and reduces energy consumption to a half of an AMBA Advanced High-Performance Bus (AHB) and Advanced eXensible Interface (AXI). Additionally, the valid bandwidth of the IBUS based design is 2.3 and 1.6 times, respectively, compared with the AHB and AXI based implementations. As IoT advances, privacy and security issues become top tier concerns in addition to the high performance requirement of embedded chips. To leverage limited resources for tiny size chips and overhead cost for complex security mechanisms, we further proposed an advanced IBUS architecture to provide a structural support for the block-based AES algorithm. Our results show that the IBUS based AES-encrypted design costs less in terms of hardware resource and dynamic energy (60.2%), and achieves higher throughput (x1.6) compared with AXI. Effectively dealing with the automation in design and verification for mixed-signal integrated circuits is a critical problem, particularly when the bus architecture is new. Therefore, we further proposed a configurable and synthesizable IBUS design methodology. The flexible structure, together with bus wrappers, direct memory access (DMA), AES engine, memory controller, several mixed-signal verification intellectual properties (VIPs), and bus performance models (BPMs), forms the basic for integrated circuit design, allowing engineers to integrate application-specific modules and other peripherals to create complex SoCs.
APA, Harvard, Vancouver, ISO, and other styles
8

Hamdi, Hedi. "Une architecture logicielle et un langage métier pour la sécurité à base de politiques dans les systèmes distribués." Thesis, Bordeaux 1, 2009. http://www.theses.fr/2009BOR13764.

Full text
Abstract:
Les systèmes distribués supportent l'exécution d'un grand nombre d'applications pouvant avoir des contraintes d'exécution différentes. La sécurité pour ces systèmes possède une influence déterminante sur les performances et la qualité de service de ces applications. Le recours à la sécurité à base de politiques pour sécuriser ces systèmes est particulièrement attrayant. Toutefois, cette approche implique la spécification et le déploiement de politiques, qui reste une tâche laborieuse, souvent propice aux erreurs, et requiert une connaissance approfondie des mécanismes de sécurité. Dans cette thèse nous proposons un cadre pour la spécification, la vérification et l'implémentation des politiques pour la sécurité des systèmes distribués. Ce cadre repose sur un langage de spécification de politiques nommé PPL (Policy Programming Language) et une architecture de déploiement de politiques. Cette architecture se base sur le langage PPL et offre un support pour la compilation de politiques dans différents mécanismes d'implémentation en tenant compte des exigences de l'application ou du service sous-jacent. Elle permet par ailleurs une attribution automatique des politiques de sécurité aux composants d'implémentation. Le langage métier PPL fournit quant à lui des abstractions spécifiques pour permettre la spécification de politiques de sécurité facilitant ainsi leur développement et leur intégration dans le support de déploiement. Il est déclaratif, robuste, fortement expressif, et permet plusieurs possibilités de vérification. Il est aussi doté d'une sémantique formelle, qui permet de valider, vérifier et prouver les propriétés et les règles de sécurité d'une politique
Distributed systems support the execution of a large number of applications that have different performance constraints. Security for these systems has a decisive influence on the performance and quality of service of such applications. The use of security-based policies to secure these systems is particularly attractive. However, this approach involves the specification and the deployment of policies, which remains a laborious task, often conducive to error, and requires a thorough knowledge of security mechanisms. In this thesis we propose a framework for specification, verification and implementation of security policies for distributed systems. This framework is based on a policy specification language called PPL (Policy Programming Language) and an architecture of policies deployment. This architecture is based on PPL language and offers a support for the compilation of policies in different mechanisms of implementation, taking into account the requirements of the application or the underlying service. It also enables automatic distribution of security policies to their implementation components. The PPL language provides specific abstractions to allow the specification of security policies and facilitating their development and integration in the deployment support. It is declarative, robust, highly expressive, and allows several possibilities of verification. It also has a formal semantic, which allows you to validate, verify and prove the properties of a security policy
APA, Harvard, Vancouver, ISO, and other styles
9

Daniel, Christy Sarmiento. "Development and application of quality standard procedures ((operation,, verification and maintenance)) for an LC--MS system." Master's thesis, 2010. http://hdl.handle.net/10400.1/10741.

Full text
Abstract:
In this work, the standard procedures required for the operation, verification and maintenance of a liquid chromatography coupled to mass spectrometry system have been developed. These procedures have been designed and prepared with the aim to establish a quality control system to ensure the proper functioning of each component of the instrumentation, the LC and the MS, and to verify the performance of the LC-MS coupling. For this purpose, standard procedures were elaborated and proved in the normal routine laboratory work to evaluate their real applicability. Moreover, the verification of the performance of the LC-MS system was carried out experimentally through an in-house procedure based on the analysis of naphthylacetics.
APA, Harvard, Vancouver, ISO, and other styles
10

Holewa, Laura. "Angular Anisotropy of Correlated Neutrons in Lab Frame of Reference and Application to Detection and Verification." Thesis, 2012. http://hdl.handle.net/1969.1/ETD-TAMU-2012-05-11211.

Full text
Abstract:
It has been shown that neutrons emitted from the same 252Cf fission event are preferentially detected within small angles of each other and at angles around 180 degrees. The distribution of this angular anisotropy is dependent upon the nuclide emitting the neutrons. Coincident neutrons can be detected from a shielded source, so a study of the angular anisotropy between coincident neutrons is useful for this context. This could allow for the dynamic determination of the ratio of the rate of (alpha,n) neutron production to the spontaneous fission neutron production (designated alpha) used in neutron coincidence counting for safeguards. This could also be used to identify neutron emitting isotopes in a homeland security application. An angular frequency distribution for coincident neutrons was produced via experiments using an array of cylindrical liquid scintillators and a 252Cf source. It was found, in accordance with previous experiments, that the angular frequency distribution peaks at small angles and at angles around 180 degrees. A Monte Carlo, physics-based simulation program was created to simulate the distribution of angles between neutrons from the same fission event from 252Cf and 240Pu sources. The resulting distributions were clearly distinguishable from each other. The code was benchmarked to measured results from a 252Cf source at Lawrence Livermore National Laboratory. Knowledge of the unique angular distributions of coincident neutrons from various fissioning sources is useful for identification and verification purposes. Another practical application of angular anisotropy information for coincident neutrons from a given source is determining the ratio of the (alpha,n) to spontaneous fission rates for a source undergoing neutron coincidence counting. The utility of this was verified by using measurements made by faculty and students of the University of Michigan Nuclear Engineering Department for a MOX fuel pin at the Joint Research Center in Ispra, Italy. Good agreement between the predicted and declared values for alpha was found.
APA, Harvard, Vancouver, ISO, and other styles

Books on the topic "Application security verification standard"

1

Helger, Lipmaa, and SpringerLink (Online service), eds. E-Voting and Identity: Third International Conference, VoteID 2011, Tallinn, Estonia, September 28-30, 2011, Revised Selected Papers. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

United States. Environmental Protection Agency. Office of Research and Development., ed. Environmental technology verification statement: Technology type, rechargeable alkaline household battery : application, 1.5 volt batteries in standard sizes AAA, AA, C, and D : technology name, Renewal. Washington, D.C: U.S. Environmental Protection Agency, Office of Research and Development, 1999.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

United States. Environmental Protection Agency. Office of Research and Development, ed. Environmental technology verification statement: Technology type, rechargeable alkaline household battery : application, 1.5 volt batteries in standard sizes AAA, AA, C, and D : technology name, Renewal. Washington, D.C: U.S. Environmental Protection Agency, Office of Research and Development, 1999.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Kiayias, Aggelos, and Helger Lipmaa. E-Voting and Identity: Third International Conference, VoteID 2011, Tallinn, Estonia, September 28-20, 2011, Revised Selected Papers. Springer, 2012.

Find full text
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Application security verification standard"

1

Karati, Sabyasachi, Abhijit Das, and Dipanwita Roychoudhury. "Randomized Batch Verification of Standard ECDSA Signatures." In Security, Privacy, and Applied Cryptography Engineering, 237–55. Cham: Springer International Publishing, 2014. http://dx.doi.org/10.1007/978-3-319-12060-7_16.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Camenisch, Jan, Manu Drijvers, Petr Dzurenda, and Jan Hajny. "Fast Keyed-Verification Anonymous Credentials on Standard Smart Cards." In ICT Systems Security and Privacy Protection, 286–98. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-22312-0_20.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Gunawan, Linda Ariani, and Peter Herrmann. "Compositional Verification of Application-Level Security Properties." In Lecture Notes in Computer Science, 75–90. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013. http://dx.doi.org/10.1007/978-3-642-36563-8_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Karati, Sabyasachi, and Abhijit Das. "Faster Batch Verification of Standard ECDSA Signatures Using Summation Polynomials." In Applied Cryptography and Network Security, 438–56. Cham: Springer International Publishing, 2014. http://dx.doi.org/10.1007/978-3-319-07536-5_26.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Bettassa Copet, Piergiuseppe, and Riccardo Sisto. "Automated Formal Verification of Application-specific Security Properties." In Lecture Notes in Computer Science, 45–59. Cham: Springer International Publishing, 2014. http://dx.doi.org/10.1007/978-3-319-04897-0_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Salleh, Mazleena, and Teoh Chin Yew. "Application of 2D Barcode in Hardcopy Document Verification System." In Advances in Information Security and Assurance, 644–51. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-02617-1_65.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Wu, Lijun, Kaile Su, and Qingliang Chen. "Model Checking Temporal Logics of Knowledge and Its Application in Security Verification." In Computational Intelligence and Security, 349–54. Berlin, Heidelberg: Springer Berlin Heidelberg, 2005. http://dx.doi.org/10.1007/11596448_50.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Rao, Xue, Ning Xi, Jing Lv, and Pengbin Feng. "Compositional Information Flow Verification for Inter Application Communications in Android System." In Machine Learning for Cyber Security, 239–52. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-30619-9_17.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Girol, Guillaume, Benjamin Farinier, and Sébastien Bardin. "Not All Bugs Are Created Equal, But Robust Reachability Can Tell the Difference." In Computer Aided Verification, 669–93. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-81685-8_32.

Full text
Abstract:
AbstractThis paper introduces a new property called robust reachability which refines the standard notion of reachability in order to take replicability into account. A bug is robustly reachable if a controlled input can make it so the bug is reached whatever the value of uncontrolled input. Robust reachability is better suited than standard reachability in many realistic situations related to security (e.g., criticality assessment or bug prioritization) or software engineering (e.g., replicable test suites and flakiness). We propose a formal treatment of the concept, and we revisit existing symbolic bug finding methods through this new lens. Remarkably, robust reachability allows differentiating bounded model checking from symbolic execution while they have the same deductive power in the standard case. Finally, we propose the first symbolic verifier dedicated to robust reachability: we use it for criticality assessment of 4 existing vulnerabilities, and compare it with standard symbolic execution.
APA, Harvard, Vancouver, ISO, and other styles
10

Mantilla Blanco, Sebastián. "Scope of Application of the Customary Standard: Conceptual Framework." In Full Protection and Security in International Investment Law, 145–63. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-24838-3_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Application security verification standard"

1

Elder, Sarah, Nusrat Zahan, Valeri Kozarev, Rui Shu, Tim Menzies, and Laurie Williams. "Structuring a Comprehensive Software Security Course Around the OWASP Application Security Verification Standard." In 2021 IEEE/ACM 43rd International Conference on Software Engineering: Software Engineering Education and Training (ICSE-SEET). IEEE, 2021. http://dx.doi.org/10.1109/icse-seet52601.2021.00019.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Kulik, Tomas, Peter W. V. Tran-Jorgensen, and Jalil Boudjadar. "Compliance verification of a cyber security standard for Cloud-connected SCADA." In 2019 Global IoT Summit (GIoTS). IEEE, 2019. http://dx.doi.org/10.1109/giots.2019.8766363.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Al-Shammari, Ali Fawzi Najm, Adolfo Villafiorita, and Komminist Weldemariam. "Towards an Open Standard Vote Verification Framework in Electronic Voting Systems." In 2012 Seventh International Conference on Availability, Reliability and Security (ARES). IEEE, 2012. http://dx.doi.org/10.1109/ares.2012.42.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Li Chen and Xiaoxue Li. "Verification method of security protocols and its application." In 2010 IEEE International Conference on Intelligent Computing and Intelligent Systems (ICIS 2010). IEEE, 2010. http://dx.doi.org/10.1109/icicisys.2010.5658265.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Washizaki, Hironori. "Security patterns: Research direction, metamodel, application and verification." In 2017 International Workshop on Big Data and Information Security (IWBIS). IEEE, 2017. http://dx.doi.org/10.1109/iwbis.2017.8275094.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Sun, Maoheng, and Yicheng Qian. "Study and Application of Security Based on ZigBee Standard." In 2011 3rd International Conference on Multimedia Information Networking and Security (MINES). IEEE, 2011. http://dx.doi.org/10.1109/mines.2011.79.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Alouani, Ali T. "Application of computer vision to automatic prescription verification in pharmaceutical mail order." In Defense and Security, edited by Zia-ur Rahman, Robert A. Schowengerdt, and Stephen E. Reichenbach. SPIE, 2005. http://dx.doi.org/10.1117/12.603417.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Morimoto, Shoichi, Shinjiro Shigematsu, Yuichi Goto, and Jingde Cheng. "A security specification verification technique based on the international standard ISO/IEC 15408." In the 2006 ACM symposium. New York, New York, USA: ACM Press, 2006. http://dx.doi.org/10.1145/1141277.1141701.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Studer, Thomas. "An Application of Justification Logic to Protocol Verification." In 2011 Seventh International Conference on Computational Intelligence and Security (CIS). IEEE, 2011. http://dx.doi.org/10.1109/cis.2011.177.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Promyslov, Vitaly G. "Tool for I&C system security policy verification." In 2015 9th International Conference on Application of Information and Communication Technologies (AICT). IEEE, 2015. http://dx.doi.org/10.1109/icaict.2015.7338550.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Application security verification standard"

1

Saint-Andre, P., and J. Hodges. Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS). RFC Editor, March 2011. http://dx.doi.org/10.17487/rfc6125.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Application security verification standard' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography