To see the other types of publications on this topic, follow the link: Cybersecurity Framework (e.g.
Dissertations / Theses on the topic 'Cybersecurity Framework (e.g'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 47 dissertations / theses for your research on the topic 'Cybersecurity Framework (e.g.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Smith, Willarvis. "A Comprehensive Cybersecurity Defense Framework for Large Organizations." Diss., NSUWorks, 2019. https://nsuworks.nova.edu/gscis_etd/1083.
Full textAbstract:
There is a growing need to understand and identify overarching organizational requirements for cybersecurity defense in large organizations. Applying proper cybersecurity defense will ensure that the right capabilities are fielded at the right locations to safeguard critical assets while minimizing duplication of effort and taking advantage of efficiencies. Exercising cybersecurity defense without an understanding of comprehensive foundational requirements instills an ad hoc and in many cases conservative approach to network security. Organizations must be synchronized across federal and civil agencies to achieve adequate cybersecurity defense. Understanding what constitutes comprehensive cybersecurity defense will ensure organizations are better protected and more efficient.
This work, represented through design science research, developed a model to understand comprehensive cybersecurity defense, addressing the lack of standard requirements in large organizations. A systemic literature review and content analysis were conducted to form seven criteria statements for understanding comprehensive cybersecurity defense. The seven criteria statements were then validated by a panel of expert cyber defenders utilizing the Delphi consensus process. Based on the approved criteria, the team of cyber defenders facilitated the development of a Comprehensive Cybersecurity Defense Framework prototype for understanding cybersecurity defense. Through the Delphi process, the team of cyber defense experts ensured the framework matched the seven criteria statements. An additional and separate panel of stakeholders conducted the Delphi consensus process to ensure a non-biased evaluation of the framework.
The comprehensive cybersecurity defense framework is developed through the data collected from two distinct and separate Delphi panels. The framework maps risk management, behavioral, and defense in depth frameworks with cyber defense roles to offer a comprehensive approach to cyber defense in large companies, agencies, or organizations. By defining the cyber defense tasks, what those tasks are trying to achieve and where best to accomplish those tasks on the network, a comprehensive approach is reached.
2
Murray, Glenn Kristian. "Managing cybersecurity risk for critical infrastructure: A framework to secure critical infrastructure." Thesis, Edith Cowan University, Research Online, Perth, Western Australia, 2024. https://ro.ecu.edu.au/theses/2864.
Full textAbstract:
As cyber threats continue to evolve, the protection of critical infrastructure has become a paramount concern, particularly considering the devastating potential these threats hold. The 2024 cyberattack on Change Healthcare, which resulted in significant financial losses for UnitedHealth, $870 million in the first quarter alone and up to $1.6 billion for the year, highlights the urgent need for effective cybersecurity measures to safeguard essential services. This thesis investigates the cybersecurity maturity of Australian critical infrastructure healthcare and, food and grocery sectors., focusing on key areas such as governance, risk management, protective measures, detection capabilities, response and recovery protocols, compliance and assurance, and employee training and awareness.
This research employs a qualitative approach, using two rounds of semi-structured interviews with cybersecurity professionals, board members, and directors to gather in-depth insights into the current state of cybersecurity within these organisations. Thematic analysis conducted with Leximancer software identifies critical gaps in cybersecurity practices, particularly within the public sector, revealing systemic vulnerabilities that could be exploited by malicious actors.
A major contribution of this thesis is the development of the Cyber Security Maturity Model (CSMM), a framework designed to enhance the cybersecurity practices of critical infrastructure sectors. The CSMM suggests guidelines for policymakers, administrators, and cybersecurity professionals, enabling them to strengthen their organisations' defences and improve overall resilience against cyber threats.
The findings of this research confirm the need for comprehensive training programs, strategic planning, and better resource allocation to enhance cybersecurity resilience. This thesis offers a structured approach to addressing these challenges, contributing to the ongoing efforts to secure Australia's critical infrastructure. The insights and recommendations presented in this study contribute to the development of more robust cybersecurity strategies, ensuring the continued protection of essential services in an increasingly hostile cyber environment.
3
Kuznietsova, Tetiania, and Andrii Chyrkov. "State and perspectives of aircraft cybersecurity." Thesis, National aviation university, 2021. https://er.nau.edu.ua/handle/NAU/50678.
Full textAbstract:
During the latest events in the aviation world, where experts in the
field of cybersecurity (example) opened the possibility of gaining access
to the aircraft's on-board systems, industry experts (and not only)
thought about it. And we are doing quite a lot. There are many existing
guides that contain recommendations and practices, for example:
«Software Considerations in Airborne Systems and Equipment
Certification» contains recommendations for evaluating security and
assuring software quality. There is a separation of access, because all
systems are somehow connected to each other through the on-board
network (take at least maintenance to determine failures):
The FAA continues to consider the aircraft guidelines acceptable for
software certification, although they acknowledge that the guidelines do
not fully cover all areas of software development and life cycle
processes, and can sometimes be misinterpreted.
4
Camporesi, Mirko. "Securopoly: un gioco per l'insegnamento della Cybersecurity." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2017. http://amslaurea.unibo.it/13274/.
Full textAbstract:
All'interno della tesi sono presentati vari argomenti legati al mondo della sicurezza informatica e del suo insegnamento. Lo scopo di questo lavoro è presentare la tecnica della gamification e la sua applicazione nel panorama della cybersecurity moderna. Inoltre, viene proposto un gioco di società chiamato Securopoly che implementa le nozioni descritte e che è basato fortemente sul Framework Nazionale per la cybersecurity, un documento che pone gli standard che ogni organizzazione e ogni azienda dovrebbero soddisfare per essere all'avanguardia nel tentativo di difendersi da attacchi informatici.
5
Leon, Ryan James. "An Event Management Framework to Aid Solution Providers in Cybersecurity." Thesis, The George Washington University, 2018. http://pqdtopen.proquest.com/#viewpdf?dispub=10745141.
Full textAbstract:
<p> Cybersecurity event management is critical to the successful accomplishment of an organization’s mission. To put it in perspective, in 2016 Symantec tracked over 700 global adversaries and recorded events from 98 million sensors (Aimoto et al., 2017). Studies show that in 2015, more than 55% of the cyberattacks on government operation centers were due to negligence and the lack of skilled personnel to perform network security duties including the failure to properly identify events (Ponemon, 2015a). Practitioners are charged to perform as first responders to any event that affects the network. Inconsistencies and errors that occur at this level can determine the outcome of an event. </p><p> In a time when 91% of Americans believe they have lost control over how information is collected and secured, there is nothing more dangerous than thinking new technology is not vulnerable to attacks (Rainie, 2016). Assailants target those with weak security postures who are unprepared, distracted or lack fundamental elements to identify significant events and secure the environment. </p><p> Under executive order, to address these concerns organizations such as the National Institute of Standards and Technology (NIST) and International Organization of Standards (ISO) developed cybersecurity frameworks, which have been widely accepted as industry standards. These standards focus on business drivers to guide cybersecurity activities and risks within critical infrastructure. It outlines a set of cybersecurity activities, references, and outcomes that can be used to align its cyber activities with business requirements at a high-level. </p><p> This praxis explores the solution provider’s role in and method of securing environments through their event management practices. Solution providers are a critical piece of proper event management. They are often contracted to provide solutions that adhere to a NIST type framework with little to no guidance. There are supportive documents and guides for event management but nothing substantive like the Cybersecurity Framework and ISO 27001 has been adopted. Using existing processes and protocols an event management framework is proposed that can be utilized to properly manage events and aid solution providers in their cybersecurity mission. </p><p> Knowledge of event management was captured through subject matter expertise and supported through literature review and investigation. Statistical methods were used to identify deficiencies in cyber operations that would be worth addressing in an event management framework.</p><p>
6
Snyder, Justin Charles. "A Framework and Exploration of a Cybersecurity Education Escape Room." BYU ScholarsArchive, 2018. https://scholarsarchive.byu.edu/etd/6958.
Full textAbstract:
This thesis presents a review of educational-escape-room literature followed by a design-oriented framework (the Snyder Escape Room Framework or SERF) and demonstrates the potential efficacy of escape-rooms in cybersecurity education. Several authors have proposed frameworks and guidelines for game and educational design regarding escape rooms. This work coalesces some of those ideas into a more substantial and comprehensive framework (SERF) that designers can use when developing educational escape rooms. The Snyder Escape Room Framework provides heuristics for goals and objectives, players, activities, context, trajectory design, and evaluation. Additionally, this work describes and analyzes the novel prototyped BYU GCC escape room experience and delves into some of what was successful and what could be improved. The first sessions of the experience were observed and documented, and an expert review was performed. Participants did not gain much confidence in learning new technology; however, they did increase their confidence in using new technology through the experience. Participants did indeed learn from the experience, however, participants focused more on team-related concepts gained from the experience rather than the cybersecurity concepts introduced through the escape-room activities. Based on overwhelming positive responses, participants seemed to enjoy performing the experience. The BYU experience is evaluated against the Snyder Framework as an example of how to use the framework while designing or as a tool for evaluating. Using this framework systemizes and catalogues design choices and implications on the room and provides an informed approach for refinement. Applying the Snyder Escape Room Framework to the BYU experience provides further insight beyond just an expert review, and the BYU experience is a novel example to use with SERF. SERF gives a vocabulary and set of heuristics that help designers zero in on important design decisions. Using the framework provides a well-defined set of attributes for discussing the BYU experience and helps clarify what went well with the room and what could be improved upon. This is especially helpful when iterating on room design. The nature of Snyder Framework and this work is that it is multidisciplinary and touches a wide array of related fields and topics. Of note, are the implications of this work on educational games. The SERF can be used as a resource when designing similar experiences while the analysis of the BYU experience based on the SERF provides an example of how the framework can be used for evaluation and iteration.
7
Newby, Chandler Ryan. "Designing Cybersecurity Competitions in the Cloud: A Framework and Feasibility Study." BYU ScholarsArchive, 2018. https://scholarsarchive.byu.edu/etd/7417.
Full textAbstract:
Cybersecurity is an ever-expanding field. In order to stay current, training, development, and constant learning are necessary. One of these training methods has historically been competitions. Cybersecurity competitions provide a method for competitors to experience firsthand cybersecurity concepts and situations. These experiences can help build interest in, and improve skills in, cybersecurity. While there are diverse types of cybersecurity competitions, most are run with on-premise hardware, often centralized at a specific location, and are usually limited in scope by available hardware. This research focuses on the possibility of running cybersecurity competitions, specifically CCDC style competitions, in a public cloud environment. A framework for running cybersecurity competitions in general was developed and is presented in this research. The framework exists to assist those who are considering moving their competition to the cloud. After the framework was completed, a CCDC style competition was developed and run entirely in a public cloud environment. This allowed for a test of the framework, as well as a comparison against traditional, on-premise hosting of a CCDC. The cloud-based CCDC created was significantly less expensive than running a comparable size competition in on-premise hardware. Performance problems—typically endemic in traditionally-hosted CCDCs—were virtually non-existent. Other benefits, as well as potential contraindications, are also discussed. Another CCDC style competition, this one originally built for on-premise hardware, was then ported to the same public cloud provider. This porting process helped to further evaluate and enrich the framework. The porting process was successful, and data was added to the framework.
8
Tisdale, Susan M. "Architecting a Cybersecurity Management Framework| Navigating and Traversing Complexity, Ambiguity, and Agility." Thesis, Robert Morris University, 2018. http://pqdtopen.proquest.com/#viewpdf?dispub=10825513.
Full textAbstract:
<p> Despite advancements in technology, countermeasure, and situational awareness, cybersecurity (CS) breaches continue to increase in number, complexity, and severity. This qualitative study is one of a few to comprehensively explore CS management. The study used a systems’ approach to identify business, socioeconomic, and information technology (IT) factors, and their interrelationships. The study examined IT management frameworks and CS standards and literature. Interviews and a focus group of subject matter experts followed. The research found CS is a leadership, not a technical issue. CS is an ecosystem; its components are interrelated and inseparable, requiring qualitative, subjective, risk and knowledge management interventions. CS, IT, and threats are too complex and volatile for organizations to manage all risks and vulnerabilities in a timely, agile manner. CS lexicons lack uniformity and consistency. An IT management framework is better suited for CS. Companies must segregate and encrypt the most sensitive information and curb their appetites for new, unsecured technology. CS and IT is multilayered, requiring subspecialists, who often serve conflicting business needs and security objectives. Organizations need to minimize mid-level CS management, raise CS to a business level function (not subordinate to IT), and involve cyber specialists at all levels in the business lifecycle. Cross-pollinating people from all business areas, especially from finance, CS, and IT, increases awareness of the others’ responsibilities and obligations and facilitates more rapid portfolio, lifecycle CS activities, from investments to detection and response activities. Future studies should focus on these issues as critical success factors. Finally, the study of CS requires agile, qualitative, multidisciplinary methodology to produce thick, quick, actionable information.</p><p>
9
Bakare, Adeyinka A. "A Methodology for Cyberthreat ranking: Incorporating the NIST Cybersecurity Framework into FAIR Model." University of Cincinnati / OhioLINK, 2020. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1583247043269043.
Full text
10
Cornel, Caralea May. "A Methodology to Measure the Impact of Diversity on Cybersecurity Team Effectiveness." BYU ScholarsArchive, 2019. https://scholarsarchive.byu.edu/etd/8594.
Full textAbstract:
In recent years, the definition of cybersecurity professional has been diluted to include more individuals, particularly women, to be included. Depending on the definition used, women currently comprise between 11% and 25% of the cybersecurity workforce. While multiple studies have indicated the benefits to diverse teams, research in the cybersecurity area is lacking.This research proposes a framework that uses a modified escape-the-room gamified scenario to measure the effectiveness of cybersecurity teams in technical problem-solving. The framework presents two routes, incident response and penetration testing, the participants can choose. In a preliminary study, this framework is used to show the combination of gender diversity and prior cybersecurity experience and/or cybersecurity knowledge, particularly in women, are found to be significant in reducing the time taken to solve cybersecurity tasks in the incident response, and penetration testing domains.In conclusion, opportunities for extending this research into a large-scale study are discussed, along with other applications of cybersecurity escape-rooms.
11
Cho, Yiseul. "Strategic philanthropy for cyber security : an extended cost-benefit analysis framework to study cybersecurity." Thesis, Massachusetts Institute of Technology, 2012. http://hdl.handle.net/1721.1/72880.
Full textAbstract:
Thesis (S.M. in Technology and Policy)-- Massachusetts Institute of Technology, Engineering Systems Division, Technology and Policy Program, 2012.<br>Cataloged from PDF version of thesis.<br>Includes bibliographical references (p. 74-79).<br>The international climate of cyber security is dramatically changing and thus unpredictable. As such, agile yet sustainable solutions are needed, along with an effective and a pragmatic evaluation framework to assess and demonstrate the value and efficacy of international development collaboration. Currently, no mature frameworks are available for evaluating such non-conventional, new, and complex international activities as they exist today, and thus this study aims to provide an innovative and pragmatic approach to study cybersecurity. This study recognizes the lack of institutionalized solutions, and aims to provide a novel framework with which to evaluate emerging solutions. In particular, this study evaluates the effectiveness of international development activities and public-private partnerships as a way to improve cyber security. Guided by literature on strategic philanthropy and international development, this study develops an extended cost-benefit analysis framework and applies it to an in-depth case study of a Korean security agency, its Computer Emergency Response Team (CERT.) This newly extended framework can be used for assessing international programs and activities aimed at improving cyber security, where the costs and benefits are not restricted by traditional boundaries. Unlike conventional approaches, this study explicitly includes three additional critical aspects, which are neglected in the conventional cost benefit analysis framework: 1) synergic effect (such as public-private partnership), 2) indirect impact, and 3) shared value. An in-depth case study with field interviews and technology reviews was conducted to test the applicability of this extended framework. Based on the application to the case of the international development activities of the Korean CERT, this study presents two findings. First, private companies can benefit from participating in government-led international development programs. Second, international development activities are effective solutions to improving global and local cyber security. Repeated applications of this framework to other cases will further assess the generalizability of the framework. Cumulated evidence from evaluating the effectiveness of international development activities will also inform the development of future activities for establishing partnerships of strategic philanthropy to improve cyber security.<br>by Yiseul Cho.<br>S.M.in Technology and Policy
12
Ziska, Matthew Ryan. "Does Cybersecurity Law and Emergency Management Provide a Framework for National Electric Grid Protection?" ScholarWorks, 2018. https://scholarworks.waldenu.edu/dissertations/4766.
Full textAbstract:
The U.S. government is responsible for protecting the country's energy and technology infrastructure. Critics argue the United States has failed to prepare, protect and respond to incidents involving the national electric grid leaving communities vulnerable to prolonged power outages. Protection of investor owned utilities' critical infrastructure is vulnerable to cyber and physical harm from the absence of criminalizing the intrusion of private sector computer networks, the lack of cybersecurity threats in emergency management, and the absence of cyber-intelligent leadership supports this argument. The purpose of this study was to introduce an electric grid protection theoretical concept, while identifying whether cybersecurity law and emergency management, amongst the investor-owned utility community, has an optimized relationship for protecting the national electric grid from harm. Easton's political system input/output model, Sommestad's cybersecurity theory, and Mitroff's crisis management theory provided the theoretical foundations for this study. The study utilized a mixed method research design that incorporated a Likert collection survey and combined quantitative chi-square and qualitative analysis. The key findings identified that cybersecurity law and the use of emergency management in the electric grid protection theory were not optimized to protect the national electric grid from harm. The recommendations of this study included the optimization of the theory elements through educational outreach and amending administrative cybersecurity law to improve the protection of the national electric grid and positively impacting social change by safeguarding the delivery of reliable electric energy to the millions of Americans who depend upon it.
13
Sridarran, Pournima. "A framework to enhance post-disaster resettlement process through adaptable built environment in Sri Lanka." Thesis, University of Huddersfield, 2018. http://eprints.hud.ac.uk/id/eprint/34573/.
Full textAbstract:
The ‘global refugee crisis’ has captured much of the world’s attention in recent decades and has thus led to several consequent declarations of policy and policy changes. However, a rising number of internal displacements are occurring around the world each year without attracting much attention. As a result, resettlements are implemented by the concerned entities, particularly in the developing countries, in order to diminish the impact of the crisis. Nevertheless, large-scale resettlement schemes have often been criticised for their inability to meet the long-term aspiration of the communities. Accordingly, this research seeks to explore the potentials of an adaptable built environment to resolve the issue. This research inquires the available institutional arrangements, namely the top-down approach and the bottom-up approach, to provide affordable solutions. Thus, attempt is made to propose a framework to enhance the ‘post-disaster recovery’ process, by identifying the gaps in the resettlement and proposing steps to resolve built-environment related issues within disaster-induced resettlements. As selection of a specific developing country would permit an in-depth understanding of the process of resettlement, Sri Lanka was selected for the proposed purpose of this research. This study adopts a concurrent nested mixed method that follows a survey within a case study. The case study and the survey data were collected simultaneously in Sri Lanka from June 2016 to August 2016. The collected qualitative data was analysed using a template analysis technique to identify themes and patterns. The quantitative data was further analysed using the factor analysis technique in order to understand the underlying concepts. The results show that the resettlement process in Sri Lanka has improved considerably since the time of 2004 Indian Ocean tsunami. Nevertheless, some gaps exist in current procedures, that arise from the top-down approach, besides issues inherent to such approach. Further, it was found that the involvement of the communities in the resettlement process has been minimal, and the expectations, needs, and obstacles of the communities are rarely addressed. Cross-case analysis showed that the needs and expectations of the communities vary with specific parameters such as type of disaster, involvement of host community, phase of resettlement, involvement of displacement, and voluntariness for the resettlement. The analysis further showed that several of the empirical findings replicate the findings in similar contexts reported in the literature for other developing countries. The framework produced in the course of the study and presented at the end of the thesis is intended to enable the arrival at plausible means to overcome the gaps in the resettlement process and the outcomes. The proposed framework is expected to benefit governments, policymakers and academics to overcome process-related and outcomerelated issues that lead to resettlement failure. It is also expected to benefit funding bodies and non-governmental organisations to determine the best practices for fund allocation and resettlement design in future programmes.
14
Habeeb, Richard. "Improving the Security of Building Automation Systems Through an seL4-based Communication Framework." Scholar Commons, 2018. http://scholarcommons.usf.edu/etd/7161.
Full textAbstract:
Existing Building Automation Systems (BASs) and Building Automation Networks (BANs) have been shown to have serious cybersecurity problems. Due to the safety-critical and interconnected nature of building subsystems, local and network access control needs to be finer grained, taking into consideration the varying criticality of applications running on heterogeneous devices. In this paper, we present a secure communication framework for BASs that 1) enforces rich access control policy for operating system services and objects, leveraging a microkernel-based architecture; 2) supports fine-grained network access control on a per-process basis; 3) unifies the security control of inter-device and intra-device communication using proxy processes; 4) tunnels legacy insecure communication protocols (e.g., BACnet) through a secure channel, such as SSL, in a manner transparent to legacy applications. We implemented the framework on seL4, a formally verified microkernel. We conducted extensive experiments and analysis to compare the performance and effectiveness of our communication systems against a traditional Linux-based implementation of the same control scenario. Our experiments show that the communication performance of our system is faster or comparable to the Linux-based architecture in embedded systems.
15
Uddin, Md Ashraf. "A patient agent controlled customized blockchain based framework for internet of things." Thesis, Federation University Australia, 2021. http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/177119.
Full textAbstract:
Although Blockchain implementations have emerged as revolutionary technologies for various industrial applications including cryptocurrencies, they have not been widely deployed to store data streaming from sensors to remote servers in architectures known as Internet of Things. New Blockchain for the Internet of Things models promise secure solutions for eHealth, smart cities, and other applications. These models pave the way for continuous monitoring of patient’s physiological signs with wearable sensors to augment traditional medical practice without recourse to storing data with a trusted authority. However, existing Blockchain algorithms cannot accommodate the huge volumes, security, and privacy requirements of health data. In this thesis, our first contribution is an End-to-End secure eHealth architecture that introduces an intelligent Patient Centric Agent. The Patient Centric Agent executing on dedicated hardware manages the storage and access of streams of sensors generated health data, into a customized Blockchain and other less secure repositories. As IoT devices cannot host Blockchain technology due to their limited memory, power, and computational resources, the Patient Centric Agent coordinates and communicates with a private customized Blockchain on behalf of the wearable devices. While the adoption of a Patient Centric Agent offers solutions for addressing continuous monitoring of patients’ health, dealing with storage, data privacy and network security issues, the architecture is vulnerable to Denial of Services(DoS) and single point of failure attacks. To address this issue, we advance a second contribution; a decentralised eHealth system in which the Patient Centric Agent is replicated at three levels: Sensing Layer, NEAR Processing Layer and FAR Processing Layer. The functionalities of the Patient Centric Agent are customized to manage the tasks of the three levels. Simulations confirm protection of the architecture against DoS attacks. Few patients require all their health data to be stored in Blockchain repositories but instead need to select an appropriate storage medium for each chunk of data by matching their personal needs and preferences with features of candidate storage mediums. Motivated by this context, we advance third contribution; a recommendation model for health data storage that can accommodate patient preferences and make storage decisions rapidly, in real-time, even with streamed data. The mapping between health data features and characteristics of each repository is learned using machine learning. The Blockchain’s capacity to make transactions and store records without central oversight enables its application for IoT networks outside health such as underwater IoT networks where the unattended nature of the nodes threatens their security and privacy. However, underwater IoT differs from ground IoT as acoustics signals are the communication media leading to high propagation delays, high error rates exacerbated by turbulent water currents. Our fourth contribution is a customized Blockchain leveraged framework with the model of Patient-Centric Agent renamed as Smart Agent for securely monitoring underwater IoT. Finally, the smart Agent has been investigated in developing an IoT smart home or cities monitoring framework. The key algorithms underpinning to each contribution have been implemented and analysed using simulators.<br>Doctor of Philosophy
16
Gray, David Kirkness. "Counterurbanisation and perceptions of quality of life in rural Scotland : a postmodern framework." Thesis, University of Glasgow, 1993. http://theses.gla.ac.uk/4389/.
Full textAbstract:
This study is original in that it draws upon postmodern theories on the perception and representation of reality to investigate the relationship between the perception of quality of life and counterurbanisation in rural Scotland. Repertory grid analysis and a postal questionnaire were used in the research to determine the perceived importance of factors in the quality of life of various social and migrational groups in eight rural study areas. The research revealed that counterurbanisation in all its forms is widespread in the areas investigated, and that a significnt component in this process is migration to seek a perceived rural idyll, a form of migration which is unconnected to any economic component, or any changes in the location of industry. Postmodern theories regarding the perception of reality in rural and urban areas were used to explain people's perceptions of what was important in their choice of where to live. The study area of the respondents, their migrational histories, socio-occupational class, housing tenure, and most significantly their age group, were all predictive in determining how important many quality of life factors were perceived as being. However, the main conclusion from the study was the similarity that existed between the perceptions of all groups. Factors reflecting stereotyped images of the rural idyll and those of the problems of urban life, conditioned into the collective consciousness by the way in which these environments are portrayed on television, in the mass media, in literature, and in advertising, dominated in respondents' perceptions, along with other topical environmental concerns over factors which reflected more 'traditional' problems and concerns of rural life.
17
OBERPRILLER, KATHARINA. "Reduced-form framework under model uncertainty and generalized Feynman-Kac formula in the G-setting." Doctoral thesis, Gran Sasso Science Institute, 2022. http://hdl.handle.net/20.500.12571/25844.
Full textAbstract:
The thesis dealing with topics under model uncertainty consists of two main parts. In the first part, we introduce a reduced-form framework in the presence of multiple default times under model uncertainty. In particular, we define a sublinear conditional operator with respect to a family of possibly non-dominated priors for a filtration progressively enlarged by multiple ordered defaults. Moreover, we analyze the properties of this sublinear conditional expectation as a pricing instrument and consider an application to insurance market modeling with non-linear affine intensities. In the second part of this thesis, we prove a Feynman-Kac formula under volatility uncertainty which allows to take into account a discounting factor. In the first part, we generalize the results of a reduced-form framework under model uncertainty for a single default time in order to consider multiple ordered default times. The construction of these default times is based on a generalization of the Cox model under model uncertainty. Within this setting, we progressively enlarge a reference filtration by N ordered default times and define the sublinear expectation with respect to the enlarged filtration and a set of possibly non-dominated probability measures. We derive a weak dynamic programming principle for the operator and use it for the valuation of credit portfolio derivatives under model uncertainty. Moreover, we analyze the properties of the operator as a pricing instrument under model uncertainty. First, we derive some robust superhedging duality results for payment streams, which allow to interpret the operator as a pricing instrument in the context of superhedging. Second, we use the operator to price a contingent claim such that the extended market is still arbitrage-free in the sense of “no arbitrage of the first kind”. Moreover, we provide some conditions which guarantee the existence of a modification of the operator which has quasi-sure càdlàg paths. Finally, we conclude this part by an application to insurance market modeling. For this purpose, we extend the reduced-form framework under model uncertainty for a single default time to include intensities following a non-linear affine process under parameter uncertainty. This allows to introduce a longevity bond under model uncertainty in a way consistent with the classical case under a single prior and to compute its valuation numerically.
In the second part, we focus on volatility uncertainty and, more specifically on the G-expectation setting. In this setting, we provide a generalization of a Feynman-Kac formula under volatility uncertainty in presence of a linear term in the PDE due to discounting. We state our result under different hypothesis with respect to the current result in the literature, where the Lipschitz continuity of some functionals is assumed, which is not necessarily satisfied in our setting. Thus, we establish for the first time a relation between non-linear PDEs and G-conditional expectation of a discounted payoff. To do so, we introduce a family of fully non-linear PDEs identified by a regularizing parameter with terminal condition φ at time T > 0, and obtain the G-conditional expectation of a discounted payoff as the limit of the solutions of such a family of PDEs when the regularity parameter goes to zero. Using a stability result, we can prove that such a limit is a viscosity solution of the limit PDE. Therefore, we are able to show that the G-conditional expectation of the discounted payoff is a solution of the PDE. In applications, this permits to calculate such a sublinear expectation in a computationally efficient way.
18
Pacheco, Ramirez Jesus Horacio, and Ramirez Jesus Horacio Pacheco. "An Anomaly Behavior Analysis Methodology for the Internet of Things: Design, Analysis, and Evaluation." Diss., The University of Arizona, 2017. http://hdl.handle.net/10150/625581.
Full textAbstract:
Advances in mobile and pervasive computing, social network technologies and the exponential growth in Internet applications and services will lead to the development of the Internet of Things (IoT). The IoT services will be a key enabling technology to the development of smart infrastructures that will revolutionize the way we do business, manage critical services, and how we secure, protect, and entertain ourselves. Large-scale IoT applications, such as critical infrastructures (e.g., smart grid, smart transportation, smart buildings, etc.) are distributed systems, characterized by interdependence, cooperation, competition, and adaptation. The integration of IoT premises with sensors, actuators, and control devices allows smart infrastructures to achieve reliable and efficient operations, and to significantly reduce operational costs. However, with the use of IoT, we are experiencing grand challenges to secure and protect such advanced information services due to the significant increase in the attack surface. The interconnections between a growing number of devices expose the vulnerability of IoT applications to attackers. Even devices which are intended to operate in isolation are sometimes connected to the Internet due to careless configuration or to satisfy special needs (e.g., they need to be remotely managed). The security challenge consists of identifying accurately IoT devices, promptly detect vulnerabilities and exploitations of IoT devices, and stop or mitigate the impact of cyberattacks.
An Intrusion Detection System (IDS) is in charge of monitoring the behavior of protected systems and is looking for malicious activities or policy violations in order to produce reports to a management station or even perform proactive countermeasures against the detected threat. Anomaly behavior detection is a technique that aims at creating models for the normal behavior of the network and detects any significant deviation from normal operations. With the ability to detect new and novel attacks, the anomaly detection is a promising IDS technique that is actively pursued by researchers. Since each IoT application has its own specification, it is hard to develop a single IDS which works properly for all IoT layers. A better approach is to design customized intrusion detection engines for different layers and then aggregate the analysis results from these engines. On the other hand, it would be cumbersome and takes a lot of effort and knowledge to manually extract the specification of each system. So it will be appropriate to formulate our methodology based on machine learning techniques which can be applied to produce efficient detection engines for different IoT applications.
In this dissertation we aim at formalizing a general methodology to perform anomaly behavior analysis for IoT. We first introduce our IoT architecture for smart infrastructures that consists of four layers: end nodes (devices), communications, services, and application. Then we show our multilayer IoT security framework and IoT architecture that consists of five planes: function specification or model plane, attack surface plane, impact plane, mitigation plane, and priority plane. We then present a methodology to develop a general threat model in order to recognize the vulnerabilities in each layer and the possible countermeasures that can be deployed to mitigate their exploitation. In this scope, we show how to develop and deploy an anomaly behavior analysis based intrusion detection system (ABA-IDS) to detect anomalies that might be triggered by attacks against devices, protocols, information or services in our IoT framework. We have evaluated our approach by launching several cyberattacks (e.g. Sensor Impersonation, Replay, and Flooding attacks) against our testbeds developed at the University of Arizona Center for Cloud and Autonomic Computing. The results show that our approach can be used to deploy effective security mechanisms to protect the normal operations of smart infrastructures integrated to the IoT. Moreover, our approach can detect known and unknown attacks against IoT with high detection rate and low false alarms.
19
Kleesiek, Marco [Verfasser], and G. [Akademischer Betreuer] Drexlin. "A Data-Analysis and Sensitivity-Optimization Framework for the KATRIN Experiment / Marco Kleesiek. Betreuer: G. Drexlin." Karlsruhe : KIT-Bibliothek, 2014. http://d-nb.info/1059157462/34.
Full text
20
Kim, KoUn. "The institutional development and outcomes of water partnerships in Korea : a comparative case study based on a modified institutional analysis and development (IAD) framework." Thesis, London School of Economics and Political Science (University of London), 2012. http://etheses.lse.ac.uk/679/.
Full textAbstract:
This thesis examines how new types of water governance institutions, water partnerships, emerged and performed in Korea, a centralised state-driven society. Beyond conventional water management by either government or market, new forms of governance have been sought to address problems such as under-provision, pollution and water conflict. This study investigates voluntary water partnerships as a leading example of new water governance in East Asia. Conceptually, it uses a modified institutional approach, the Institutional Analysis and Development (IAD) framework, to examine how global water reform discourses informed social actors in the design and implementation of regional and urban water partnerships in Korea. A comparative case analysis of six water partnerships finds that co-governance institutions emerged and operated in a complex linkage with existing water governance systems. For the three urban water partnerships, local actors actively seized opportunities to rehabilitate long abandoned urban streams. For the three regional water partnerships, public and private sector actors successfully negotiated partnership agreements, focusing on the restoration of polluted water sources. A modified IAD framework captured these complicated interactions among stakeholders within multi-layered water governance structures. An attitudinal survey of partnership members complemented the comparative case studies by assessing how the partnerships performed according to selected evaluation criteria. A multi-criteria assessment of the data reveals three key findings. First, the partnerships achieved mainly positive procedural and socio-economic outcomes in water management. Second, observed lower environmental outcomes result mainly from the interlinked features of water resources management and the partnerships’ relatively brief history. Third, the overall findings indicate that the outcomes of co-governance institutions tended to be contextual. The scale of organisations and of the water resources concerned did not determine the outcomes of the water partnerships. Thus, this finding challenges the claim that ‘smaller is better’ in collaborative governance. This study concludes that the voluntary co-management of shared water resources by the six partnerships have simultaneously brought some solutions as well as costs to water governance in Korea. The design and development of co-management institutions for water governance requires a greater understanding of local and national settings, as well as the facilitative role of national government. Co-operation between new co-governance institutions and existing water institutions is vital to long-term, effective water management.
21
Tiscornia, Matteo. "Cyber Risk: Un Nuovo Approccio alla Valutazione." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2016. http://amslaurea.unibo.it/12319/.
Full textAbstract:
Negli ultimi anni il crescente interesse sviluppato nell'ambito del cyber risk ha posto l'attenzione sulle possibili gravi conseguenze di un evento informatico per le imprese e le società.
La continua espansione delle tecnologie come strumenti di lavoro e nella realtà di tutti i giorni attraverso la diffusione dei social network, dei dispositivi mobili e dei servizi cloud ha portato ad una maggiore vulnerabilità dell’intero spazio cibernetico.
Molte aziende stanno iniziando a considerare la cybersecurity come un rischio d’impresa sempre più importante e di conseguenza si sono messe alla ricerca di metodi per assicurare la continuità del proprio business in caso di attacchi informatici.
In questo elaborato si è cercato di toccare tutti i punti fondamentali che riguardano l’intera gestione del cyber-rischio.
Quindi, tratta della corretta formulazione del concetto di rischio contestualizzato nello spazio cibernetico, partendo da un’analisi delle due componenti principali della formula (probabilità e impatto) evidenziandone i limiti dell’applicabilità in questo contesto.
L’obiettivo consiste nel riformulare il rischio prendendo in considerazione altri aspetti come la sicurezza e l’esposizione al rischio.
22
Wasserrab, Daniel [Verfasser], and G. [Akademischer Betreuer] Snelting. "From Formal Semantics to Verified Slicing : A Modular Framework with Applications in Language Based Security / Daniel Wasserrab ; Betreuer: G. Snelting." Karlsruhe : KIT Scientific Publishing, 2011. http://d-nb.info/118549300X/34.
Full text
23
Boa, Sally. "The development and evaluation of a Goal setting and Action Planning framework for use in Palliative Care (G-AP PC)." Thesis, University of Stirling, 2013. http://hdl.handle.net/1893/19850.
Full textAbstract:
Background: Palliative care is a support system to help people live actively until they die. Current policy aims to integrate rehabilitation and goal setting as mechanisms to help professionals to support patients to do this, but there is little agreement about what this means in practice. No theory based framework currently exists to help palliative care professionals consistently work with patients to identify and work towards goals. This thesis describes how a framework for goal setting and action planning in palliative care (G-AP PC) was developed and implemented systematically in one hospice. Research aims: 1. To synthesise published literature regarding goal setting in palliative care settings. 2. To investigate current goal setting practice in one hospice setting. 3. To develop and evaluate a theory and evidence-based goal setting intervention for palliative care settings. Study design This study is placed in the ‘development and feasibility’ phases of the Medical Research Council (MRC) framework for developing and evaluating complex interventions. The intervention (G-AP PC) was systematically developed. Firstly a rigorous investigation of current practice was conducted by synthesising the literature on the subject, and investigating current goal setting practice in one hospice setting. These findings informed the development of a theory-based Goal setting and Action Planning practice framework (G-AP PC) which was then implemented and evaluated in one hospice in-patient unit. Normalization Process Theory (NPT) was used to structure the development and evaluation of the intervention. Findings: Goal setting with patients is recognised as important within palliative care, but is poorly conceptualised and lacks a theory and evidence-base for its practice. G-AP PC was successfully developed, implemented and evaluated in one hospice setting. Findings demonstrate that G-AP PC is acceptable and feasible for use by professionals and patients alike. It helped professionals to work as a team; shift their attention from symptoms/problems/risk to patient’s goals; act on what patients wanted to achieve, within short timescales and document patients goals appropriately. Patients reported that use of G-AP PC allowed them to focus on goals that were important to them. There was also evidence that goal setting helped increase patients’ motivation and self-efficacy. Conclusions: G-AP PC is a feasible and acceptable intervention. The study has demonstrated that the interventions can increase patient centred goal setting and motivates both patients and staff to work towards and achieve patient goals that are not only about controlling symptoms but also about engaging in meaningful activities, enabling patients to live actively until they die.
24
Nimr, Ahmad [Verfasser], Gerhard [Gutachter] Fettweis, and Erik G. [Gutachter] Larsson. "Unified Framework for Multicarrier and Multiple Access based on Generalized Frequency Division Multiplexing / Ahmad Nimr ; Gutachter: Gerhard Fettweis, Erik G. Larsson." Dresden : Technische Universität Dresden, 2021. http://d-nb.info/1236990498/34.
Full text
25
Scobbie, Lesley. "The development and initial evaluation of a Goal setting and Action Planning (G-AP) framework for use in community based stroke rehabilitation." Thesis, University of Stirling, 2015. http://hdl.handle.net/1893/21909.
Full textAbstract:
Background: Goal setting is accepted ‘best practice’ in stroke rehabilitation however, there is no consensus about what the key components of goal setting interventions are, how they should be optimally delivered in practice and how best to involve stroke survivors in the process. This PhD by publication describes the development and initial evaluation of a theory-based goal setting and action planning framework (G-AP) to guide goal setting practice in community based stroke rehabilitation settings. Included studies: The Medical Research Council (MRC) framework for developing and evaluating complex interventions guided the development and conduct of a programme of research which included the following studies: (i) a review of the literature to identify theories of behaviour change with most potential to inform goal setting practice (Paper 1) (ii) a causal modelling exercise to map identified theoretical constructs onto a goal setting process and convening of a multi-disciplinary task group to develop the theoretical process into a Goal setting and Action Planning (G-AP) practice framework (Paper 2) (iii) a process evaluation of the G-AP framework in one community rehabilitation team (Paper 3) (iv) a United Kingdom (UK) wide survey to investigate the nature of services providing community based stroke rehabilitation across the UK and what goal setting practice is in these settings in order to understand the context into which an evaluation of the G-AP framework could be introduced (Paper 4) Main Findings: The review of the literature identified three theories of behaviour change that offered most potential to inform goal setting practice: Social Cognitive Theory, Health Action Process Approach and Goal Setting Theory. These theories contained constructs directly relevant to the goal setting practice: self-efficacy, outcome expectancies, goal attributes, action planning, coping planning and appraisal and feedback. The causal modelling and Task group exercise: (i) Informed development of the G-AP framework into a four stage, cyclical process that included (i) goal negotiation and setting (ii) planning and measuring confidence (iii) action and (iv) appraisal, feedback and decision making. (ii) Proposed mechanisms of action: successful completion of action plans resulting in incremental improvements in goal sub-skills and self-efficacy. (iii) Predicted outcomes G-AP was likely to impact on: goal attainment and improved rehabilitation outcomes. The process evaluation suggested that each stage of the G-AP framework had a distinct purpose and made a useful contribution to the overall process. Overall, G-AP was acceptable and feasible to use but implementation of novel aspects of the framework (coping planning and measuring confidence) was inconsistent and health professionals had concerns about the potential impact of unmet goals on patients’ wellbeing. Patient reports suggested that (i) the experience of goal non-attainment could facilitate adjustment to limitations resulting from stroke and (ii) feeling involved in the goal setting process can incorporate both patient-led and professional-led approaches. The survey findings highlighted the variability that exists in community based stroke rehabilitation services in the UK (e.g. the patients they see; the input they provide). Goal setting is reportedly used with all or most stroke survivors in these services; however, practice is variable and may be sub-optimal. Conclusions: G-AP is the first practice framework which has been explicitly developed to guide health professionals through a systematic, theoretically based and patient centred goal setting process in community based stroke rehabilitation. G-AP is a cyclical process that that has four key stages, proposed mechanisms of action and has shown promise as an acceptable, feasible and effective framework to guide goal setting practice. The complexity that exists within community based stroke rehabilitation services, and the variability in usual goal setting practice used within them, should be considered when designing a study to evaluate the effectiveness of G-AP in routine practice.
26
Petráš, František. "Analýza vybraných zahraničních Government Cloud řešení a návrh koncepce pro ČR." Master's thesis, Vysoká škola ekonomická v Praze, 2015. http://www.nusl.cz/ntk/nusl-193043.
Full textAbstract:
This work deals with Government Cloud (G-Cloud) solutions which provide shared ICT services in the field of public authorities. These solutions are deployed mainly because they bring significant financial savings for government. The aim of this work is to analyse three selected G-Cloud solutions and based on this analysis propose a concept of the solution suitable for the Czech Republic. G-Cloud solutions used in Denmark, Great Britain and Slovakia were selected for this analysis. First, a set of unified criteria was established to allow an objective analysis. Through these criteria, analysed solutions were described in terms of concept, offered services, delivery process and service usage, scheduling the entire solution and its component parts, security, legislation, and providing information to interested parties. The main benefits of this work are the comparison of analysed solutions and the draft concept of the solution for the Czech Republic.
27
Sichtig, Heike. "The SGE framework discovering spatio-temporal patterns in biological systems with spiking neural networks (S), a genetic algorithm (G) and expert knowledge (E) /." Diss., Online access via UMI:, 2009.
Find full textAbstract:
Thesis (Ph. D.)--State University of New York at Binghamton, Thomas J. Watson School of Engineering and Applied Science, Department of Bioengineering, Biomedical Engineering, 2009.<br>Includes bibliographical references.
28
Lartey, Jerry. "Effective Vulnerability Management for Small Scale Organisations in Ghana." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-75809.
Full textAbstract:
Most Small and Medium scale Enterprises (SMEs) in Ghana are notparticularly anxious about the consequences of inadequacy or lack of anyform of vulnerability management operation in their normal businesspractices. This case study research explores how a local Internet ServiceProvider (ISP) in Ghana and its local client-base can manage vulnerabilitieswith a targeted patch management practise integrated into their operations.To answer the research question “How can a SME local Internet ServiceProvider (ISP) in Accra, Ghana, assist their local customer base to integrateeffective cybersecurity vulnerability management into their operations?“,This case study comprised the Subject Matter Expert of one local ISP as well as4 other technical Subject Matter Experts of the ISP’s clients about their patchmanagement operations. This case study research revealed that most SMEs donot consider vulnerability management as a key concern in the operation oftheir organisation and therefore, proposes a way to highlight the importanceof vulnerability management whiles doing so at a cost-effective manner. Theimplications of targeted cybersecurity patch management for the local ISP andtheir client-base is also addressed by this thesis research.
29
Head, Nicholas. "Development of a multi-criteria, GIS-based, backcasting framework model (G-BFM) for progression towards zero waste futures, for holistic resource management policy and practice in Northamptonshire by 2050." Thesis, University of Northampton, 2015. http://nectar.northampton.ac.uk/9131/.
Full textAbstract:
The complex nature of waste management and planning requires a long-term strategic policy formation approach incorporating sustainable development principles. Consequently, the transition from a waste paradigm to valuing materials as resources is central for transitioning towards a 'zero waste' future. A need is identified, via infrastructure planning, to move beyond short-term forecasting and predictive methods previously used in waste research in order to overcome target-driven decision-making. The application of a participatory backcasting methodology: visioning, baseline assessment, scenario development and feasibility testing; produced transformative scenarios which are visualised using GIS reflecting the choices, ideas and beliefs of participants. The structural governance (e.g. waste infrastructure planning and strategic waste policy) of an English county is used to evaluate the efficacy of waste management scenarios. A quantitative model was developed to test scenarios for three metrics (tonnages, economics and carbon). The final model utilises the synergy between backcasting and GIS to spatially and temporally analyse empirically quantified outputs. This structured approach produced three transformative scenarios and one reference scenario. Waste prevention and changes to systemic waste generation produced long-term tonnage reductions across the transformative scenarios. Costs of future waste management witnessed the reference scenario outperforming one of the transformative scenarios; while the highest emissions savings were attributable to the scenario most closely reflecting the notion of 'deep sustainability'. In terms of waste infrastructure planning, a centralised pattern of large integrated facilities emphasising catchments rather than administrative boundary were most effective. All three transformative scenarios surpassed the 90% recycling and recovery level used as the zero waste benchmark. The research concludes that backcasting can offer a range of potential futures capable of achieving an arbitrary definition of zero waste. Further, these futures can be visualised and analysed via GIS; enhancing stakeholder engagement. Overall, the GIS-based Backcasting Framework Model (G-BFM) produced has the potential to benefit a range of stakeholders and practitioners and is strategically scalable.
30
Summers, Timothy Corneal. "HOW HACKERS THINK: A MIXED METHOD STUDY OF MENTAL MODELSAND COGNITIVE PATTERNS OF HIGH-TECH WIZARDS." Case Western Reserve University School of Graduate Studies / OhioLINK, 2015. http://rave.ohiolink.edu/etdc/view?acc_num=case1427809862.
Full text
31
Mazzini, Pietro. "Analisi di integrazione su sistemi di Intrusion Detection e Incident Handling in ambito enterprise." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2020. http://amslaurea.unibo.it/21851/.
Full textAbstract:
Questa tesi ha l'obiettivo di presentare un sistema di Intrusion Detection, Incident Handling e Response nei suoi processi produttivi, organizzativi e manageriali e in quelli puramente pratici ed implementativi.
Il nome di questo progetto è OSSIHR (Open Source System for Incident Handling and Response).
La tesi è composta da quattro capitoli.
Il capitolo 1 contiene un'introduzione ai concetti, alle sigle ed ai processi che caratterizzano le discipline di Intrusion Detection, Incident Handling e Incident Management.
Nel capitolo 2 è analizzato lo stato dell'arte sulla materia e vengono definiti i meccanismi di un sistema di Incident Handling che possa essere adottato in ambito enterprise.
Le integrazioni dei software che sono stati utilizzati e l'architettura di OSSIHR sono documentati ed approfonditi nel capitolo 3.
I margini di miglioramento e le criticità del sistema in oggetto sono evidenziate nel capitolo 4 che include anche uno studio di paragone fra il sistema open source proposto ed altri sistemi closed source.
32
Lin, Chien-Ting, and 林建廷. "Cybersecurity-Framework (CSF) -based Conformance Checking Techniques and Tools." Thesis, 2017. http://ndltd.ncl.edu.tw/handle/04491641738524082914.
Full textAbstract:
碩士<br>元智大學<br>資訊工程學系<br>105<br>Cybersecurity is critical for governments, sectors, and enterprises. Thus, US NIST published “Cybersecurity Framework, CSF” as a baseline to help improve the cybersecurity risk management for these organizations. Moreover, President Trump signed cybersecurity executive order on May 11, 2017 to require all federal agencies to adopt CSF. Thus, how to comply with CSF is becoming an important issue. However, CSF activities are detailed and not easy to follow. Furthermore, there are no clear relations between CSF tiers and core activities. Although it is not necessary to have 1-to-1 relation between tiers and core activities, a certain degree of relation makes it easier to adopt CSF. Thus, this thesis studies the methods to relate CSF tiers and core activities, as well as develops a computer-aided CSF conformance checking tool set.
In relating CSF core activities with CSF tiers, we use the mapping results of C2M2 in connecting CSF tiers with C2M2, a cybersecurity maturity model of US energy department. Besides, we add extra core activities from mapping results of DHS’s CRR Q&A set with CSF. In the computer-aided tool, we first design a CSF ontology and present it in a tree view; the tool set provides such functions as CSF query, document markup, review, Q&A review, quantitative adjustment, self-assessment, and visual presentation of the resulting profile. The proposed techniques and conformance checking tools developed by our research enhance the effectiveness, objectiveness, transparency, and repeatability in the process of adopting CSF.
33
Gwala, Sizwe. "Barriers to implementation of the (SA) National Cybersecurity Policy Framework." Thesis, 2016. https://hdl.handle.net/10539/23802.
Full textAbstract:
Thesis (M.M. (Security))--University of the Witwatersrand, Faculty of Commerce, Law and Management, Graduate School of Public and Development Management, 2016<br>Technological advancement have seen South African government departments, state owned entities and private companies using cyberspace as a platform of interaction and the storage of information. Technological advancements have a positive impact due to the compression of space, time and thereby ensuring fastpaced interaction across borders. These technological advancements have, however resulted in most organisations, both private and public, becoming prone to cybercrimes and related incidents. In an initiative aimed at countering these threats, the South African government has passed various laws. The National Cybersecurity Policy Framework (NCPF) is a South African Policy framework aimed at countering an increase in the occurrence of cybercrimes and related incidents.
This research analyses the status in the implementation of the NCPF objectives allocated to the Department of Telecommunications and Postal Services (DTPS). Then the barriers in the Implementation are unpacked guided by the literature reviewed and finally recommendations on how to counter the identified barriers are provided post the data collection. The report firstly provides an outline of the global perspectives on cybersecurity which is followed by the regional cybersecurity measures, and then the national cybersecurity measures proposed by the South African Government department are outlined. The latter parts of the report focuses on the NCPF in terms of its scope, goals, objectives and stakeholders. Finally, focus is shifted to the DTPS as a chosen area of research wherein data was collected in a form of one-on-one, semi-structured interviews with relevant parties.
The results of this research are presented as a narrative description that is synthesised to develop the theoretical conjecture and empirical generalisation of the entire research. This research uncovered that there are numerous barriers in the implementation of the NCPF both within the DTPS as well as between the DTPS and various stakeholders entrusted with the implementation responsibility. The last chapter consists of general conclusions made by the researcher based on the research conducted which is then followed by recommended countermeasures which will be communicated to the DTPS as well as all stakeholders who will be affected by the proposed recommendations.<br>GR2018
34
Patala, Najiyabanu Noormohmed. "Cybersecurity framework for cloud computing adoption in rural based tertiary institutions." Diss., 2018. http://hdl.handle.net/11602/1362.
Full textAbstract:
MCom (Business Information Systems)<br>Department of Business Information Systems<br>Although technology is being progressively used in supporting student learning and enhancing business processes within tertiary institutions, certain aspects are hindering the decisions of cloud usage. Among many challenges of utilizing cloud computing, cybersecurity has become a primary concern for the adoption. The main aim of the study was to investigate the effect of cloud cyber-security usage at rural based tertiary institutions in order to compare the usage with an urban-based institution and propose a cybersecurity framework for adoption of cloud computing cybersecurity. The research questions focused on determining the drivers for cloud cybersecurity usage; the current adoption issues; how cybersecurity challenges, benefits, and quality affects cloud usage; the adoption perceptions and awareness of key stakeholders and identifying a cloud cybersecurity adoption framework. A quantitative approach was applied with data collected from a simple random sample of students, lecturers, admin and IT staff within the tertiary institutions through structured questionnaires.
The results suggested compliance with legal law as a critical driver for cloud cybersecurity adoption. The study also found a lack of physical control of data and harmful activities executed on the internet as challenges hampering the adoption. Prevention of identity fraud and cheaper security costs were identified as benefits of adoption. Respondents found cloud cybersecurity to be accurate and effective, although most of the students and employees have not used it. However, respondents were aware of the value of cybersecurity adoption and perceive for it to be useful and convenient, hence have shown the intention of adopting it. There were no significant elements identified to differentiate the perceptions of usage at rural and urban-based tertiary institutions. The results of the study are to be used for clarifying the cybersecurity aspects of cloud computing and forecasting the suitability cloud cybersecurity within the tertiary institutions. Recommendations were made on how tertiary institutions and management can promote cloud cybersecurity adoption and how students, lecturers, and staff can effectively use cloud cybersecurity.<br>NRF
35
Hasan, Mahmudul. "Cybersecurity Planning Insight: CSCD (Cyber Security and Cyber Defense) Control: Framework For Strategic Direction and Governance." Master's thesis, 2021. http://hdl.handle.net/10362/126392.
Full textAbstract:
Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Information Systems and Technologies Management<br>In this recent time, the importance of cybersecurity and cyber defense is sky-high. Everyone
uses different devices, IT infrastructures, and applications for various purposes at school,
office, home, hospitals everywhere. With the enlightenment of technology, the nature of
cyber-attack has been changed dramatically, and that is why the number of cyber-attacks
have been increased. Enterprises face billions of Euros loss from such incidents; even the
data loss and operational hazard may have a devastating impact not only on the service,
security, privacy, brand image but also upon overall business. A constrictive and realistic
CSCD (cyber security and cyber defense) strategy along with the proper implementation of
it, can safeguard the enterprises and strongly from cyber attacks. In this paper, we prepare
an improved CSCD control framework based on several hundreds of scientific papers and
frameworks. Moreover, we identify different aspects and strategic elements by holistic CSCD
control risk assessment and data analysis for preparing CSCD strategy and planning of
different levels of organizations to maintain effective CSCD governance and cyber resilience.
36
Chen, Jun Chau, and 陳俊超. "Production Planning Systems Based on General Framework for g Production." Thesis, 1995. http://ndltd.ncl.edu.tw/handle/90634050911388187556.
Full text
37
Greif, Martina, and 力露. "Carl G. Jung's Synchronicity Principle Inside Framework of Mou Zongsan's Moral Metaphysics." Thesis, 2013. http://ndltd.ncl.edu.tw/handle/85853380033433887275.
Full textAbstract:
碩士<br>國立臺灣師範大學<br>東亞學系<br>101<br>The thesis’s aim is to present Carl Jung’s synchronicity principle using Mou Zongsan’s 牟宗三 philosophy of moral metaphysics. I argue that Western scientific paradigm is unable to offer an appropriate framework for integration of synchronicity principle, because the scientific paradigm is based on causality, whereas synchronicity principle is based on acausality, which does not follow the deterministic logic of scientific thinking. When Jung studied Chinese classic Yi Jing, he discovered it is based on synchronicity principle, in Chinese known as ganying 感應 or gantong 感通. Jung’s shortcoming was that he did not know Chinese language, therefore he approached Yi Jing only through available translations. In the West Yi Jing was still an unknown mystery waiting to be revealed. Since he was not able to explain synchronicity principle inside scientific framework it will be my task to explain synchronicity concept inside framework of Yi-ology. I will focus on Mou Zongsan’s Yi-ology, because it is based on moral metaphysics, which is similar to Jung’s concept of self-realization.
38
Mozzaquatro, Bruno Augusti. "Security Management Framework for the Internet of Things." Doctoral thesis, 2020. http://hdl.handle.net/10362/116181.
Full textAbstract:
The increase in the design and development of wireless communication technologies
offers multiple opportunities for the management and control of cyber-physical systems
with connections between smart and autonomous devices, which provide the delivery
of simplified data through the use of cloud computing. Given this relationship with the
Internet of Things (IoT), it established the concept of pervasive computing that allows
any object to communicate with services, sensors, people, and objects without human
intervention. However, the rapid growth of connectivity with smart applications through
autonomous systems connected to the internet has allowed the exposure of numerous
vulnerabilities in IoT systems by malicious users.
This dissertation developed a novel ontology-based cybersecurity framework to
improve security in IoT systems using an ontological analysis to adapt appropriate
security services addressed to threats. The composition of this proposal explores
two approaches: (1) design time, which offers a dynamic method to build security
services through the application of a methodology directed to models considering
existing business processes; and (2) execution time, which involves monitoring the IoT
environment, classifying vulnerabilities and threats, and acting in the environment,
ensuring the correct adaptation of existing services.
The validation approach was used to demonstrate the feasibility of implementing the
proposed cybersecurity framework. It implies the evaluation of the ontology to offer
a qualitative evaluation based on the analysis of several criteria and also a proof of
concept implemented and tested using specific industrial scenarios. This dissertation
has been verified by adopting a methodology that follows the acceptance in the research
community through technical validation in the application of the concept in an industrial
setting.<br>O aumento no projeto e desenvolvimento de tecnologias de comunicação sem fio oferece
múltiplas oportunidades para a gestão e controle de sistemas ciber-físicos com conexões
entre dispositivos inteligentes e autônomos, os quais proporcionam a entrega de dados
simplificados através do uso da computação em nuvem. Diante dessa relação com
a Internet das Coisas (IoT) estabeleceu-se o conceito de computação pervasiva que
permite que qualquer objeto possa comunicar com os serviços, sensores, pessoas e objetos
sem intervenção humana. Entretanto, o rápido crescimento da conectividade com as
aplicações inteligentes através de sistemas autônomos conectados com a internet permitiu
a exposição de inúmeras vulnerabilidades dos sistemas IoT para usuários maliciosos.
Esta dissertação desenvolveu um novo framework de cibersegurança baseada em
ontologia para melhorar a segurança em sistemas IoT usando uma análise ontológica
para a adaptação de serviços de segurança apropriados endereçados para as ameaças. A
composição dessa proposta explora duas abordagens: (1) tempo de projeto, o qual oferece
um método dinâmico para construir serviços de segurança através da aplicação de uma
metodologia dirigida a modelos, considerando processos empresariais existentes; e (2)
tempo de execução, o qual envolve o monitoramento do ambiente IoT, a classificação de
vulnerabilidades e ameaças, e a atuação no ambiente garantindo a correta adaptação dos
serviços existentes.
Duas abordagens de validação foram utilizadas para demonstrar a viabilidade da
implementação do framework de cibersegurança proposto. Isto implica na avaliação da
ontologia para oferecer uma avaliação qualitativa baseada na análise de diversos critérios
e também uma prova de conceito implementada e testada usando cenários específicos.
Esta dissertação foi validada adotando uma metodologia que segue a validação na
comunidade científica através da validação técnica na aplicação do nosso conceito em
um cenário industrial.
39
Chen, Po-Cheng, and 陳柏誠. "A Multi-layer Reconfiguration Framework on the Grid-enabled DSM System: Teamster-G." Thesis, 2006. http://ndltd.ncl.edu.tw/handle/29360313219712997723.
Full textAbstract:
碩士<br>國立成功大學<br>電腦與通信工程研究所<br>94<br>Many studies have shown that a large number of computational powers could be exploited in the Grid environment. However, there are two new problems needed to be solved due to the characteristics of the Grid environment, which are the dynamicity and the non-dedication of the Grids. These problems will cause the performance slowdown of both Grid systems’ guest applications and Grid resources providers’ host applications. For solving these problems, we present the multi-layer reconfiguration framework for the Grids in this thesis. Our multi-layer reconfiguration framework provides three incremental abilities, i.e. virtual processor reconfiguration, node reconfiguration and cluster reconfiguration, to adapt diverse workload conditions of the Grid resources. The proposed multi-layer reconfiguration framework is implemented on Teamster-G, which is a transparent Grid-enabled distributed shared memory system. According to our experiments, our multi-layer reconfiguration framework can allow Teamster-G not only to fully utilize abundant CPU cycles available in the Grid environment but also to minimize the resource contention with Grid resource providers. More importantly, our work can also effectively prompt the throughput of the whole Grid resources as well.
40
Wen, Wang Hsiang, and 王湘雯. "Utilizing Goffman’s Theoretical Framework of Dramaturgic Approach to Examine the Dining Servers’ Performance: a Case Study of a T. G. I. Friday’s." Thesis, 2008. http://ndltd.ncl.edu.tw/handle/06311562289966752263.
Full textAbstract:
碩士<br>國立臺灣藝術大學<br>戲劇與劇場應用學系<br>96<br>The sociologist Erving Goffman (1922-1982) used the concept of the theater metaphor to analyze how people interact in our everyday performance. He examined the roles taken on by the individuals, what the different aspects of these roles are, how the individuals interpret these roles, and how the individual distances himself or herself from the role. He explained how individuals go through their lives like actors on a stage playing out their roles for others.
In recent years, the food and beverage industry in Taiwan has been developing vigorously, and gradually becoming the primary one. In addition, many delicacies reports and cook-off promulgate that people sufficiently value it; however, in order to become the best one in the food and beverage industry, except for the food innovation and the delicacy, the dining servers standing in first line in restaurants are more important, and the service become an important link in the food and beverage industry. The food and beverage industry starts focusing on the service rather than just selling the food which conforms to the experience demands of modern life.
The purpose of this thesis is to examine the dining severs’ work in T. G. I. Friday’s in Taipei by using Goffman’s theoretical framework of dramaturgic approach The Presentation of Self in Everyday Life.
41
Perrichon, Lisa. "Kybernetická bezpečnost ve vesmírném prostoru: Rámec zvládání rizik spojených s kybernetickými útoky a model vylepšení evropských politik." Master's thesis, 2018. http://www.nusl.cz/ntk/nusl-389505.
Full textAbstract:
Cyber attacks can target any nodes of the space infrastructure, and while these attacks are called non-violent, there is a credible capability to use cyber attacks to cause direct or indirect physical damage, injury or death. However, the vulnerability of satellites and other space assets to cyber attack is often overlooked, which is a significant failing given society's substantial and ever increasing reliance on satellite technologies. Through a policy analysis, this dissertation assess the set of political provisions provided by the European Union to address the cyber security issue of the space infrastructure. Such study aims at exploring the geopolitical consequences linked to space cyber security risks, and at assessing the political preparedness of the European Union to address these challenges. The perspective of transatlantic cooperation to further support both American and European effort to tackle this security risk is also addressed. The overarching value of the study is to contribute to future European cyber security for space and transatlantic debates by providing useful perspectives and key takeaways on these two domains. Ultimately, he existing set of policies are not sufficient to address the cyber security issue in Outer Space, a unified approach by the European Union and the United...
42
Rengasamy, Vasudevan. "A Runtime Framework for Regular and Irregular Message-Driven Parallel Applications on GPU Systems." Thesis, 2014. http://etd.iisc.ac.in/handle/2005/3193.
Full textAbstract:
The effective use of GPUs for accelerating applications depends on a number of factors including effective asynchronous use of heterogeneous resources, reducing data transfer between CPU and GPU, increasing occupancy of GPU kernels, overlapping data transfers with computations, reducing GPU idling and kernel optimizations. Overcoming these challenges require considerable effort on the part of the application developers. Most optimization strategies are often proposed and tuned specifically for individual applications.
Message-driven executions with over-decomposition of tasks constitute an important model for parallel programming and provide multiple benefits including communication-computation overlap and reduced idling on resources. Charm++ is one such message-driven language which employs over decomposition of tasks, computation-communication overlap and a measurement-based load balancer to achieve high CPU utilization. This research has developed an adaptive runtime framework for efficient executions of Charm++ message-driven parallel applications on GPU systems.
In the first part of our research, we have developed a runtime framework, G-Charm with the focus primarily on optimizing regular applications. At runtime, G-Charm automatically combines multiple small GPU tasks into a single larger kernel which reduces the number of kernel invocations while improving CUDA occupancy. G-Charm also enables reuse of existing data in GPU global memory, performs GPU memory management and dynamic scheduling of tasks across CPU and GPU in order to reduce idle time. In order to combine the partial results obtained from the computations performed on CPU and GPU, G-Charm allows the user to specify an operator using which the partial results are combined at runtime. We also perform compile time code generation to reduce programming overhead. For Cholesky factorization, a regular parallel application, G-Charm provides 14% improvement over a highly tuned implementation.
In the second part of our research, we extended our runtime to overcome the challenges presented by irregular applications such as a periodic generation of tasks, irregular memory access patterns and varying workloads during application execution. We developed models for deciding the number of tasks that can be combined into a kernel based on the rate of task generation, and the GPU occupancy of the tasks. For irregular applications, data reuse results in uncoalesced GPU memory access. We evaluated the effect of altering the global memory access pattern in improving coalesced access. We’ve also developed adaptive methods for hybrid execution on CPU and GPU wherein we consider the varying workloads while scheduling tasks across the CPU and GPU. We demonstrate that our dynamic strategies result in 8-38% reduction in execution times for an N-body simulation application and a molecular dynamics application over the corresponding static strategies that are amenable for regular applications.
43
Rengasamy, Vasudevan. "A Runtime Framework for Regular and Irregular Message-Driven Parallel Applications on GPU Systems." Thesis, 2014. http://hdl.handle.net/2005/3193.
Full textAbstract:
The effective use of GPUs for accelerating applications depends on a number of factors including effective asynchronous use of heterogeneous resources, reducing data transfer between CPU and GPU, increasing occupancy of GPU kernels, overlapping data transfers with computations, reducing GPU idling and kernel optimizations. Overcoming these challenges require considerable effort on the part of the application developers. Most optimization strategies are often proposed and tuned specifically for individual applications.
Message-driven executions with over-decomposition of tasks constitute an important model for parallel programming and provide multiple benefits including communication-computation overlap and reduced idling on resources. Charm++ is one such message-driven language which employs over decomposition of tasks, computation-communication overlap and a measurement-based load balancer to achieve high CPU utilization. This research has developed an adaptive runtime framework for efficient executions of Charm++ message-driven parallel applications on GPU systems.
In the first part of our research, we have developed a runtime framework, G-Charm with the focus primarily on optimizing regular applications. At runtime, G-Charm automatically combines multiple small GPU tasks into a single larger kernel which reduces the number of kernel invocations while improving CUDA occupancy. G-Charm also enables reuse of existing data in GPU global memory, performs GPU memory management and dynamic scheduling of tasks across CPU and GPU in order to reduce idle time. In order to combine the partial results obtained from the computations performed on CPU and GPU, G-Charm allows the user to specify an operator using which the partial results are combined at runtime. We also perform compile time code generation to reduce programming overhead. For Cholesky factorization, a regular parallel application, G-Charm provides 14% improvement over a highly tuned implementation.
In the second part of our research, we extended our runtime to overcome the challenges presented by irregular applications such as a periodic generation of tasks, irregular memory access patterns and varying workloads during application execution. We developed models for deciding the number of tasks that can be combined into a kernel based on the rate of task generation, and the GPU occupancy of the tasks. For irregular applications, data reuse results in uncoalesced GPU memory access. We evaluated the effect of altering the global memory access pattern in improving coalesced access. We’ve also developed adaptive methods for hybrid execution on CPU and GPU wherein we consider the varying workloads while scheduling tasks across the CPU and GPU. We demonstrate that our dynamic strategies result in 8-38% reduction in execution times for an N-body simulation application and a molecular dynamics application over the corresponding static strategies that are amenable for regular applications.
44
Lindová, Jitka. "Možnosti didaktického využití Židovského muzea v Praze pro výuku v rámci občanského a společenskovědního základu RVP G." Master's thesis, 2017. http://www.nusl.cz/ntk/nusl-346716.
Full textAbstract:
This diploma thesis is focused on possibilities of civil and social/scientific basis education along with use of activities of the Jewish museum in Prague and its action. Theoretical part of the thesis compares three different perspectives of the museum as an institution and represents museological, pedagogical and museum- pedagogical knowledge. Furthermore, this part describes the relation between the museum and school as well as the museum and society. This part also contains characteristics of the Jewish museum activities and its history. Last passage of theoretical part includes a presentation of project education as a form of teaching. Practical part involves education project on human rights subject for students of secondary school. Theoretical part of the diploma thesis is based on study of technical literature, practical part comes out from Framework Education Programme for Secondary General Education. KEYWORDS Framework Education Programme for Secondary General Education, museum education, project teaching, Jewish Museum in Prague, human rights.
45
Scharnaglová, Luisa. "Religionistická témata ve výuce Občanského a společenskovědního základu Rámcových vzdělávacích plánů pro gymnázia." Master's thesis, 2016. http://www.nusl.cz/ntk/nusl-343209.
Full textAbstract:
This thesis deals with the topic of teaching religious topics at secondary schools according to Framework Education Programme for Secondary General Education. Also, the aspect of education towards tolerance and preventing religious xenophobia in multicultural society is involved. The thesis is divided into three parts. The first part is focused on the theoretical background and includes interpretation of formal documents that the teacher must take into consideration when teaching this topic, (such as textbooks, national curricular documents and recommendations). The approach in other countries is mentioned as well. The theoretical part involves a minimal amount of knowledge that the teacher should know and be able to implement while teaching the topic this work is focused on. The second part contains a qualitative research concentrating on finding students' preconceptions towards the topic of the thesis. The research method was a profound dialogue with five students of secondary schools. The students were of different age, sex, religious opinion, nationality and socio- economical background. The data were analysed regarding the areas of knowledge, abilities and opinions. The last part of this work deals with solving particular methodological situation when discussing the topic of this thesis. There...
46
SERVÍTOVÁ, Jana. "Mediální výchova v hodinách anglického jazyka." Master's thesis, 2011. http://www.nusl.cz/ntk/nusl-79509.
Full textAbstract:
This diploma thesis focuses on Media Education in English language classes. The first section introduces media in general and deals with media education and its place in Framework Educational Programme for grammar schools. Next part monitors the ways of using media education in other school subjects and describes methodology itself. On the basis of this knowledge some of the methodological books are analysed. The last part of the first section introduces advertisements and their main characteristics. The second section presents a project of media education which is called Advertisement and Slogan. The project was prepared to be used in three English lessons. The structure, aims and methods of each of them as well as lesson plans and the process of each lesson are described in detail. The final part is devoted to students? and teacher?s evaluations.
47
Vozný, Martin. "Maturita z výtvarné výchovy." Master's thesis, 2019. http://www.nusl.cz/ntk/nusl-438667.
Full textAbstract:
Vozný, M.: Graduation from art education. [Diploma thesis] Prague 2019. Charles University - Faculty of Education, Department of art education, počet stran:85. The diploma thesis focuses on the topic of graduation, specifically on the graduation from art education. Within the theoretical aspects, study documents, the Education Act and the relevant decrees are examined in terms of form and content. Part of the thesis is also a research part that is based on qualitative research. It brings the knowledge created on the basis of the visits made and performs structured in-depth interviews with audio recordings at pre-selected grammar schools. The information obtained from the field continues to reflect and undergo the relevant research proposal, which is an established theory. Audiobooks from research interviews are subsequently overwritten and open, axial and selective encoding of documents. The output is a look at the newly discovered relationships and categories that are related to the creation of the content, form and reflection of the graduation from art education. The result of the thesis is the creation of the own design of graduation from art education, which is based on a semantic approach. Keywords: Graduation, art education, research, upper secondary school, curricular documents, education...