To see the other types of publications on this topic, follow the link: Home computer security.
Dissertations / Theses on the topic 'Home computer security'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 34 dissertations / theses for your research on the topic 'Home computer security.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Frisk, Ulf, and Semir Drocic. "The State of Home Computer Security." Thesis, Linköping University, Department of Electrical Engineering, 2004. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-2584.
Full textAbstract:
Hundreds of millions of people use their home computers every day for different purposes. Many of them are connected to the Internet. Most of them are unaware of the threats or do not know how to protect themselves. This unawareness is a major threat to global computer security.
This master thesis starts by explaining some security related terms that might be unknown to the reader. It then goes on by addressing security vulnerabilities and flaws in the most popular home computer operating systems. The most important threats to home computer security are reviewed in the following chapter. These threats include worms, email worms, spyware and trojan horses. After this chapter some possible solutions for improving home computer security are presented. Finally this master thesis contains a short user survey to find out what the problems are in the real world and what can be doneto improve the current situation.
2
Uhlán, Christian. "Security in Digital Home Visits." Thesis, Luleå tekniska universitet, Datavetenskap, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-74989.
Full textAbstract:
The purpose of this thesis is to study security for digital home visits, where traditional home visits are replaced by digital home visits using digital technology. The report examines the safety aspects for welfare technology solutions where data is collected from sensor systems and digital platforms and examines di↵erent Swedish laws that implies on a digital home visit. The study proposes an implementation of a prototype application to support users, relatives, and healthcare professionals to conduct digital home visits in a safe manner. The chosen scenario of the digital home visit was to check whether the person has eaten food during the day or not. This was done in a lab kitchen at Lule°a University of Technology with help of Z-wave sensors and a implemented systems. The result is displayed on a secure website. The solution is discussed and compared to other technical solutions of this problem and also to several Swedish laws. This paper finishes with a section aimed to provide a variety of recommendations when implementing a similar system.
3
Edwards, Keith. "Examining the Security Awareness, Information Privacy, and the Security Behaviors of Home Computer Users." NSUWorks, 2015. http://nsuworks.nova.edu/gscis_etd/947.
Full textAbstract:
Attacks on computer systems continue to be a problem. The majority of the attacks target home computer users. To help mitigate the attacks some companies provide security awareness training to their employees. However, not all people work for a company that provides security awareness training and typically, home computer users do not have the incentive to take security awareness training on their own. Research in security awareness and security behavior has produced conflicting results. Therefore, it is not clear, how security aware home computer users are or to what extent security awareness affects the security behavior of home computer users. The goal of this study was to determine if there is a relationship between security awareness and users practicing good security behavior.
This study adapted its research model from the health belief model (HBM), which accesses a patient’s decision to perform health related activities. The research model included the HBM constructs of perceived severity, perceived susceptibility, perceived threat, perceived benefits, perceived barriers, cues to action, and self-efficacy. The research model also contained the security awareness (SA) and concern for information privacy (CFIP) constructs. The model used SA to ascertain the effect of security awareness on a person’s self-efficacy in information security (SEIS), perceived threat, CFIP, and security behavior. The research model included CFIP to ascertain its effect on security behavior.
The developed survey measured the participants' security awareness, concern for information privacy, self-efficacy, expectations of security actions, perceived security threats, cues to action, and security behavior. SurveyMonkey administered the survey. SurveyMonkey randomly selected 267 participants from its 30 million-member base.
The findings of this study indicate home computer users are security aware. SA does not have a direct effect on a user’s security behavior, perceived threat, or CFIP. However, it does have influence on SEIS. SEIS has a weak effect on expectations. CFIP has an effect on a user’s security behavior after removing perceived threat from the research model. Perceived susceptibility has a direct effect on a user’s security behavior, but perceived severity or perceived threat does not.
4
Åhlfeldt, Rose-mharie. "Information Security in Home Healthcare." Thesis, University of Skövde, Department of Computer Science, 2001. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-618.
Full textAbstract:
Healthcare is very information-intensive. Hence, it has become necessary to use the support of computers in order to efficiently improve such an information-intensive organisation.
This thesis points out deficiencies in the area of information security in home healthcare regarding personal integrity and secrecy. Home healthcare is, in Sweden, performed by the municipalities. The work is based on the recommendations and common advice for processing of personal data compiled by the Data Inspection Board. Two municipalities in the Västra Götaland Region have been investigated. One of the municipalities has a manual system and the other has a computerized system for personal data management.
The work includes a field study where persons from both municipalities have been observed. It also includes interviews based on the comprehensive questions from the Data Inspection Board and questions arisen from the observations.
The work shows that a very clear need of training among personnel involved in home healthcare. It also shows the need for elaborate security measures including levels on access profiles. A weak point concerning security is also the heavy use of facsimile transmission for information distribution.
5
Tang, Jin. "Mobile IPv4 Secure Access to Home Networks." Diss., Georgia Institute of Technology, 2006. http://hdl.handle.net/1853/11536.
Full textAbstract:
With the fast development of wireless networks and devices, Mobile
IP is expected to be used widely so that mobile users can access
the Internet anywhere, anytime without interruption. However, some
problems, such as firewall traversal and use of private IP
addresses, restrict use of Mobile IP. The objective of this thesis
is to design original schemes that can enable a mobile node at
abroad to access its home network as well as the Internet securely
and that can help Mobile IP to be used widely and commercially.
Our solutions are secure, efficient, and scalable. They can be
implemented and maintained easily. In this thesis, we mainly
consider Mobile IPv4, instead of Mobile IPv6. Three research
topics are discussed. In each topic, the challenges are
investigated and the new solutions are presented.
The first research topic solves the firewall traversal problems in
Mobile IP. A mobile node cannot access its firewall-protected home
network if it fails the authentication by the firewall. We propose
that an IPsec tunnel be established between the firewall and the
foreign agent for firewall traversal and that an IPsec transport
security association be shared by the mobile node and a
correspondent node for end-to-end security.
The second topic researches further on firewall traversal problems
and investigates the way of establishing security associations
among network entities. A new security model and a new key
distribution method are developed. With the help of the security
model and keys, the firewall and the relevant network entities set
up IPsec security associations to achieve firewall traversal.
A mobile node from a private home network cannot communicate with
other hosts with its private home address when it is visiting a
public foreign network. A novel and useful solution is presented
in the third research topic. We suggest that the mobile node use
its Network Access Identifier (NAI) as its identification and
obtain a public home address from its home agent. In addition, a
new tunnel between the mobile node and its home agent is proposed.
6
Christensson, Daniel, and Emelie Eriksson. "The Smart Home From a Security Perspective." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-40185.
Full textAbstract:
Based on the fact that many electronic devices are digitalized in our world in order to facilitate our lives, there is a large potential for development in the home. Smart Home solutions are giving us the opportunity to control and manage for example alarms, electricity and surveillance but the technology's rapid improvement paves the way for issues related to security. The objectives for this work will bring up common communication technologies, security and vulnerabilities in the context of a Smart Home and what could be done for future work. In order to investigate the objectives, a literature study has been conducted together with an experiment. The experiment result exploits a weakness in a common Smart Home technology used in the network enable devices in the form of threats and vulnerabilities. In order to mitigate and minimize threats and vulnerabilities one conclusion is that a security policy could be produced. This security policy should provide the user with good practice of how to manage security in order to mitigate vulnerabilities and threats within the Smart Home.
7
Modig, Dennis. "Assessing performance and security in virtualized home residential gateways." Thesis, Högskolan i Skövde, Institutionen för informationsteknologi, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-9966.
Full textAbstract:
Over the past years the use of digital devices has increased heavily, and home networks continue to grow in size and complexity. By the use of virtualized residential gateways, advanced functionality can be moved away from the home and thereby decrease the administrative burden for the home user. Using virtualizing residential gateways instead of physical devices creates new challenges. This project is looking in to how the choice of virtualization technology impacts performance and security by investigating operating system level virtualization in contrast to full virtualization for use in home residential gateways. Results show that operating system level virtualization uses fewer resources in terms of disk, memory, and processor in virtualized residential gateways. The results also show that with choice of setups and virtualization technologies different security issues arises, which has been analyzed in lab environment. Recommendations regarding solutions to security issues are proposed in the concluding parts of this thesis.
8
Jonnalagadda, Hari Krishna. "Secure Communication Scheme in Smart Home Environment." Scholar Commons, 2016. http://scholarcommons.usf.edu/etd/6270.
Full textAbstract:
Internet of Things, has started to mark its existence from past few years. Right from its inception with a coke machine at Carnegie Mellon University, it has come a long way, connecting billions of devices to internet. This journey is well supported by the advancements in networking, hardware miniaturization and sensing capabilities. Diverse nature of applications of Internet of Things, has cut the communication barriers between the varieties of fields ranging from manufacturing industry to health-care industry. Smart Home is one such application of Internet of Things. Connectivity of home appliances, to achieve automation in living, defines Smart Home. Out of welter of applications that are derived from Internet of Things, this thesis concentrates on Smart Home. Smart Home, in practical is expected to conserve lot of energy, by achieving automation of home appliances, on par with best living experience. Existing technologies such as Z-wave, One-Net, ZigBee, Insteon, had already occupied the Smart Home communication. However, these technologies face the problem of identifying the smart devices uniquely and also exhibit security vulnerabilities. Proposed scheme exploits accelerometer fingerprinting to identify the smart devices uniquely. Security vulnerabilities of existing protocols are addressed by encrypting the data on move with CCM mode of AES encryption.
9
Claar, Chester L. "The Adoption of Computer Security: An Analysis of Home Personal Computer User Behavior Using the Health Belief Model." DigitalCommons@USU, 2011. https://digitalcommons.usu.edu/etd/878.
Full textAbstract:
The primary purpose of this research was to examine the adoption of computer security software in the home computer environment. The use of the Health Belief Model as a framework to design a model to examine home user adoption of computer security provided the basis for this research.
The method of the investigation was a cross-sectional study using a self-reported web-based survey to test the theoretical model derived from the Health Belief Model. The survey targeted individuals who are responsible for the selection, installation, and maintenance of software on their home computers. The data collection relied on a snowball sampling technique that recruited a total of 186 participants who completed the online survey.
The research model contains a total of 26 hypothesized relationships that were tested using multiple regression analysis techniques. The research model contains six main predicting variables (perceived vulnerability, perceived severity, perceived benefits, perceived barriers, self-efficacy, and cues to action) and four moderating variables (age, gender, education, and prior experience of attack). The model explains 30.4% of the variance in computer security usage, the dependent variable in the research model.
The results demonstrate that certain constructs found in the Health Belief Model are more effective than others in motivating individuals to utilize computer security software. Specifically, the results show that perceived vulnerability (H1), perceived barriers (H4), self-efficacy (H5), and the two-way interactions of age and barriers (H8d), education and benefits (H9c), prior experience and perceived severity (H10b), and prior experience and self-efficacy (H10e) had significant effects on computer security usage. Additionally, prior experience was found to have a significant main effect on the dependent variable.
Information from this research provides evidence that the Health Belief Model can be used to study the computer security usage behavior of home computer users. Further, the relationship of perceived vulnerability and computer security usage provides a way for practitioners to increase computer security usage behavior through targeted media campaigns.
10
Andersen, Adelina. "Exploring Security and Privacy Practices of Home IoT Users." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-303002.
Full textAbstract:
Internet of Things (IoT) devices are becoming more and more common in homes, making the security and privacy of these increasingly important. Previous research has found that home IoT users can become a threat to themselves if they lack knowledge of their devices and awareness of potential threats. To investigate how the users’ security and privacy practices can be improved, it is necessary to understand the current everyday practices and what impacts these. This is examined in 10 interviews, revealing that the practices are primarily influenced by convenience, motivation and the effort required from the user. Using these insights, this thesis suggests that tangible interaction needs to be used as a complement to digital solutions to improve the security and privacy practices. By having a physical object that in a simple way can inform everyone of the current security and privacy situation and is equally accessible for all members of a household, the security and privacy can become more attainable for all users no matter their level of knowledge and experience.Internet of Things (IoT) enheter har blivit vanligt förekommande i hem vilket gör deras säkerhet och integritet allt viktigare. Det har tidigare visats att användare av IoT i hemmet kan utgöra ett hot mot sig själva om de saknar kunskap om enheterna och kännedom om potentiella hot. För att undersöka hur användarnas vanor kring säkerhet och integitet kan förbättras är det först nödvändigt att utforska de nuvarande vanorna och vad som påverkar dessa. Detta undersöks i tio intervjuer som visar att vanorna främst påverkas av bekvämlighet, motivation och ansträngningen som krävs av användaren. Utifrån dessa insikter föreslås det att fysisk interaktion används som ett komplement till digitala lösningar för att förbättra vanorna kring säkerhet och integritet. Genom att ha ett fysiskt objekt som på ett enkelt sätt kan förmedla enheternas nuvarande status och är lika tillgängligt för alla medlemmar i ett hushåll kan säkerhet och integritet bli mer uppnåeligt för alla användare, oavsett deras nivå av kunskap och erfarenhet.
11
Ivancevic, Dean. "Privacy and security of IoT : A smart home perspective." Thesis, Linnéuniversitetet, Institutionen för informatik (IK), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-99071.
Full textAbstract:
In a world where technological progress is constant, understanding the views and experiences of users is essential. With the use of technology, there are many dangers. Issues with privacy and security are among them. This thesis deals with understanding the perception of privacy and security of smart home IoT devices. The literature review consists of understanding concepts of trust, possible ways of intrusion, and prevention and elaborating more about the Internet of Things technology and smart homes. The review also contains notes on previous findings of the user's perception. The review of the literature also connects possible ways of intrusion with the underlying IoT architecture as well as explains notions of privacy by design, compliance, and GDPR. To understand the phenomenon of privacy and security in the context of a smart home, a simple qualitative study was conducted. Sixteen participants who are part of the general public were interviewed. The collected information was analyzed using a general inductive approach, and answers were grouped into categories as suggested by Thematic Analysis. Interviews were done online and a transcript summary can be found in the last Appendix. The findings from the interviews suggest that privacy and convenience matter most to the users. Participants demonstrated a willingness to purchase if they perceived a device as something that will increase their quality of life and were willing to share data such as location but they were not willing to lose anonymity. What type of data and for what purpose was mentioned as most important. When it comes to security attacks, participants were less worried about how it might happen and more worried about what might happen to them and what are the consequences for them. In the conclusion of the study, I present advice for students and academia, device manufacturers, and service providers as well as the general public as the last main stakeholder. Since technology is not static, it would be of importance to revisit topics of privacy and security of IoT.
12
Olegård, Johannes. "Security & Forensic Analysis of an Internet of Things Smart Home Ecosystem." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-289579.
Full textAbstract:
The Internet of Things (IoT) is an ongoing trend where a multitude of internet- connected devices become more common. Many of these devices have easily exploitable security vulnerabilities. This has led to large-scale cyberattacks such as the Mirai botnet Distributed Denial of Service (DDOS) attacks. More cybercrime can be expected in the future, especially as the number and types of IoT devices grow. In this work, the security of an IoT ecosystem was investigated from two perspectives: security testing and Digital Forensics (DF). Security testing was used to search the Application Programming Interfaces (APIs) of the IoT ecosystem for security vulnerabilities. Three Static Application Security Testing (SAST) Tools were used to search the source code of the cloud part of the system. A manual review was done to search the system as whole, with the guide of common vulnerability lists from the Open Web Application Security Project (OWASP). As a result, severe security vulnerabilities were found. A DF experiment was conducted where actions were taken in five Android smartphone apps to control six IoT devices (two are from aforementioned IoT ecosystem). The contents of the smartphone was then examined for forensic evidence of those actions. Additionally the contents one of the IoT devices was also examined for evidence. It was concluded that only limited evidence of the actions could be found. Additionally, various challenges were identified.Det så kallade Sakernas Internet (eng. Internet of Things, IoT) området är en pågående och ökande trend. Trenden handler om att olika enklare enheter ansluts mot internet i stort antal. IoT-enheter har utsatts för, och utnyttjats i, cyber attacker som i exempelvis det så kallade “Mirai botnet”. Allt fler IoT-relaterade brott kan förväntas i framtiden, speciellt eftersom antalet IoT- enheter blir allt fler och mer diversifierade. I den här uppsatsen undersöks säkerheten i ett IoT ekosystem utifrån två aspekter: “security testing” (säkerhetstesting) och “digital forensics”. På svenska kalls digital forensics för “IT-forensik” (kriminalteknik inom informationsteknik) eller digital-forensik. Säkerhetstestning användes för att hitta sårbarheter i det undersökta IoT ekosystemets olika applikationsprogrammeringsgränssnitt. Tre olika verktyg av typen Static Application Security Testing (SAST) användes i undersökningen för att granska den kod som motsvarar moln-delen av systemet. Utöver de tre verktygen, undersöktes systemet också manuellt. Den manuella undersökning utgick från de listor av vanliga typer av sårbarheter som finns publicerade av organisationen Open Web Application Security Project (OWASP). Resultatmässigt hittades flera allvarliga sårbarheter i systemet. Digital forensics-delen av projektet bestod av ett experiment där en Android telefon, sex IoT-enheter (två från det ovannämnda IoT ekosystemet) och fem motsvarande Android-appar undersöktes. Experimentet bestod av att utföra olika handlingar i apparna (till exempel att skicka ett kommando till en IoT- enhet), och sedan av att leta bevis för de handlingarna. För att hitta bevis undersöktes innehållet på telefonen och innehållet på en av IoT-enheterna. Slutsatsen av experimentet är att bara få och begränsade bevis kunde hittas. Utmaningarna som påträffades i experimentet jämfördes med utmaningarna beskrivna i forskningslitteraturen inom digital forensics.
13
Shakhshir, Saad Zafer. "IntuiSec : a framework for intuitive user interaction with security in the smart home." Thesis, Massachusetts Institute of Technology, 2007. http://hdl.handle.net/1721.1/41668.
Full textAbstract:
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.Includes bibliographical references (p. 99-104).
This thesis presents IntuiSec, a framework for intuitive user interaction with Smart Home security. The design approach of IntuiSec is to introduce a layer of indirection between user-level intent and the system-level security infrastructure. This layer is implemented by a collection of distributed middleware and user-level tools. It encapsulates system-level security events and exposes only concepts and real-world metaphors that are intuitive to non-expert users. It also translates user intent to the appropriate system-level security actions. The IntuiSec framework presents the user with intuitive steps for setting up a secure home network, establishing trusted relationships between devices, and granting temporal, selective access for both home occupants and visitors to devices within the home. The middleware exposes APIs that allow other applications to present the user with meaningful visualizations of security-related parameters and concepts. I present the IntuiSec system design and an example proof-of-concept implementation, which demonstrates the user experience and provides more insight into the framework.
by Saad Safer Shakhshir.
M.Eng.
14
Jose, Arun Cyril. "Intelligent home automation security system based on novel logical sensing and behaviour prediction." Thesis, University of Pretoria, 2017. http://hdl.handle.net/2263/65012.
Full textAbstract:
The thesis, Intelligent Home Automation Security System Based on Novel Logical Sensing and Behavior Prediction, was designed to enhance authentication, authorization and security in smart home devices and services. The work proposes a three prong defensive strategy each of which are analyzed and evaluated separately to drastically improve security. The Device Fingerprinting techniques proposed, not only improves the existing approaches but also identifies the physical device accessing the home cybernetic and mechatronic systems using device specific and browser specific parameters. The Logical Sensing process analyses home inhabitant actions from a logical stand point and develops sophisticated and novel sensing techniques to identify intrusion attempts to a home’s physical and cyber space. Novel Behavior prediction methodology utilizes Bayesian networks to learn normal user behavior which is later compared to distinguish and identify suspicious user behaviors in the home in a timely manner. The logical sensing, behavior prediction and device fingerprinting techniques proposed were successfully tested, evaluated and verified in an actual home cyber physical system. The algorithms and techniques proposed in the thesis can be easily modified and adapted into many practical applications in Industrial Internet of Things, Industry 4.0 and cyber-physical systems.Thesis (PhD)--University of Pretoria, 2017.
Electrical, Electronic and Computer Engineering
PhD
Unrestricted
15
Zarenejad, Afshin. "The Impact of Social Digital Behavior on Digital Natives' Computer Security Behavior at Home - A Regression Study." Thesis, Capella University, 2018. http://pqdtopen.proquest.com/#viewpdf?dispub=10933017.
Full textAbstract:
Computer system end-users, whether at home or work, have been described as the weakest link in a computer security network. End-users frequently encounter warnings intended to prevent them from engaging in potentially dangerous activities and navigating to potentially malicious sites. However, end-users exhibit behaviors that violate safe computing and Internet use. End-users are either digital natives (born in or after 1982) or digital immigrants (born before 1982). This regression research study addresses the extent to which social behavior (measured by response efficacy, self-efficacy, and social influences) impacts the home computer user’s security behavior, controlling for digital natives. A survey was conducted from a random sample of individuals 21 years of age or older who own a personal computer and are responsible for its maintenance and repairs. The survey intended to determine to what extent do response efficacy, self-efficacy, and social influence impact security behavior of the home computer user, controlling for whether the user is a digital native or digital immigrant. The data was analyzed by using hierarchical linear regression. It was determined that when controlling for the effect of being a digital native, response efficacy and social influence were significantly predictive of behavioral intentions, while self-efficacy was not significantly predictive of behavioral intentions. This study shows that home computer users believe that (a) the security process is essential (response efficacy) and (b) they do not want to be seen in a negative light by their peers (social influence) but (c) that they may not actually change their personal behavior (self-efficacy) when making decisions vis-à-vis the security of their personal computers (security behavioral intentions). It was found that use of persuasive communications can affect the user’s security behavioral intention. Despite the implementation of fear appeals, some users have not changed their decision-making process to ensure the security of their systems.
16
Hammarstrand, Johanna, and Tommy Fu. "Information security awareness and behaviour: of trained and untrained home users in Sweden." Thesis, Högskolan i Borås, Akademin för bibliotek, information, pedagogik och IT, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:hb:diva-10457.
Full textAbstract:
Today we live in an information society that is constantly growing in terms of the amount of information that are processed, stored, and communicated. Information security is a field that is of concern for both the individual and the society as a whole, as both groups are exposed to information every day. A society like this will demand more emphasis on information security. Previous researchers that has addressed this problem argues that security awareness is the most significant factor in order to raise the general security level. They also mention education as a solution to increase the security awareness and thereby achieve a secure environment. The aim of this thesis is to examine the differences between trained and untrained home users in security awareness and behaviour. The research was conducted, using a quantitative method in form of a survey research with the distribution of self-completion questionnaires. The study has a total of 162 respondents that participated. The result was presented and analysed through the use of the software program, IBM SPSS. The results of the findings suggest that the awareness of the trained home users is higher than of those who are untrained home users. Additionally, the discussion suggests that the home users who have participated in awareness raising initiatives, such as education and training, does not necessarily apply more security measures in their home environment, than those who are regarded as untrained home users. Hence, this study suggests that the increase in awareness may not necessarily be the only factor that affects the user’s behaviour, since those who have not participated in awareness raising initiatives applies security measures, almost to the same extent to those who have. This thesis might be able to act as a foundation for future research within the field, considering that the research is a comparative study between trained and untrained home users of the variables security awareness and behaviour where the found results, does not fully agree with previous research. However, an increase in awareness is a good start, but may need to be paired with appropriate training from other parties, such as internet service providers (ISPs) and banks. Maybe the solution could be to develop and strive for a continuous information security culture of the Swedish society, which may result in a deeper learning and understanding of security issues and inspire home users to be engaged and proactive about their information security behaviour.
17
Gunnarsson, Annicka, Eva Lindros, and Jeff Winter. "Viewing patients' x-rays in the radiologist's home." Thesis, Blekinge Tekniska Högskola, Institutionen för programvaruteknik och datavetenskap, 2002. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-2264.
Full textAbstract:
Our assignment was to present a report to the radiology clinic at the County Hospital in Blekinge, evaluating the risks inherent in transferring patient information via Internet between the radiologist?s home and the hospital and presenting suggestions to the clinic for mechanisms by which the privacy and personal health of the patient can be ensured. Our aim was to investigate how to maintain an acceptable level of security to ensure that the patient?s privacy and security are not threatened. We wanted to present a list of measures that the clinic should take to ensure that security is maintained. We have used several different methods during our investigation: literature studies; a case study at Blekinge County Council?s x-ray clinic that includes interviews with the head of the clinic, the System Manager and System Administrators and e-mail interviews with other relevant personnel. Using these methods, we have concluded that the present working method does not fulfil the requirements stated in the theories concerning medical security. To ensure a level of computer security in accordance with the recommendations made in this thesis, it is necessary to take certain measures, which we have listed here. These include the introduction of single session login, the formulation of explicit security policies, a program for user education, the encryption of transmissions, and the use of the audit trail to track system use. All of these measures concern the intended new working method with the introduction of an outside connection; some of them concern the existing system and working method. A system fulfilling these measures will however always encompass risks, even in the safest distributed system. With today?s technologies is there always a risk that could threaten the patient?s privacy or security. This does not mean that a sufficient security level cannot be reached. By following the recommendations presented in this thesis, the x-ray clinic can maintain an acceptable level of security, when the radiologists on back-up duty are viewing x-rays and making diagnoses from home.Vår uppgift var att presentera en rapport till röntgenavdelningen på Blekingesjukhuset, som undersöker vilka risker som uppstår när patientinformation skickas mellan röntgenpersonalens hem och sjukhuset via Internet. Vi ville presentera ett förslag till kliniken innehållande mekanismer för att skydda patientens personliga integritet och fysiska säkerhet. Vårt mål var att undersöka hur en acceptabel säkerhetsnivå kan upprätthållas, för att säkerställa patientens integritet och säkerhet. För att göra detta ville vi presentera en åtgärdslista som kliniken måste vidta för att upprätthålla säkerheten. Vi har använt oss av flera metoder i vår undersökning: litteraturstudier; en Case Study på Blekinge Sjukhusets röntgenklinik, med tillhörande intervjuer med klinikchefen, systemägare och systemadministratörerna samt e-postintervjuer med andra nyckelpersoner. Genom att använda dessa metoder har vi kommit fram till att det nuvarande arbetssättet inte uppfyller kraven som ställs enligt teorier gällande medicinsk säkerhet. För att säkerställa en nivå i enlighet med rekommendationerna som vi presenterar i denna uppsats är det nödvändigt att vidta vissa åtgärder som vi har listat här. Denna inkluderar införande av engångslösenord, formulering av en explicit säkerhetspolicy, ett program för användarutbildning, kryptering av kommunikationer samt användandet av loggade filer för att spåra systemanvändandet. Alla dessa åtgärder gäller det föreslagna nya arbetssättet, som introducerar en koppling utåt från landstingets intranät till röntgenpersonalens hem via Internet; vissa av de gäller det befintliga systemet och arbetssättet. Även om alla krav är uppfyllda så kommer ändå, med dagens teknologi, vissa risker att kvarstå. Detta innebär emellertid inte att tillfredsställande säkerhet inte kan uppnås. Genom att följa rekommendationerna som vi har presenterat i detta arbete kan röntgenkliniken ändå uppnå tillräcklig säkerhet när röntgenpersonalen med jour i hemmet undersöker röntgenbilder och ställer diagnoser hemifrån.
18
Tong, Jizhou. "Design and Implementation Security Testbed (HANSim) and Intrusion Detection System (IDS) for the Home Area Network in the Smart Grid." University of Toledo / OhioLINK, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=toledo1501856291735261.
Full text
19
Hasl, Caroline. "Perceived and Identified Security Risks in Smart Home Technology : A case study of three Chinese companies." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-64903.
Full textAbstract:
The interest and demand for smart home technologies has increased rapidly during the past few years. Due to factors such as convenience, innovation, flexibility, and security, these products are becoming a bigger part of our everyday life. With the increased demand and need for this technology, companies are working quickly to try to meet this demand and need of their customers. The development is becoming faster and faster, and therefore the risk of security being overlooked has increased. Companies want to meet the demand, and by trying to get the products on the market faster, other aspects might be compromised. A country which is often looked to for development and production of products is China. China is believed to be one of the countries with the most promising future for smart technologies and Internet of Things due to the immense investment put into telecommunications, development of technologies, and supporting infrastructure. The research of this thesis sought to investigate what effects the increased interest and demand for smart technologies has had on companies who are working with smart home technology by conducting a multiple case study on three companies in China which are in the smart home technology industry. With this case study, the perspective from the three companies has been gathered and analyzed. The research resulted in finding out the perception which these three companies have on the rapid development of smart home technologies, and the firsthand effects it has had on their individual company.
20
Lindeberg, Axel. "Hacking Into Someone’s Home using Radio Waves : Ethical Hacking of Securitas’ Alarm System." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-302999.
Full textAbstract:
The number of IoT systems in our homes has exploded in recent years. By 2025 it is expected that the number of IoT devices will reach 38 billion. Home alarm systems are an IoT product that has increased dramatically in number and complexity in recent years. Besides triggering an alarm when an intruder tries to break in, a modern system can now control your light bulbs, lock and unlock your front door remotely, and interact with your smart speaker. They are undeniably effective in deterring physical intrusion. However, given the recent rise in complexity how well do they hold up against cyber attacks? In this thesis, a smart home alarm system from SecuritasHome is examined. A comprehensive security analysis was performed using penetration testing techniques and threat modeling. The work focused mainly on radio frequency (RF) hacking against the systems RF communication. Among other things, a critical vulnerability was found in the proprietary RF protocol, allowing an attacker to disarm an armed system and thus completely bypass the system’s functionality. The security of the system was deemed to be lacking.Antalet IoT system i våra hem har exploderat de senaste åren. Vid år 2025 förväntas antalet IoT enheter nå 38 miljarder. Hemlarmsystem är en typ av IoT-produkt som ökat dramatiskt i komplexitet på senare tid. Förutom att framkalla ett larm vid ett intrång kan ett modernt hemlamsystem numera kontrollera dina glödlampor, låsa och låsa upp din ytterdörr, samt kontrollera dina övervakningskameror. De är utan tvekan effektiva på att förhindra fysiska intrång, men hur väl står de emot cyberattacker? I denna uppsats undersöks ett hemlarmsystem från SecuritasHome. En utförlig säkerhetsanalys gjordes av systemet med penetrationstestnings-metodiker och hotmodellering. Arbetet fokuserade mestadels på radiovågshackning (RF) mot systemets RF-kommunikation. Bland annat hittades en kritiskt sårbarhet i systemets RF-protokoll som gör det möjligt för en angripare att avlarma ett larmat system, och därmed kringå hela systemets funktionalitet. Säkerheten av systemet bedömdes vara bristfällig.
21
Floriano, Sanchez Sergio. "A Self-organized Wireless Sensor Network (WSN) for a Home-event Managed System : Design of a cost efficient 6LoWPAN-USB Gateway with RFID security." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-186384.
Full textAbstract:
Wireless Sensor Networks (WSN) have existed for many years in industry applications for different purposes but their use has not been fully extended to the global consumers. Sensor networks have lately resulted to be greatly helpful to people in everyday life, specially in home automation applications for monitoring events, security, and control of devices and different elements in the house by using actuators. One of the main barriers to overcome in order to increase their popularity and achieve an worldwide deployment are costs and integration within other networks. This Thesis investigates the most appropriate choices to avoid those impediments from a hardware and software design perspective, trying to find a cost-efficient solution for the implementation of a simple and scalable wireless sensor network. The present work studies the elements that form part of a constrained network and focuses on the design by analysing several network protocol alternatives, radio transmission mechanisms, different hardware devices and software implementations. Once an optimal solution is found, the construction of a gateway board that starts and coordinates a sensor network will be the main target of this document including the development of an application that manages the sensors. The network is designed to be compliant with the TCP/IP stack by means of 6LoWPAN, an adaptation layer protocol used for comprising IPv6 headers over IEEE 802.15.4 radio links in constrained networks. In addition, a small implementation of CoAP (Constrained Application Protocol) is developed that allows interoperability with the sensor nodes on the application layer, similarly as HTTP does in IP networks. The controller device (gateway) acts as a client for the remote sensor devices (nodes) that behave as servers in the CoAP application. The gateway exchange data and is managed from outside the WSN through a USB interface that can be connected to a computer. Security mechanisms are also considered by providing packet encryption and a method for identification of nodes. The authorization of new nodes entering the network is performed by an RFID reader connected to the gateway. An RFID tag is attached to the sensor nodes with authentication information stored in it. The gateway reads that information through the RFID modules and handle it internally to give access to that node. As a result of this, it is proven from the conclusions of the study the implementation of the gateway that inexpensive, self-managed, scalable WSNs provided with a robust security mechanism can be achieved and easily deployed . The work presented in this document is part of a larger project that also includes the design of sensor boards and the acquisition and analysis of sensor data. These works are mentioned and referenced in the related parts in this text.Trådlösa sensornätverk har funnits i många år inom industrin för olika ändamål, men dess användning har inte helt och hållet nått ut till de globala konsumenterna. Sensornätverk har på senare tid visat sig vara mycket hjälpfulla för människor i deras vardagsliv, och särskilt automatiseringsapplikationer för säkerhet, övervakning och kontroll av apparater och olika delar i huset, genom användning av manöverdon. Ett av de huvudsakliga hindren att ta sig förbi för att kunna öka dess popularitet och skapa en världsomfattande spridning är kostnader, integration inom andra nätverk och en enkel hantering. I den här avhandlingen undersöks vilka som är de lämpligaste alternativen för att undvika hinder ur ett hårdvaru- och mjukvarudesigns-perspektiv, genom att försöka hitta kostnadseffektiva lösningar för implementering av ett trådlöst sensornätverk. Arbetet undersöker de beståndsdelar vilka ett begränsat nätverk består av, samt fokuserar på designen genom att analysera flera olika nätverksprotokollsalternativ, radiosändningsmekanismer, olika hårdvaror och implementering av mjukvara. När väl den optimala lösningen hittats, kommer huvudmålet för detta dokument att vara en gateways konstruktion, vilken sätter igång och koordinerar ett sensornätverk, samt utvecklingen av en applikation som sköter sensorerna. Nätverket är designat för att vara medgörligt med TCP/IP-stacken med hjälp via 6LoWPAN, ett anpassat lagerprotokoll vilket används för att komprimera IPv6-headern i begränsade nätverk över IEEE 802.15.4 radionätverk. Dessutom har en liten implementering av CoAP (Constrained Application Protocol) utvecklats vilket tillåter interoperabilitet med sensornoderna i applikationslagret, liknande HTTP i IP-nätverk. Gatewayen fungerar som en klient för sensornoderna, vilka beter sig som servrar i CoAP-applikationen. Gatewayen utbyter data och styrs utifrån det trådlösa sensornätverket genom ett USB-interface som kan kopplas till datorn. Säkerhetskonstruktioner tas också i akt genom att tillhandahålla kryptering och en metod för att identifiera noder. Behörighet för nya noder i nätverket utförs av en RFID-läsare som är kopplad till gatewayen. En RFID-bricka bifogas sensornoderna med lagrad verifieringsinformation. Porten läser den informationen genom RFID-moduler och hanterar den internt för att ge behörighet till noden. I och med detta är det bevisat, med den implementerade gatewayen och slutsatser från studien, att mycket effektiva, billiga och hanterbara trådlösa sensornätverk med kraftiga säkerhetskonstruktioner kan uppnås och enkelt distribueras. Arbetet som presenteras i det här dokumentet är en del av ett större projekt som också inkluderar uppbyggnaden av sensornoderna samt anskaffning och analys av sensordata. Dessa arbeten nämns och refereras till i de berörda delarna av texten.
22
Liuxinwei, Ma. "Wi-Fi network security : Gender differences in China." Thesis, Högskolan i Borås, Akademin för bibliotek, information, pedagogik och IT, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:hb:diva-8691.
Full textAbstract:
With the development of Wi-Fi networks, Wi-Fi connection become a very important part of people‟s life, it seems that Wi-Fi networks are everywhere, especially in China. However, Wi-Fi networks not only bring convenience to users, but also bring some security threats. Nowadays, Wi-Fi security problems become increasingly acute. This thesis investigates the differences between male and female users regarding Wi-Fi network security. By distributing a questionnaire in China, specific questions have been asked about key factors within the area of Wi-Fi security. The questions focus on the usage situation, information security awareness and the knowledge level in Wi-Fi related fields. The found result is: Wi-Fi security issues are more prominent for female users than for male users.
23
Johansson, Henrik. "En undersökning i datasäkerhet för hemanvändare : Är det nödvändigt att använda brandvägg?" Thesis, Blekinge Tekniska Högskola, Avdelningen för för interaktion och systemdesign, 2006. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-4979.
Full textAbstract:
The emphasize of this study is to evaluate security issues for home users having a personal computer connected to the Internet. It focus on the usage of advantages and disadvantages when using a firewall while connected to the Internet. The hypothesis is that it gives a better protection to install and use a firewall compared not to do so, due to security flaws in the operating system. The prediction was tested on a home user's personal computer. The testwork was divided into two major tests, each of them performed with, respectively without, a firewall. These major tests were divided into five smaller semi tests. The first semitest without a firewall suffered from a virus or worm attack resulting in loss of data and log files. During the other tests no successful intrusion was detected. The conclusion of the study is that usage of a standard configured firewall provides a better protection for home users than not to use a firewall; and it's beneficial to update the operating system and other programs with security updates as soon as possible when they appear.
24
DiGiusto, Dennis Michael. "A protection motivation theory approach to home wireless network security in New Zealand establishing if groups of concerned wireless network users exist and exploring characteristics of behavioral intention : submitted to the School of Information Management, Victoria University of Wellington in partial fulfilment of the requirements for the degree of Master of Information Management /." ResearchArchive@Victoria e-Thesis, 2008. http://hdl.handle.net/10063/1148.
Full text
25
Lagerstrand, Philip. "Säkerhetsmedvetenhet hos hemanvändare." Thesis, Högskolan i Skövde, Institutionen för informationsteknologi, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-11133.
Full textAbstract:
IT utgör en stor del av majoriteten av folks vardagliga liv. Smartphones och surfplattor har om möjligt ytterligare ökat vår användning av tekniska enheter och prylar på en daglig basis. Arbetet tas med hem i en större grad med hjälp av laptops, VPN och molnmöjligheter. Mail kan tas emot i princip var och närsomhelst på dygnet. Men hur bra är säkerheten? På arbetsplatsen hanteras mycket av IT-säkerheten och ansvaret för den ofta av erfarna och dedikerade anställda, men hur ser det ut hemma där användaren själv har ansvaret för sin IT-säkerhet? I denna studie analyseras och identifieras risker och problem vid hantering av olika aktiviteter relaterade till IT-säkerhet i hemmet. Motivationsteorin TMT och en konceptuell modell av aktiviteter relaterade till IT-säkerhet användes för att ta fram frågorna till intervjuerna och för att analysera svaren. Information har samlats in genom intervjuer med personer i olika åldrar och med varierande erfarenhetsbakgrund. Risker har identifierats relaterat till brister i hemanvändares motivation att utföra aktiviteterna lösenordshantering och säkerhetskopiering samt bristande värderingar för aktiviteten utbildning.
26
Dupre, Rob. "Scene analysis and risk estimation for domestic robots, security and smart homes." Thesis, Kingston University, 2017. http://eprints.kingston.ac.uk/37781/.
Full textAbstract:
The evaluation of risk within a scene is a new and emerging area of research. With the advent of smart enabled homes and the continued development and implementation of domestic robotics, the platform for automated risk assessment within the home is now a possibility. The aim of this thesis is to explore a subsection of the problems facing the detection and quantification of risk in a domestic setting. A Risk Estimation framework is introduced which provides a flexible and context aware platform from which measurable elements of risk can be combined to create a final risk score for a scene. To populate this framework, three elements of measurable risk are proposed and evaluated: Firstly, scene stability, assessing the location and stability of objects within an environment through the use of physics simulation techniques. Secondly, hazard feature analysis using two specifically designed novel feature descriptors (3D Voxel HOG and the Physics Behaviour Feature) which determine if the objects within a scene have dangerous or risky properties such as blades or points. Finally, environment interaction, which uses human behaviour simulation to predict human reactions to detected risks and highlight areas of a scene most likely to be visited. Additionally methodologies are introduced to support these concepts including: a simulation prediction framework which reduces the computational cost of physics simulation, a Robust Filter and Complex Adaboost which aim to improve the robustness and training times required for hazard feature classification models. The Human and Group Behaviour Evaluation framework is introduced to provide a platform from which simulation algorithms can be evaluated without the need for extensive ground truth data. Finally the 3D Risk Scenes (3DRS) dataset is introduced, creating a risk specific dataset for the evaluation of future domestic risk analysis methodologies.
27
Denebo, Petra, and Anna-Katrine Linder. "Privacy : Plug the Internet Peep Hole." Thesis, Blekinge Tekniska Högskola, Institutionen för programvaruteknik och datavetenskap, 2001. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-1568.
Full textAbstract:
The Internet is a relatively new technology that has developed explosively during the last 10 years. The Internet-technology has been accepted rapidly by users, but the legal and ethical aspects have not been updated at the same rapid rate. Trust in electronic services or products is founded on knowledge and an understanding of what happens during a session and of the effects that might occur. Within electronically based services there are obvious risks for invisible and undesired results such as intrusions on privacy. In the traditional relationship of a service provider and a user, the question of privacy is clear, whereas in the new, Internet-related relationship between a service provider and a user, it is not. We have performed an informed survey concerning privacy, carried out through interviews. From the answers in the interviews it is clear that the threat against privacy is perceived as a problem, but that it is overshadowed by other issues such as safe conducts of payment, functioning distribution systems and reclamation etc. This could be due to the difficulty of addressing an intangible problem such as privacy when there are other issues that are as important and easier to address since they concern an actual purchase. To increase the trust of the users in the Internet and e-commerce branch, we believe that the Internet peephole needs to be plugged from within the branch. A user should neither have to worry about where his or her personal information goes or who has access to it nor for which purpose it will be used. The users must be made aware of what threats their information faces and which certificates that can protect it. If the providers of products and services on the Internet do not gain the trust of the users, in the end, cyberspace will be a desolate place.
28
Salaün, Mickaël. "Intégration de l’utilisateur au contrôle d’accès : du processus cloisonné à l’interface homme-machine de confiance." Thesis, Evry, Institut national des télécommunications, 2018. http://www.theses.fr/2018TELE0006/document.
Full textAbstract:
Cette thèse souhaite fournir des outils pour qu’un utilisateur puisse contribuer activement à la sécurité de son usage d’un système informatique. Les activités de sensibilités différentes d’un utilisateur nécessitent tout d’abord d’être cloisonnées dans des domaines dédiés, par un contrôle d’accès s’ajustant aux besoins de l’utilisateur. Afin de conserver ce cloisonnement, celui-ci doit être en mesure d’identifier de manière fiable les domaines avec lesquels il interagit, à partir de l’interface de sa machine. Dans une première partie, nous proposons un nouveau mécanisme de cloisonnement qui peut s’adapter de manière transparente aux changements d’activité de l’utilisateur, sans altérer le fonctionnement des contrôles d’accès existants, ni dégrader la sécurité du système. Nous en décrivons une première implémentation, nommée StemJail, basée sur les espaces de noms de Linux. Nous améliorons ce cloisonnement en proposant un nouveau module de sécurité Linux, baptisé Landlock, utilisable sans nécessiter de privilèges. Dans un second temps, nous identifions et modélisons les propriétés de sécurité d’une interface homme-machine (IHM) nécessaires à la compréhension fiable et sûre du système par l’utilisateur. En particulier, il s’agit d’établir un lien entre les entités avec lesquelles l’utilisateur pense communiquer, et celles avec lesquelles il communique vraiment. Cette modélisation permet d’évaluer l’impact de la compromission de certains composants d’IHM et d’aider à l’évaluation d’une architecture donnéeThis thesis aims to provide end users with tools enhancing the security of the system they use. First, user activities of different sensitivities require to be confined in dedicated domains by an access control fitting the user’s needs. Next, in order to maintain this confinement, users must be able to reliably identify the domains they interact with, from their machine’s interface. In the first part, we present a new confinement mechanism that seamlessly adapts to user activity changes, without altering the behavior of existing access controls nor degrading the security of the system. We also describe a first implementation named StemJail, based on Linux namespaces. We improve this confinement tool by creating a new Linux security module named Landlock which can be used without requiring privileges. In a second step, we identify and model the security properties a human-computer interface (HCI) requires for the reliable and secure understanding of the system by the user. Precisely, the goal is to establish a link between the entities with which the users think they communicate, and those with which they actually communicate. This model enables to evaluate the impact of HCI components jeopardization and helps assessing a given architecture
29
"A Systematic Approach to Generate the Security Requirements For the Smart Home System." Master's thesis, 2013. http://hdl.handle.net/2286/R.I.18123.
Full textAbstract:
abstract: Smart home system (SHS) is a kind of information system aiming at realizing home automation. The SHS can connect with almost any kind of electronic/electric device used in a home so that they can be controlled and monitored centrally. Today's technology also allows the home owners to control and monitor the SHS installed in their homes remotely. This is typically realized by giving the SHS network access ability. Although the SHS's network access ability brings a lot of conveniences to the home owners, it also makes the SHS facing more security threats than ever before. As a result, when designing a SHS, the security threats it might face should be given careful considerations. System security threats can be solved properly by understanding them and knowing the parts in the system that should be protected against them first. This leads to the idea of solving the security threats a SHS might face from the requirements engineering level. Following this idea, this paper proposes a systematic approach to generate the security requirements specifications for the SHS. It can be viewed as the first step toward the complete SHS security requirements engineering process.Dissertation/Thesis
M.C.St. Computing Studies 2013
30
(10711719), Diego Miguel Mendez Mena. "Blockchain-Based Security Framework for the Internet of Things and Home Networks." Thesis, 2021.
Find full textAbstract:
During recent years, attacks on Internet of Things (IoT) devices have grown significantly. Cyber criminals have been using compromised IoT machines to attack others, which include critical internet infrastructure systems. Latest attacks increase the urgency for the information security research community to develop new strategies and tools to safeguard vulnerable devices at any level. Millions of intelligent things are now part of home-based networks that are usually disregarded by solutions platforms, but not by malicious entities.Therefore, the following document presents a comprehensive framework that aims to secure home-based networks, but also corporate and service provider ones. The proposed solution utilizes first-hand information from different actors from different levels to create a decentralized privacy-aware Cyber Threat Information (CTI) sharing network, capable of automate network responses by relying on the secure properties of the blockchain powered by the Ethereum algorithms.
31
Botha, Carla-Lee. "A gab analysis to compare best practice recommendations legal requirements when raising information security awareness amongst home users of online banking." Diss., 2011. http://hdl.handle.net/10500/5457.
Full textAbstract:
South African home users of the Internet use the Internet to perform various everyday functions. These functions include, but are not limited to, online shopping, online gaming, social networking and online banking. Home users of online banking face multiple threats, such as phishing and social engineering. These threats come from hackers attempting to obtain confidential information, such as online banking authentication credentials, from home users. It is, thus, essential that home users of online banking be made aware of these threats, how to identify them and what countermeasures to implement to protect themselves from hackers. In this respect, information security awareness (ISA) programmes are an effective way of making the home users of online banking aware of both the threats they face and the countermeasures available to protect themselves from these threats.
There are certain legal requirements with which South African banks have to comply when implementing ISA initiatives. Non-compliance or failure to demonstrate due care and due diligence should a security incident occur will result in financial penalties for the bank as well as possible brand damage and loss of customers. Banks implement international best practice recommendations in an effort to comply with legislation. These include recommendations for information security awareness.
This research investigated both information security best practice recommendations and information security legal requirements for information security awareness. A selected list of information security best practices was investigated for best practice recommendations while a selected list of information security legislation was investigated for legal requirements imposed on South African banks. A gap analysis was performed on both these recommendations and requirements to determine whether the implementation of best practice recommendations resulted in compliance with legal requirements. The gap analysis found that the implementation of best practice recommendations does not result in compliance with legal requirements. Accordingly, the outcome of this research highlighted the importance of understanding the legal requirements and ensuring that adequate controls are in place with which to achieve compliance.Business Information systems
Msc. (Information systems)
32
Botha, Carla-Lee. "A gap analysis to compare best practice recommendations and legal requirements when raising information security awareness amongst home users of online banking." Diss., 2011. http://hdl.handle.net/10500/5457.
Full textAbstract:
South African home users of the Internet use the Internet to perform various everyday functions. These functions include, but are not limited to, online shopping, online gaming, social networking and online banking. Home users of online banking face multiple threats, such as phishing and social engineering. These threats come from hackers attempting to obtain confidential information, such as online banking authentication credentials, from home users. It is, thus, essential that home users of online banking be made aware of these threats, how to identify them and what countermeasures to implement to protect themselves from hackers. In this respect, information security awareness (ISA) programmes are an effective way of making the home users of online banking aware of both the threats they face and the countermeasures available to protect themselves from these threats.
There are certain legal requirements with which South African banks have to comply when implementing ISA initiatives. Non-compliance or failure to demonstrate due care and due diligence should a security incident occur will result in financial penalties for the bank as well as possible brand damage and loss of customers. Banks implement international best practice recommendations in an effort to comply with legislation. These include recommendations for information security awareness.
This research investigated both information security best practice recommendations and information security legal requirements for information security awareness. A selected list of information security best practices was investigated for best practice recommendations while a selected list of information security legislation was investigated for legal requirements imposed on South African banks. A gap analysis was performed on both these recommendations and requirements to determine whether the implementation of best practice recommendations resulted in compliance with legal requirements. The gap analysis found that the implementation of best practice recommendations does not result in compliance with legal requirements. Accordingly, the outcome of this research highlighted the importance of understanding the legal requirements and ensuring that adequate controls are in place with which to achieve compliance.Business Information systems
Msc. (Information systems)
33
Masvosve, Thomas. "Designing an intelligent home environment." Diss., 2016. http://hdl.handle.net/10500/21934.
Full textAbstract:
While a lot of efforts have been on outdoor intelligent systems, internal living environment system that suits the occupancy’s behaviour has not received much attention. The intelligent living environment designed in this study has three components; the physical world (environment), the database and the decision maker.
The study sought to design a model that senses ever changing home conditions such as lights, doors and windows. Other variables that were looked at include, but not limited to the number of people in the room and inside thermodynamics and human activity. Global information such as temperature, gas or electricity usage and time of the day will also be received by the system through various sensing facilities. The
information will be sent to a rules engine for a decision on an appropriate action to be taken. The action may include just turning off the lights, in the case of a mild abnormality or a high alert to an emergency response unit in a most severe case. The study proposes a context aware and proactive neural networks control system to control a living environment with a main focus on the aged citizens living alone. The proposed living environment was not developed to an actual or “mock” building
containing a representation of subset of sensors, actuators and controllers as used in the actual systems due to lack of funding. However, the study will report on the modelling and simulation of the home system variables based on the chosen Artificial Intelligent technique using MATLAB/SIMULINK. These results indicate a possibility of implementing the designed living environment to increase the resident’s security.Electrical and Mining Engineering
M. Tech. (Engineering: Electrical)
34
Mahmoud, Mohamed Mohamed Elsalih Abdelsalam. "Efficient Packet-Drop Thwarting and User-Privacy Preserving Protocols for Multi-hop Wireless Networks." Thesis, 2011. http://hdl.handle.net/10012/5905.
Full textAbstract:
In multi-hop wireless network (MWN), the mobile nodes relay others’ packets for enabling new applications and enhancing the network deployment and performance. However, the selfish nodes drop the packets because packet relay consumes their resources without benefits, and the malicious nodes drop the packets to launch Denial-of-Service attacks. Packet drop attacks adversely degrade the network fairness and performance in terms of throughput, delay, and packet delivery ratio. Moreover, due to the nature of wireless transmission and multi-hop packet relay, the attackers can analyze the network traffic in undetectable way to learn the users’ locations in number of hops and their communication activities causing a serious threat to the users’ privacy. In this thesis, we propose efficient security protocols for thwarting packet drop attacks and preserving users’ privacy in multi-hop wireless networks.
First, we design a fair and efficient cooperation incentive protocol to stimulate the selfish nodes to relay others’ packets. The source and the destination nodes pay credits (or micropayment) to the intermediate nodes for relaying their packets. In addition to cooperation stimulation, the incentive protocol enforces fairness by rewarding credits to compensate the nodes for the consumed resources in relaying others’ packets. The protocol also discourages launching Resource-Exhaustion attacks by sending bogus packets to exhaust the intermediate nodes’ resources because the nodes pay for relaying their packets.
For fair charging policy, both the source and the destination nodes are charged when the two nodes benefit from the communication. Since micropayment protocols have been originally proposed for web-based applications, we propose a practical payment model specifically designed for MWNs to consider the significant differences between web-based applications and cooperation stimulation. Although the non-repudiation property of the public-key cryptography is essential for securing the incentive protocol, the public-key cryptography requires too complicated computations and has a long signature tag. For efficient implementation, we use the public-key cryptography only for the first packet in a series and use the efficient hashing operations for the next packets, so that the overhead of the packet series converges to that of the hashing operations. Since a trusted party is not involved in the communication sessions, the nodes usually submit undeniable digital receipts (proofs of packet relay) to a centralized trusted party for updating their credit accounts. Instead of submitting large-size payment receipts, the nodes submit brief reports containing the alleged charges and rewards and store undeniable security evidences. The payment of the fair reports can be cleared with almost no processing overhead. For the cheating reports, the evidences are requested to identify and evict the cheating nodes. Since the cheating actions are exceptional, the proposed protocol can significantly reduce the required bandwidth and energy for submitting the payment data and clear the payment with almost no processing overhead while achieving the same security strength as the receipt-based protocols.
Second, the payment reports are processed to extract financial information to reward the cooperative nodes, and contextual information such as the broken links to build up a trust system to measure the nodes’ packet-relay success ratios in terms of trust values. A node’s trust value is degraded whenever it does not relay a packet and improved whenever it does. A node is identified as malicious and excluded from the network once its trust value reaches to a threshold. Using trust system is necessary to keep track of the nodes’ long-term behaviors because the network packets may be dropped normally, e.g., due to mobility, or temporarily, e.g., due to network congestion, but the high frequency of packet drop is an obvious misbehavior. Then, we propose a trust-based and energy-aware routing protocol to route traffics through the highly trusted nodes having sufficient residual energy in order to establish stable routes and thus minimize the probability of route breakage. A node’s trust value is a real and live measurement to the node’s failure probability and mobility level, i.e., the low-mobility nodes having large hardware resources can perform packet relay more efficiently. In this way, the proposed protocol stimulates the nodes not only to cooperate but also to improve their packet-relay success ratio and tell the truth about their residual energy to improve their trust values and thus raise their chances to participate in future routes.
Finally, we propose a privacy-preserving routing and incentive protocol for hybrid ad hoc wireless network. Micropayment is used to stimulate the nodes’ cooperation without submitting payment receipts. We only use the lightweight hashing and symmetric-key-cryptography operations to preserve the users’ privacy. The nodes’ pseudonyms are efficiently computed using hashing operations. Only trusted parties can link these pseudonyms to the real identities for charging and rewarding operations. Moreover, our protocol protects the location privacy of the anonymous source and destination nodes.
Extensive analysis and simulations demonstrate that our protocols can secure the payment and trust calculation, preserve the users’ privacy with acceptable overhead, and precisely identify the malicious and the cheating nodes. Moreover, the simulation and measurement results demonstrate that our routing protocols can significantly improve route stability and thus the packet delivery ratio due to stimulating the selfish nodes’ cooperation, evicting the malicious nodes, and making informed decisions regarding route selection. In addition, the processing and submitting overheads of the payment-reports are incomparable with those of the receipts in the receipt-based incentive protocols. Our protocol also requires incomparable overhead to the signature-based protocols because the lightweight hashing operations dominate the nodes’ operations.