To see the other types of publications on this topic, follow the link: Hybrid security.
Dissertations / Theses on the topic 'Hybrid security'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Hybrid security.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Chaulagain, Dewan. "Hybrid Analysis of Android Applications for Security Vetting." Bowling Green State University / OhioLINK, 2019. http://rave.ohiolink.edu/etdc/view?acc_num=bgsu1555608766287613.
Full text
2
Mundi, Anuj V. "PLC-WiFi hybrid broadband Internet deployment and security /." [Gainesville, Fla.] : University of Florida, 2004. http://purl.fcla.edu/fcla/etd/UFE0006964.
Full text
3
Teo, Hong-Siang. "Security of sensor networks." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2006. http://library.nps.navy.mil/uhtbin/hyperion/06Jun%5FTeo.pdf.
Full textAbstract:
Thesis (M.S. in Electrical Engineering)--Naval Postgraduate School, June 2006.Thesis Advisor(s): John McEachen. "June 2006." Includes bibliographical references (p. 49-51). Also available in print.
4
Van, der Horst Timothy W. "Thor : the hybrid online repository /." Diss., CLICK HERE for online access, 2005. http://contentdm.lib.byu.edu/ETD/image/etd696.pdf.
Full text
5
Cheng, Carol Shaoyu. "A hybrid approach to power system voltage security assessment." Diss., Georgia Institute of Technology, 1991. http://hdl.handle.net/1853/15469.
Full text
6
Katsis, Grigorios. "Multistage security mechanism for hybrid, large scale wireless sensor networks." Thesis, Monterey, Calif. : Naval Postgraduate School, 2007. http://bosun.nps.edu/uhtbin/hyperion-image.exe/07Jun%5FKatsis.pdf.
Full textAbstract:
Thesis (M.S. in Applied Physics and M.S. in Electrical Engineering)--Naval Postgraduate School, June 2007.Thesis Advisor(s): Murali Tummala, Gamani Karunasiri. "June 2007." Includes bibliographical references (p. 57-59). Also available in print.
7
Warmington, Sheray Kimberlyn. "State failure and hybrid security governance : the case of Jamaica." Thesis, University of York, 2017. http://etheses.whiterose.ac.uk/21205/.
Full textAbstract:
This thesis is concerned with examining the intersection between the failed state and security governance literatures, through the case study of Jamaica. This thesis is primarily concerned with examining the under-researched link between concerns raised in failed state and security governance literatures. The thesis proposes that the presence of state failure and success in the same setting is a direct result of the execution of a problematic security governance framework that impedes the nation’s ability to establish a stable state infrastructure that is capable of fulfilling the welfare needs of the entire citizenry. By utilising Jamaica as a case study, and more specifically the Tivoli Gardens Incursion as a sub case study, the main contributions to research that this thesis makes is that state failure can co-exist alongside spaces of state success. State failure, as exemplified in Jamaica, can exist on a continuum and manifests itself geographically and within certain sectors of the state system, such as security.
8
Suru, Hassan U. "Security and usability in a hybrid property based graphical authentication system." Thesis, University of Salford, 2018. http://usir.salford.ac.uk/48724/.
Full textAbstract:
Alphanumeric text and PINs continue to be the dominant authentication methods in spite of the numerous concerns by security researchers of their inability to properly address usability and security flaws and to effectively combine usability and security. These flaws have, however, contributed to the growing research interest in the development and use of graphical authentication systems as alternatives to text based systems. Graphical passwords or graphical authentication systems are password systems that use images rather than characters or numbers in user authentication. The picture superiority effect, a belief that humans are better able to memorise images than text, has very much influenced the proliferation of and support for graphical authentication systems. In spite of their growing acceptance, however, empirical studies have shown that graphical authentication systems have also inherited some of the flaws of text based passwords. These flaws include predictability, vulnerability to observational attacks and the inability of systems to efficiently combine security with usability. Hence there is a continued quest among usable security researchers to find that hypothetical system that has both strong usability and strong security. In this research, a novel concept for hybrid graphical authentication systems is developed. This consists of a class of systems that are called 'property based authentication systems' which adopt the use of image properties for user authentication, rather than specific images as used in existing systems. Image properties are specified contents of images which gives the image a set of characteristics. Several implementations of these systems have been developed and evaluated. Significant empirical performance studies have been conducted to evaluate these systems in terms of usability and security. The usability evaluations conducted evaluate the systems in terms effectiveness, efficiency and user satisfaction, while security evaluations measure their susceptibility to common attacks. The results from these studies suggests that property based systems have better usability and security when compared to commonly known and well researched graphical authentication systems.
9
Сабадаш, Віктор Володимирович, Виктор Владимирович Сабадаш, Viktor Volodymyrovych Sabadash, and В. В. Сабадаш. "The security challenges of hybrid work formats in a digital economy." Thesis, ДВНЗ «Приазовський державний технічний університет», 2021. https://essuir.sumdu.edu.ua/handle/123456789/84066.
Full textAbstract:
Досліджено ключові виклики безпеки гібридних форматів роботи у цифровій економіціИсследованы ключевые вызовы безопасности гибридных форматов работы в цифровой экономике
The key security challenges of hybrid work formats in the digital economy are investigated
10
Sunkaralakunta, Venkatarama Reddy Rakesh. "A User-Centric Security Policy Enforcement Framework for Hybrid Mobile Applications." University of Dayton / OhioLINK, 2019. http://rave.ohiolink.edu/etdc/view?acc_num=dayton1564744609523447.
Full text
11
Fießler, Andreas Christoph Kurt. "Hybrid Hardware/Software Architectures for Network Packet Processing in Security Applications." Doctoral thesis, Humboldt-Universität zu Berlin, 2019. http://dx.doi.org/10.18452/20023.
Full textAbstract:
Die Menge an in Computernetzwerken verarbeiteten Daten steigt stetig, was Netzwerkgeräte wie Switches, Bridges, Router und Firewalls vor Herausfordungen stellt.
Die Performance der verbreiteten, CPU/softwarebasierten Ansätze für die Implementierung dieser Aufgaben ist durch den inhärenten Overhead in der sequentiellen Datenverarbeitung limitiert, weshalb solche Funktionalitäten vermehrt auf dedizierten Hardwarebausteinen realisiert werden.
Diese bieten eine schnelle, parallele Verarbeitung mit niedriger Latenz, sind allerdings aufwendiger in der Entwicklung und weniger flexibel.
Nicht jede Anwendung kann zudem für parallele Verarbeitung optimiert werden.
Diese Arbeit befasst sich mit hybriden Ansätzen, um eine bessere Ausnutzung der jeweiligen Stärken von Soft- und Hardwaresystemen zu ermöglichen, mit Schwerpunkt auf der Paketklassifikation.
Es wird eine Firewall realisiert, die sowohl Flexibilität und Analysetiefe einer Software-Firewall als auch Durchsatz und Latenz einer Hardware-Firewall erreicht.
Der Ansatz wird auf einem Standard-Rechnersystem, welches für die Hardware-Klassifikation mit einem rekonfigurierbaren Logikbaustein (FPGA) ergänzt wird, evaluiert.
Eine wesentliche Herausforderung einer hybriden Firewall ist die Identifikation von Abhängigkeiten im Regelsatz.
Es werden Ansätze vorgestellt, welche den redundanten Klassifikationsaufwand auf ein Minimum reduzieren, wie etwa die Wiederverwendung von Teilergebnissen der hybriden Klassifikatoren oder eine exakte Abhängigkeitsanalyse mittels Header Space Analysis.
Für weitere Problemstellungen im Bereich der hardwarebasierten Paketklassifikation, wie dynamisch konfigurierbare Filterungsschaltkreise und schnelle, sichere Hashfunktionen für Lookups, werden Machbarkeit und Optimierungen evaluiert.
Der hybride Ansatz wird im Weiteren auf ein System mit einer SDN-Komponente statt einer FPGA-Erweiterung übertragen. Auch hiermit können signifikante Performancegewinne erreicht werden.Network devices like switches, bridges, routers, and firewalls are subject to a continuous development to keep up with ever-rising requirements. As the overhead of software network processing already became the performance-limiting factor for a variety of applications, also former software functions are shifted towards dedicated network processing hardware. Although such application-specific circuits allow fast, parallel, and low latency processing, they require expensive and time-consuming development with minimal possibilities for adaptions. Security can also be a major concern, as these circuits are virtually a black box for the user. Moreover, the highly parallel processing capabilities of specialized hardware are not necessarily an advantage for all kinds of tasks in network processing, where sometimes a classical CPU is better suited. This work introduces and evaluates concepts for building hybrid hardware-software-systems that exploit the advantages of both hardware and software approaches in order to achieve performant, flexible, and versatile network processing and packet classification systems. The approaches are evaluated on standard software systems, extended by a programmable hardware circuit (FPGA) to provide full control and flexibility. One key achievement of this work is the identification and mitigation of challenges inherent when a hybrid combination of multiple packet classification circuits with different characteristics is used. We introduce approaches to reduce redundant classification effort to a minimum, like re-usage of intermediate classification results and determination of dependencies by header space analysis. In addition, for some further challenges in hardware based packet classification like filtering circuits with dynamic updates and fast hash functions for lookups, we describe feasibility and optimizations. At last, the hybrid approach is evaluated using a standard SDN switch instead of the FPGA accelerator to prove portability.
12
Li, Jianzhou, and University of Lethbridge Faculty of Arts and Science. "Design of a novel hybrid cryptographic processor." Thesis, Lethbridge, Alta. : University of Lethbridge, Faculty of Arts and Science, 2005, 2005. http://hdl.handle.net/10133/266.
Full textAbstract:
A new multiplier that supports fields GF(p) and GF (2n) for the public-key cryptography, and fields GF (28) for the secret-key cryptography is proposed in this thesis. Based on the core multiplier and other extracted common operations, a novel hybrid crypto-processor is built which processes both public-key and secret-key cryptosystems. The corresponding instruction set is also presented. Three cryptographic algorithms: the Elliptic Curve Cryptography (ECC), AES and RC5 are focused to run in the processor. To compute scalar multiplication kP efficiently, a blend of efficient algorthms on elliptic curves and coordinates selections and of hardware architecture that supports arithmetic operations on finite fields is requried. The Nonadjacent Form (NAF) of k is used in Jacobian projective coordinates over GF(p); Montgomery scalar multiplication is utilized in projective coordinates over GF(2n). The dual-field multiplier is used to support multiplications over GF(p) and GF(2n) according to multiple-precision Montgomery multiplications algorithms. The design ideas of AES and RC5 are also described. The proposed hybrid crypto-processor increases the flexibility of security schemes and reduces the total cost of cryptosystems.viii, 87 leaves : ill. (some col.) ; 28 cm.
13
Tamagna-Darr, Lucas. "Evaluating the effectiveness of an intrusion prevention system-honeypot hybrid /." Online version of thesis, 2009. http://hdl.handle.net/1850/10837.
Full text
14
Abdul, Kadir Muhd K. "Food security modelling using two stage hybrid model and fuzzy logic risk assessment." Thesis, University of Warwick, 2013. http://wrap.warwick.ac.uk/55721/.
Full textAbstract:
Food security has become a key issue worldwide in recent years. According to the Department for Environment Food and Rural Affair (DEFRA) UK, the key components of food security are food availability, global resource sustainability, access, food chain resilience, household food security, safety and confidence of public towards food system. Each of these components has its own indicators which need to be monitored. Only a few studies had been made towards analysing food security and most of these studies are based on conventional data analysis methods such as the use of statistical techniques. In handling food security datasets such as crops yield, production, economy growth, household behaviour and others, where most of the data is imprecise, non-linear and uncertain in nature, it is better to handle the data using intelligent system (IS) techniques such as fuzzy logic, neural networks, genetic algorithm and hybrid systems, rather than conventional techniques. Therefore this thesis focuses on the modelling of food security using IS techniques, and a newly developed hybrid intelligent technique called a 2-stage hybrid (TSH) model, which is capable of making accurate predictions. This technique is evaluated by considering three applications of food security research areas which relate to each of the indicators in the DEFRA key food security components. In addition, another food security model was developed, called a food security risk assessment model. This can be used in assessing the level of risk for food security. The TSH model is constructed by using two key techniques; the Genetic Algorithm (GA) module and the Artificial Neural Network (ANN) module, where these modules combine the global and local search, by optimizing the inputs of ANN in the first stage process and optimizing of weight and threshold of ANN, which is then used to remodel the ANN resulting in better prediction. In evaluating the performance of the TSH prediction model, a total of three datasets have been used, which relate to the food security area studied. These datasets involve the prediction of farm household output, prediction of cereal growth per capita as the food availability main indicators in food security component, and grain security assessment prediction. The TSH prediction model is benchmarked against five others techniques. Each of these five techniques uses an ANN as the prediction model. The models used are: Principal Component Analysis (PCA), Multi-layered Perceptron-Artificial Neural Network (MLP-ANN), feature selection (FS) of GA-ANN, Optimized Weight and Threshold (OWTNN) and Sensitive Genetic Neural Optimization (SGNO). Each of the application datasets considered is used to show the capability of the TSH model in making effective predictions, and shows that the general performance of the model is better than the other benchmarked techniques. The research in this thesis can be considered as a stepping-stone towards developing other tools in food security modelling, in order to aid the safety of food security.
15
Homonyuk, Angelina Anatoliyivna, and Ангеліна Анатоліївна Гомонюк. "Information security of Ukraine in the conditions of globalizations challenges and hybrid war." Thesis, National Aviation University, 2021. https://er.nau.edu.ua/handle/NAU/51636.
Full textAbstract:
1. Почепцов Г. Гібридна війна: інформаційна складова [Електронний ресурс] / Г. Почепцов, 25.10.2015 р. – Режим доступу: http://ji-magazine.lviv. ua/2015/Pochepcov_Gibr_vijna_inf_skladova.htm.
2. Стратегія і тактика гібридних війн в контексті військової агресії Росії проти України. 24.11.2014 р. [Електронний ресурс]. – Режим доступу: http:// bintel.com.ua/uk/article/gibrid-war/.
3. Максименко Ю. Є. Інформаційне суспільство в Україні: стан та перспективи становлення [Електронний ресурс] / Ю. Є. Максименко // Підприємництво, господарство і право. – 2014. – № 12. – Режим доступу: http:// goal-int.org/informacijne-suspilstvo-v-ukraini-stan-ta-perspektivi-stanovlennya/.The urgency of the work lies in the fact that recently the problem of information security in Ukraine has become more and more frequent, which is especially relevant in connection with the escalation of the active phase of the hybrid war. The armed conflict in eastern Ukraine, the annexation of Crimea, and terrorist actions against Ukrainian statehood are all superimposed on the harsh, fake anti-Ukrainian information rhetoric used in the state-run media. The issue of dissemination of negative and unreliable information via the Internet is especially acute. In the context of globalization, information and communication technologies are an integral part of human life. They have become a factor involved in the production of goods and services. Such changes entail the transformation of both the social structure of society and, in all spheres — economic, sociopolitical, and spiritual — profound revolutionary transformations are taking place. In the context of an armed conflict, information technologies are becoming levers of influence that threaten the loss of Ukraine’s sovereignty. The creation and dissemination of the latest technologies and global means of communication has led to the global information revolution. The growing role of information in public life has raised to a new level the problem of information security. They are extremely relevant at the present stage of development of information and communication technologies. This suggests that the results of the scientific and technological revolution can be used not only for positive purposes, but also to have negative consequences for society. The most obvious challenges caused by uneven access to technology are the widening of the digital divide between countries, opportunities to preserve the cultural identity of nation states in a globalized world, the rise in cybercrime, and so on. This has given rise to a new phenomenon of the modern world - «information security», which affects the interests of each individual country and, at the regional and global levels, is an element of the overall system of international security.
Актуальність роботи полягає в тому, що останнім часом проблема інформаційної безпеки в Україні стає дедалі частішою, що особливо актуально у зв'язку з загостренням активної фази гібридної війни. Збройний конфлікт на сході України, анексія Криму та терористичні акції проти української державності накладаються на жорстку, фейкову антиукраїнську інформаційну риторику, що використовується в державних ЗМІ. Особливо гостро стоїть питання поширення негативної та недостовірної інформації через Інтернет. В умовах глобалізації інформаційно-комунікаційні технології є невід’ємною частиною людського життя. Вони стали чинником виробництва товарів та послуг. Такі зміни тягнуть за собою трансформацію як соціальної структури суспільства, так і в усіх сферах - економічної, соціально-політичної та духовної - відбуваються глибокі революційні перетворення. В умовах збройного конфлікту інформаційні технології стають важелями впливу, які загрожують втратою суверенітету України. Створення та розповсюдження новітніх технологій та глобальних засобів комунікації призвели до глобальної інформаційної революції. Зростання ролі інформації в суспільному житті підняло на новий рівень проблему інформаційної безпеки. Вони надзвичайно актуальні на сучасному етапі розвитку інформаційно-комунікаційних технологій.Це говорить про те, що результати науково-технічної революції можуть бути використані не тільки в позитивних цілях, а й мати негативні наслідки для суспільства. Найбільш очевидними проблемами, спричиненими нерівномірним доступом до технологій, є збільшення цифрового розриву між країнами, можливості збереження культурної самобутності національних держав у глобалізованому світі, зростання кіберзлочинності тощо. Це породило нове явище сучасного світу - «інформаційну безпеку», яке зачіпає інтереси кожної окремо взятої країни і на регіональному та глобальному рівнях є елементом загальної системи міжнародної безпеки.
16
Roy-Chowdhury, Ayan. "Improving network performance, security and robustness in hybrid wireless networks using a satellite overlay." College Park, Md.: University of Maryland, 2008. http://hdl.handle.net/1903/8879.
Full textAbstract:
Thesis (Ph. D.) -- University of Maryland, College Park, 2008.Thesis research directed by: Dept. of Electrical and Computer Engineering. Title from t.p. of PDF. Includes bibliographical references. Published by UMI Dissertation Services, Ann Arbor, Mich. Also available in paper.
17
Sapegin, Andrey [Verfasser], Christoph [Akademischer Betreuer] Meinel, and Andreas [Akademischer Betreuer] Polze. "High-Speed Security Log Analytics Using Hybrid Outlier Detection / Andrey Sapegin ; Christoph Meinel, Andreas Polze." Potsdam : Universität Potsdam, 2019. http://d-nb.info/1217813047/34.
Full text
18
Ali, Ayaz. "Analysis of key security and privacy concerns and viable solutions in Cloud computing." Thesis, Linnéuniversitetet, Institutionen för datavetenskap och medieteknik (DM), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-90806.
Full textAbstract:
Cloud Security and Privacy is the most concerned area in the development of newly advance technological domains like cloud computing, the cloud of things, the Internet of Things. However, with the growing popularity and diverse nature of these technologies, security and privacy are becoming intricate matters and affect the adoption of cloud computing. Many small and large enterprises are in conflict while migrating towards cloud technology and this is because of no proper cloud adoption policy guideline, generic solutions for system migration issues, systematic models to analyze security and privacy performance provided by different cloud models. Our proposed literature review focuses on the problems and identifies solutions in the category of security and privacy. A comprehensive analysis of various identified techniques published during 2010 – 2018 has been presented. We have reviewed 51 studies including research papers and systematic literature reviews on the factors of security and privacy. After analyzing, the papers have been classified into 5 major categories to get an appropriate solution for our required objectives of this study. This work will facilitate the researchers and as well the companies to select appropriate guideline while adopting cloud services.
19
Button, Mark. "'Big fish in little ponds' : private security officers and the policing of private and hybrid space." Thesis, London School of Economics and Political Science (University of London), 2005. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.423018.
Full textAbstract:
Despite the growing interest in private security amongst academics in recent years there have been relatively few empirical studies at a micro level. This thesis presents the findings of a detailed study of two locations or nodes of governance where security officers were the main agents of policing. In-particular the research focuses upon the legal powers security officers have and use in undertaking their roles in the two research sites. The first stage of the research sought to identify what legal tools security officers possess and in answering this question the thesis identifies different models of security officer based upon the legal tools available to them. The second stage of the research focused upon two case study sites: a retail leisure facility called Pleasure Southquay and a manufacturer of defence equipment called Armed Industries. Using a methodology based upon structured and semi-structured interviews, documentary data as well as observation the thesis presents findings illustrating the importance of security officers, suggesting that despite a general image of them as 100v status and ineffective, in their workplaces they are 'big fish in small ponds', particularly when viewed in terms of the broader systems of security that arc utilised. It also demonstrates how they generally have a good knowledge of the limits of their legal tools and how to make use of them lawfully. The research also elucidates how security officers usc some of their tools such as to arrest, use force, to search and to exclude, amongst others, and how the extent to which these arc used varies amongst officers. In usi ng these too Is 0 fficcrs arc also frequent 1y con fronted with di fficult and sometimes dangerous situations that lead to verbal abuse, threats of violence as well as assault amongst other occupational hazards. The research also draws out some of the characteristics of the culture of security officers and the different orientations that exist and how this impacts upon the lise of certain legal tools and ultimately the effectiveness of security officers.
20
Ren, Yonglin. "Towards Secure and Trustworthy Wireless Ad hoc Networks." Thèse, Université d'Ottawa / University of Ottawa, 2012. http://hdl.handle.net/10393/22909.
Full textAbstract:
Due to the attractive advantages of wireless communication technologies, wireless networking and mobile computing has developed expeditiously and gained ample prevalence. Thereby, many practical applications are being designed for the use of wireless ad hoc networks in both military and civilian scenarios. However, some security concerns have arisen from such networks, especially in that misbehaving nodes pose a major threat during the construction of a trusted network. Therefore, security is one of the key challenges in wireless ad hoc networks, requiring significant attention due to their own features and concerns. This thesis presents several computational models and security strategies for the design of secure, trustworthy networks, which are able to make rational decisions when encountering potential threats. In this thesis, we first propose a distributed network management model for secure group communication. Our approach simplifies the complexity of traditional group management and supports the inclusion of other security mechanisms for the purpose of secure communications. As a decentralized management method, trust can perform well in a dynamic and agile environment. Our proposed trust system defines the concept of trust, establishes the trust relationship between distributed nodes, involves the novel and effective computational model, and specifies a set of trust-based rules in this system for wireless nodes. We also propose a hybrid cryptosystem through the application of both symmetric and asymmetric key algorithms to provide reliable and secure protection of data confidentiality. With the design of selective encryption, uncertainty is incorporated into data encryption and the overhead spent on the data protection is significantly reduced. Thus, the communicating parties not only obtain reliable security protection, but also improve the efficiency of data communication. Through security analysis and simulation experiments, we have shown how decentralized management is useful in wireless and ad hoc scenarios, how trust provides feasible solutions for misbehavior detection, and how our proposed strategies offer security properties.
21
Ramsey, Glenn. "Hardware/software optimizations for elliptic curve scalar multiplication on hybrid FPGAs /." Online version of thesis, 2008. http://hdl.handle.net/1850/7765.
Full text
22
Shankar, Sonu. "Parameter assignment for improved connectivity and security in randomly deployed wireless sensor networks via hybrid omni/uni-directional antennas." Thesis, [College Station, Tex. : Texas A&M University, 2008. http://hdl.handle.net/1969.1/ETD-TAMU-2892.
Full text
23
Borison, Torbjorn. "Object Synchronization and Security for Mobile Communications Devices." Thesis, KTH, Mikroelektronik och Informationsteknik, IMIT, 2001. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-93276.
Full textAbstract:
The main objective of this master’s thesis project was to investigate and find solutions to the problem of how to combine the SyncML synchronisation specification with object security and thus protection of personal information, such as contacts and calendar entries in mobile devices. SyncML is a new synchronisation specification agreed upon by major device developers (Ericsson, Palm, Motorola, etc.) and the major synchronisation server developers (Starfish, Puma, fusionOne, etc.). It is independent of transport (HTTP, WSP, or OBEX) platform, operating system, and application and simplifies synchronisation of personal information between dissimilar SyncML supportive devices. SyncML compliant devices are fully capable of synchronising information with a third party operated Internet based server and a desktop computer. This allows us to access, up-date and maintain information independent of Intranets or geographical position. However, synchronising and storing confidential personal information on an third party operated Internet based server entails weaknesses in our personal information security. Even if transport and storage security are used, how secure is the server where this information is stored since this server has the highest probability of being attacked. Can we really trust that an employee or other person with valid appropriated administrators access to the storage facility with the appropriate knowledge, working together with the third party server operator, won’t try to access our stored information? To prevent this, the personal information’s confidentiality must be guaranteed before the information leaves the device. When synchronising and exchanging personal information, the information is often marked according to a specific format. The three de-facto standard PIM formats are: (1) vCard (contact information), (2) vCalendar, and (3) iCalendar (calendar and scheduling information). These formats divide the personal information into properties. Each property is assigned to contain a small piece of the personal information entry (e.g. a telephone number, an e-mail address, the time when the calendar event begins, etc.). Furthermore to preserve the interoperability between different devices given by SyncML, authorised recipients must automatically be able to reverse the encryption process and decrypt the encrypted property value. Therefore general cryptographic formats are used (e.g. CMS, PGP and the newly developed XML Encryption). They add information needed by the recipients (e.g. algorithm used, padding method used on the plain text, etc.), encrypt the plaintext into cipher text, and decrypt the cipher text into plain text given the correct key.
24
Ali-Gombe, Aisha Ibrahim. "Malware Analysis and Privacy Policy Enforcement Techniques for Android Applications." ScholarWorks@UNO, 2017. http://scholarworks.uno.edu/td/2290.
Full textAbstract:
The rapid increase in mobile malware and deployment of over-privileged applications over the years has been of great concern to the security community. Encroaching on user’s privacy, mobile applications (apps) increasingly exploit various sensitive data on mobile devices. The information gathered by these applications is sufficient to uniquely and accurately profile users and can cause tremendous personal and financial damage.
On Android specifically, the security and privacy holes in the operating system and framework code has created a whole new dynamic for malware and privacy exploitation. This research work seeks to develop novel analysis techniques that monitor Android applications for possible unwanted behaviors and then suggest various ways to deal with the privacy leaks associated with them.
Current state-of-the-art static malware analysis techniques on Android-focused mainly on detecting known variants without factoring any kind of software obfuscation. The dynamic analysis systems, on the other hand, are heavily dependent on extending the Android OS and/or runtime virtual machine. These methodologies often tied the system to a single Android version and/or kernel making it very difficult to port to a new device. In privacy, accesses to the database system’s objects are not controlled by any security check beyond overly-broad read/write permissions. This flawed model exposes the database contents to abuse by privacy-agnostic apps and malware. This research addresses the problems above in three ways.
First, we developed a novel static analysis technique that fingerprints known malware based on three-level similarity matching. It scores similarity as a function of normalized opcode sequences found in sensitive functional modules and application permission requests. Our system has an improved detection ratio over current research tools and top COTS anti-virus products while maintaining a high level of resiliency to both simple and complex obfuscation.
Next, we augment the signature-related weaknesses of our static classifier with a hybrid analysis system which incorporates bytecode instrumentation and dynamic runtime monitoring to examine unknown malware samples. Using the concept of Aspect-oriented programming, this technique involves recompiling security checking code into an unknown binary for data flow analysis, resource abuse tracing, and analytics of other suspicious behaviors. Our system logs all the intercepted activities dynamically at runtime without the need for building custom kernels.
Finally, we designed a user-level privacy policy enforcement system that gives users more control over their personal data saved in the SQLite database. Using bytecode weaving for query re-writing and enforcing access control, our system forces new policies at the schema, column, and entity levels of databases without rooting or voiding device warranty.
25
Kim, Hyunho. "Comparing the policing and management of security in private/hybrid space in South Korea and the United Kingdom." Thesis, University of Portsmouth, 2016. https://researchportal.port.ac.uk/portal/en/theses/comparing-the-policing-and-management-of-security-in-privatehybrid-space-in-south-korea-and-the-united-kingdom(b544835f-f25b-483a-89cd-79f6bf2d4f24).html.
Full textAbstract:
This thesis is a comparative criminological study comparing the private policing and management of security of private/hybrid space in South Korea and United Kingdom. It is based upon two comparable shopping malls and draws upon thirty four semi-structured interviews of security officers, supervisors, managers and police officers; thirty nine structured interviews of security officers at both malls; one hundred structured interviews of shoppers at each mall; and one hundred hours of observation at each mall. Increasingly in both South Korea and the United Kingdom the public feel a greater need to protect themselves from crimes because of declining police resources. As a consequence the police are finding it difficult to meet the demands of the public and organisations in terms of crime prevention and the provision of a visible uniformed presence, amongst other. Society demands more effective public security control than what the government can offer. To better respond to these needs private security firms have filled the gap and areas of large private/hybrid space such as shopping malls have been one of the prime examples. However, there have been a few studies of the private security industry in such areas in the UK and in Korea and in no internationally comparative research conducted of shopping malls at all. This study starts to fill that gap by analysing the contribution of private security to the policing of of private space, which is open to the public in shopping malls of the two different countries. Secondly, the research explores and compares the systems of regulation, licensing, legal powers, training and working conditions, amongst others. Third the thesis explores real functions, statuses and image of private security officers and police officers, examining their daily operations, at the two case studies. The research identifies a number of findings, particularly around the role and orientation of officers, noting a strong 'service men' culture amongst Korean officers, distinct from the United Kingdom officers who are more security and policing orientated. It also finds private security officers and their contribution are still considered unimportant by the public and this is linked to their governance, lack of legal power, poor level of training and low educational levels, although this did vary between the two countries. These issues also impact on the relationship with the police who in South Korea are less likely to entrust private security officers with policing work compared to the UK. This research also sheds light on the issues of private security industry regulation, legal powers, poor working conditions, the level of training and occupational risks and the research will hopefully contribute to the growth of comparative research on private security. Therefore, this thesis makes significant recommendations to improve the management of security in shopping mall as a great investment, better training, working conditions and regulation etc.
26
Khomlyak, Olha. "An investigation of lightweight cryptography and using the key derivation function for a hybrid scheme for security in IoT." Thesis, Blekinge Tekniska Högskola, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-14982.
Full textAbstract:
Data security plays a central role in the design of Internet of Things (IoT). Since most of the "things" in IoT are embedded computing devices it is appropriate to talk about cryptography in embedded of systems. This kind of devices is based on microcontrollers, which have limited resources (processing power, memory, storage, and energy). Therefore, we can apply only lightweight cryptography. The goal of this work is to find the optimal cryptographic solution for IoT devices. It is expected that perception of this solution would be useful for implementation on “limited” devices. In this study, we investigate which lightweight algorithm is better to implement. Also, how we can combine two different algorithms in a hybrid scheme and modify this scheme due to data sending scenario. Compendex, Inspec, IEEE Xplore, ACM Digital Library, and Springer Link databases are used to conduct a comprehensive literature review. Experimental work adopted in this study involves implementations, measurements, and observations from the results. The experimental research covers implementations of different algorithms and experimental hybrid scheme, which includes additional function. Results show the performance of the considered algorithms and proposed hybrid scheme. According to our results, security solutions for IoT have to utilize algorithms, which have good performance. The combination of symmetric and asymmetric algorithms in the hybrid scheme can be a solution, which provides the main security requirements: confidentiality, integrity, and authenticity. Adaptation of this scheme to the possible IoT scenarios shows the results acceptable for implementation due to limited resources of hardware.
27
Wunderer, Thomas [Verfasser], Johannes [Akademischer Betreuer] Buchmann, and Martin [Akademischer Betreuer] Albrecht. "On the Security of Lattice-Based Cryptography Against Lattice Reduction and Hybrid Attacks / Thomas Wunderer ; Johannes Buchmann, Martin Albrecht." Darmstadt : Universitäts- und Landesbibliothek Darmstadt, 2018. http://d-nb.info/116879868X/34.
Full text
28
Manocha, Jitendra. "Using innovation from block chain technology to address privacy and security problems of Internet of Things." Thesis, KTH, Industriell Marknadsföring och Entreprenörskap, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-209682.
Full textAbstract:
Internet of things (IoT) is growing at a phenomenal speed and outpacing all the technological revolutions that occurred in the past. Together with window of opportunity it also poses quite a few challenges. One of the most important and unresolved challenge is vulnerability in security and privacy in IoT. This is mainly due to lack of a global decentralized standard even though characteristically IoT is based on distributed systems. Due to lack of standard IoT has interoperability issue between different devices and platform suppliers which implicitly creates need of reliance on the suppliers as they store and control user data. There is no decentralized industry wide solution which can offer the control of user data and security back to the user. While experts in IoT are still wondering on solving the challenge, a new Block chain technology has surfaced in past few years and showed signs of disruptive innovation in financial industry. This technology is decentralized, secure and private. Let alone information, block chain innovation has proven to keep assets secure. Recently few forms of block chains have emerged. This research will focus on analyzing the innovative block chain technology, their characteristics specifically the types of block chain to address the privacy and security challenges of IoT. Research proposes a new concept of hybrid block chain as a solution to IoT security and privacy problem.
29
Fießler, Andreas Christoph Kurt [Verfasser], Björn [Gutachter] Scheuermann, Andrew W. [Gutachter] Moore, and Georg [Gutachter] Carle. "Hybrid Hardware/Software Architectures for Network Packet Processing in Security Applications / Andreas Christoph Kurt Fießler ; Gutachter: Björn Scheuermann, Andrew W. Moore, Georg Carle." Berlin : Humboldt-Universität zu Berlin, 2019. http://d-nb.info/1189213710/34.
Full text
30
Fießler, Andreas [Verfasser], Björn [Gutachter] Scheuermann, Andrew W. [Gutachter] Moore, and Georg [Gutachter] Carle. "Hybrid Hardware/Software Architectures for Network Packet Processing in Security Applications / Andreas Christoph Kurt Fießler ; Gutachter: Björn Scheuermann, Andrew W. Moore, Georg Carle." Berlin : Humboldt-Universität zu Berlin, 2019. http://d-nb.info/1189213710/34.
Full text
31
Prakash, Abhinav. "Anonymous and Secure Communication in a Wireless Mesh Network." University of Cincinnati / OhioLINK, 2012. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1352397027.
Full text
32
Chen, Suyuan. "Split Manufacturing: Attacks and Defenses." University of Cincinnati / OhioLINK, 2019. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1554121132885537.
Full text
33
Dehkhoda, Dorna. "Combining IRAM2 with Cost-BenefitAnalysis for Risk Management : Creating a hybrid method with traditional and economic aspects." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-67511.
Full textAbstract:
The aim of this thesis is to contribute to the risk methodology field by introducing a method that covers both economic and information security aspects. The aim is to provide a way for practitioners to get results that is enough for decision makers to make valid and well-grounded decisions. There are a lot of traditional risk assessment methods that focus on information security. There are also CBA (Cost-Benefit Analysis) methods that are used to make sure investments are cost-effective and provide value for the organization. The aim of this thesis is to combine those and see if they can be merged to one risk assessment method to increase the value of the result. CBA will be added to a more traditional risk assessment method called IRAM2. The thesis will evaluate if they are suited to be used together and if it provides a more valuable result when combining them than only using one of them. The research method that has been used in this study is ADR. It has been used as a way of working when producing a new hybrid method together with some design principles regarding how to combine traditional risk management with economic equations.
34
Ghairat, Noorullah. "Defense, Development and Diplomacy in Hybrid State-building Interventions : A local perspective on the outcomes of Provincial Reconstruction Teams in Afghanistan." Thesis, Linnéuniversitetet, Institutionen för samhällsstudier (SS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-106889.
Full textAbstract:
Most studies on Provincial Reconstruction Teams in Afghanistan have focused on foreign perspectives thus giving little attention to the perspective of local Afghans to understand its aftermath and consequences. Based on empirical work and information drawn from semi-structured interviews with experts who have worked with military and civilian development agencies as well as government liaison officers, this study explores the intended and unintended outcomes of PRTs across the country. The findings were interpreted with the help of a theoretical framework based on PRT objectives such as security implementation, reconstruction, and development as well as extending the authority of central government and building local institutions. The findings show that there were various factors ignored which impacted the success of the Afghan state-building operation. The lack of local knowledge regarding political, cultural, and religious aspects, relying on warlords, putting the local institutions in wrong hands, lack of local consent, inadequate and unprofessional disbursement of development aid, putting the military in charge of everything, undermining the human development aspects as well as the long-term presence of foreign militaries in the country were some of the major factors which lead the PRTs to have unsuccessful and counterproductive outcomes. In addition, the aid disbursed by the military has not only diverted the military from its main task but also led to a high level of corruption, high expenditure, lowest possible quality, risking the safety of civilians, NGOs as well as development in the country. Furthermore, the discussion and analysis of the findings show that the use of the military might have played a much greater role in the failure of the overall state-building campaign as the role of diplomatic and development agencies was undermined.
35
Salehi, Pour Mehr Vahid. "Development and Verification of Control and Protection Strategies in Hybrid AC/DC Power Systems for Smart Grid Applications." FIU Digital Commons, 2012. http://digitalcommons.fiu.edu/etd/804.
Full textAbstract:
Modern power networks incorporate communications and information technology infrastructure into the electrical power system to create a smart grid in terms of control and operation. The smart grid enables real-time communication and control between consumers and utility companies allowing suppliers to optimize energy usage based on price preference and system technical issues. The smart grid design aims to provide overall power system monitoring, create protection and control strategies to maintain system performance, stability and security.
This dissertation contributed to the development of a unique and novel smart grid test-bed laboratory with integrated monitoring, protection and control systems. This test-bed was used as a platform to test the smart grid operational ideas developed here. The implementation of this system in the real-time software creates an environment for studying, implementing and verifying novel control and protection schemes developed in this dissertation. Phasor measurement techniques were developed using the available Data Acquisition (DAQ) devices in order to monitor all points in the power system in real time. This provides a practical view of system parameter changes, system abnormal conditions and its stability and security information system. These developments provide valuable measurements for technical power system operators in the energy control centers. Phasor Measurement technology is an excellent solution for improving system planning, operation and energy trading in addition to enabling advanced applications in Wide Area Monitoring, Protection and Control (WAMPAC).
Moreover, a virtual protection system was developed and implemented in the smart grid laboratory with integrated functionality for wide area applications. Experiments and procedures were developed in the system in order to detect the system abnormal conditions and apply proper remedies to heal the system.
A design for DC microgrid was developed to integrate it to the AC system with appropriate control capability. This system represents realistic hybrid AC/DC microgrids connectivity to the AC side to study the use of such architecture in system operation to help remedy system abnormal conditions.
In addition, this dissertation explored the challenges and feasibility of the implementation of real-time system analysis features in order to monitor the system security and stability measures. These indices are measured experimentally during the operation of the developed hybrid AC/DC microgrids. Furthermore, a real-time optimal power flow system was implemented to optimally manage the power sharing between AC generators and DC side resources.
A study relating to real-time energy management algorithm in hybrid microgrids was performed to evaluate the effects of using energy storage resources and their use in mitigating heavy load impacts on system stability and operational security.
36
Eskenazi, Sébastien. "On the stability of document analysis algorithms : application to hybrid document hashing technologies." Thesis, La Rochelle, 2016. http://www.theses.fr/2016LAROS019/document.
Full textAbstract:
Un nombre incalculable de documents est imprimé, numérisé, faxé, photographié chaque jour. Ces documents sont hybrides : ils existent sous forme papier et numérique. De plus les documents numériques peuvent être consultés et modifiés simultanément dans de nombreux endroits. Avec la disponibilité des logiciels d’édition d’image, il est devenu très facile de modifier ou de falsifier un document. Cela crée un besoin croissant pour un système d’authentification capable de traiter ces documents hybrides. Les solutions actuelles reposent sur des processus d’authentification séparés pour les documents papiers et numériques. D’autres solutions reposent sur une vérification visuelle et offrent seulement une sécurité partielle. Dans d’autres cas elles nécessitent que les documents sensibles soient stockés à l’extérieur des locaux de l’entreprise et un accès au réseau au moment de la vérification. Afin de surmonter tous ces problèmes, nous proposons de créer un algorithme de hachage sémantique pour les images de documents. Cet algorithme de hachage devrait fournir une signature compacte pour toutes les informations visuellement significatives contenues dans le document. Ce condensé permettra la création de systèmes de sécurité hybrides pour sécuriser tout le document. Ceci peut être réalisé grâce à des algorithmes d’analyse du document. Cependant ceux-ci ont besoin d’être porté à un niveau de performance sans précédent, en particulier leur fiabilité qui dépend de leur stabilité. Après avoir défini le contexte de l’étude et ce qu’est un algorithme stable, nous nous sommes attachés à produire des algorithmes stables pour la description de la mise en page, la segmentation d’un document, la reconnaissance de caractères et la description des zones graphiquesAn innumerable number of documents is being printed, scanned, faxed, photographed every day. These documents are hybrid : they exist as both hard copies and digital copies. Moreover their digital copies can be viewed and modified simultaneously in many places. With the availability of image modification software, it has become very easy to modify or forge a document. This creates a rising need for an authentication scheme capable of handling these hybrid documents. Current solutions rely on separate authentication schemes for paper and digital documents. Other solutions rely on manual visual verification and offer only partial security or require that sensitive documents be stored outside the company’s premises and a network access at the verification time. In order to overcome all these issues we propose to create a semantic hashing algorithm for document images. This hashing algorithm should provide a compact digest for all the visually significant information contained in the document. This digest will allow current hybrid security systems to secure all the document. This can be achieved thanks to document analysis algorithms. However those need to be brought to an unprecedented level of performance, in particular for their reliability which depends on their stability. After defining the context of this study and what is a stable algorithm, we focused on producing stable algorithms for layout description, document segmentation, character recognition and describing the graphical parts of a document
37
Bansal, Tarun Kumar. "Designing generic asymmetric key cryptosystem with message paddings." Thesis, Queensland University of Technology, 2018. https://eprints.qut.edu.au/117071/1/Tarun%20Kumar_Bansal_Thesis.pdf.
Full textAbstract:
This thesis focuses on structural remodelling and security proof of cryptographic schemes. A message pre-processing, also known as asymmetric message padding, is an essential step in asymmetric encryption which is heavily used in secure banking applications. In this thesis, we propose new effective padding schemes and able to mitigate the various computation and memory overhead compared to previous works. We are also able to provide streaming capability which was missing in most of the previous works. Mathematical security proof of proposed schemes justifies their security.
38
Megahed, Mohamed Helmy Mostafa. "SurvSec Security Architecture for Reliable Surveillance WSN Recovery from Base Station Failure." Thèse, Université d'Ottawa / University of Ottawa, 2014. http://hdl.handle.net/10393/31154.
Full textAbstract:
Surveillance wireless sensor networks (WSNs) are highly vulnerable to the failure of the base station (BS) because attackers can easily render the network useless for relatively long periods of time by only destroying the BS. The time and effort needed to destroy the BS is much less than that needed to destroy the numerous sensing nodes.
Previous works have tackled BS failure by deploying a mobile BS or by using multiple BSs, which requires extra cost. Moreover, despite using the best electronic countermeasures, intrusion tolerance systems and anti-traffic analysis strategies to protect the BSs, an adversary can still destroy them. The new BS cannot trust the deployed sensor nodes. Also, previous works lack both the procedures to ensure network reliability and security during BS failure such as storing then sending reports concerning security threats against nodes to the new BS and the procedures to verify the trustworthiness of the deployed sensing nodes. Otherwise, a new WSN must be re-deployed which involves a high cost and requires time for the deployment and setup of the new WSN. In this thesis, we address the problem of reliable recovery from a BS failure by proposing a new security architecture called Surveillance Security (SurvSec).
SurvSec continuously monitors the network for security threats and stores data related to node security, detects and authenticates the new BS, and recovers the stored data at the new BS. SurvSec includes encryption for security-related information using an efficient dynamic secret sharing algorithm, where previous work has high computations for dynamic secret sharing. SurvSec includes compromised nodes detection protocol against collaborative work of attackers working at the same time where previous works have been inefficient against collaborative work of attackers working at the same time.
SurvSec includes a key management scheme for homogenous WSN, where previous works assume heterogeneous WSN using High-end Sensor Nodes (HSN) which are the best target for the attackers. SurvSec includes efficient encryption architecture against quantum computers with a low time delay for encryption and decryption, where previous works have had high time delay to encrypt and decrypt large data size, where AES-256 has 14 rounds and high delay. SurvSec consists of five components, which are:
1. A Hierarchical Data Storage and Data Recovery System.
2. Security for the Stored Data using a new dynamic secret sharing algorithm.
3. A Compromised-Nodes Detection Algorithm at the first stage.
4. A Hybrid and Dynamic Key Management scheme for homogenous network.
5. Powerful Encryption Architecture for post-quantum computers with low time delay.
In this thesis, we introduce six new contributions which are the followings:
1. The development of the new security architecture called Surveillance Security (SurvSec) based on distributed Security Managers (SMs) to enable distributed network security and distributed secure storage.
2. The design of a new dynamic secret sharing algorithm to secure the stored data by using distributed users tables.
3. A new algorithm to detect compromised nodes at the first stage, when a group of attackers capture many legitimate nodes after the base station destruction. This algorithm is designed to be resistant against a group of attackers working at the same time to compromise many legitimate nodes during the base station failure.
4. A hybrid and dynamic key management scheme for homogenous network which is called certificates shared verification key management.
5. A new encryption architecture which is called the spread spectrum encryption architecture SSEA to resist quantum-computers attacks.
6. Hardware implementation of reliable network recovery from BS failure.
The description of the new security architecture SurvSec components is done followed by a simulation and analytical study of the proposed solutions to show its performance.
39
Koffi, Affoué Marie-Noël. "Réflexions pour un renouveau du droit des sûretés personnelles." Thesis, Lyon, 2019. http://www.theses.fr/2019LYSES060.
Full textAbstract:
Traditionnellement considéré comme un contrat unilatéral, le cautionnement exige de la caution l’exécution d’une prestation. Cependant, dans le but de protéger la caution, considérée comme une partie faible lorsqu’elle contracte avec un créancier professionnel, le législateur a, au fil des années, à travers diverses réformes, imposé des obligations au créancier bénéficiaire d’un cautionnement. Si ces nouvelles contraintes du créancier ont créé un déséquilibre entre la protection des parties, les réformes ponctuelles accomplies sans vision d’ensemble dont elles résultent, ont porté atteinte à la lisibilité et à l’harmonisation de la matière et, constituent un obstacle à la sécurité juridique et à la finalité de la sûreté. À cela, il faut ajouter le particularisme du cautionnement, en l’occurrence, son caractère accessoire qui soulève des difficultés d’application. Ces imperfections de la sûreté-modèle ont conduit la pratique à développer de nouvelles sûretés personnelles considérées comme des substituts au cautionnement et à utiliser des mécanismes du droit des obligations à des fins de sûretés. Or, la multiplication des sûretés personnelles crée un risque de concurrence entre elles et constitue un frein à la rationalisation de la matière. Dès lors, il convient de repenser le droit des sûretés personnelles. La présente étude propose un nouveau modèle sûreté (la sûreté personnelle hybride) doté d’un régime juridique emprunté en partie au cautionnement et à la garantie à première demande, orienté vers une approche unitaire des sûretés personnelles garantissant des engagements de payerTraditionally considered as a unilateral contract, a bond requires the guarantor to perform a service. However, in order to protect the guarantor, considered as a weak party when it contracts with a professional creditor, the legislator has, over the years, through various reforms, imposed obligations on the creditor receiving a guarantee. While these new creditor constraints have created an imbalance between the protection of the parties, the resulting ad hoc reforms, without an overall vision, have undermined the readability and harmonisation of the subject matter and constitute an obstacle to legal certainty and the purpose of security. To this must be added the particular nature of the bond, in this case, its accessory nature, which raises enforcement difficulties. These imperfections of the model security have led to the practice of developing new personal securities considered as substitutes for suretyship and using mechanisms of the law of obligations for security purposes. However, the multiplication of personal securities creates a risk of competition between them and hinders the rationalisation of the matter. Therefore, it is necessary to rethink the law of personal securities. This study proposes a new security model (the hybrid personal security) with a legal regime borrowed in part from the guarantee and first-demand guarantee, oriented towards a unitary approach to personal securities guaranteeing payment commitments
40
Kalibjian, Jeff. "Securing Telemetry Post Processing Applications with Hardware Based Security." International Foundation for Telemetering, 2004. http://hdl.handle.net/10150/605052.
Full textAbstract:
International Telemetering Conference Proceedings / October 18-21, 2004 / Town & Country Resort, San Diego, CaliforniaThe use of hardware security for telemetry in satellites utilized for intelligence and defense applications is well known. Less common is the use of hardware security in ground-based computers hosting applications that post process telemetry data. Analysis reveals vulnerabilities in software only security solutions that can result in the compromise of telemetry data housed on ground-based computer systems. Such systems maybe made less susceptible to compromise with the use of hardware based security.
41
Cortijo, Aragon Santiago José. "Sécurité pour des infrastructures critiques SCADA fondée sur des modèles graphiques probabilistes." Electronic Thesis or Diss., Sorbonne université, 2018. https://accesdistant.sorbonne-universite.fr/login?url=https://theses-intra.sorbonne-universite.fr/2018SORUS502.pdf.
Full textAbstract:
Dans la présente thèse, deux nouveaux modèles basés sur les Réseaux Bayésiens (BN) sont proposés: les BN à densités conditionnelles tronquées (ctdBN) et les BN à densités conditionnelles (cdBN). Ceux-ci permettent la modélisation de probabilités jointes pour des systèmes avec des variables aléatoires discrètes et continues. Nous analysons la complexité algorithmique pour l'inférence exacte dans les modèles proposés et montrons qu'elles sont du même ordre que celle des BNs classiques. Nous étudions également le problème d’apprentissage des cdBNs: nous proposons une fonction de score basée sur le score BD, ainsi qu’un algorithme d'apprentissage basé sur l'algorithme EM structural, tout en supposant l'existence de variables latentes discrètes correspondantes à chaque variable continue. En outre, nous prouvons théoriquement que les modèles cdBN et ctdBN peuvent approcher n'importe quelle distribution de probabilité jointe Lipschitzienne, montrant ainsi l'expressivité de ces modèles. Dans le cadre du projet Européen SCISSOR, dont le but est la cyber-securité, nous utilisons le modèle cdBN pour décrire la dynamique d'un système SCADA et diagnostiquer des anomalies dans des observations prises en temps réel, tout en interprétant une anomalie comme une menace potentielle à l'intégrité du systèmeIn this thesis two new Bayesian-Network-based models are proposed: conditional truncated densities Bayesian networks (ctdBN) and conditional densities Bayesian networks (cdBN). They model joint probability distributions of systems combining discrete and continuous random variables. We analyze the complexity of exact inference for the proposed models, concluding that they are in the same order of the one for the classical Bayesian Network model. We also analyze the challenge of learning cdBNs, proposing a score function based in the BD score as well as a whole learning algorithm based on the structural EM algorithm, assuming the existence of discrete latent variables corresponding to each continuous variable. In addition, we proof theoretically that the cdBN and ctdBN models can approximate well any Lipschitz joint probability distribution, which shows the expressiveness of these models. Within the framework of the European project SCISSOR, whose goal is cyber-security, we use the cdBN model to describe the dynamics of a SCADA system and to diagnose anomalies in observations taken in real time, interpreting an anomaly as a potential threat to the integrity of the system
42
Nilsson, Pierre. "Hybridhotbilden mot Sverige : En kvalitativ försvars- och säkerhetspolitisk innehållsanalys om hybridhot." Thesis, Karlstads universitet, Institutionen för samhälls- och kulturvetenskap (from 2013), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-82726.
Full textAbstract:
With a changing state of security in Europe, defined by instability and unpredictability, the use of hybrid threats presents itself as an international security challenge. Characterized by the antagonistic use of both conventional and unconventional means, the hybrid threat actor coordinates these means in an attempt achieve specific goals, often under a guise of ambiguity. The complexity of hybrid threats deepens as advancing technology and globalisation enables the hybrid threat actor to use tools not only bound by geographical constraints, but tools that makes use the cyber domain and the constant flow of information. Tools ranging from military, political, economic, civil, and informational tools can, in various combinations, take advantage of specific vulnerabilities in the target state. Identifying and countering such a wide range of multifaceted tools provides a difficult task for most states. This study aims to investigate the Swedish hybrid threat scenario by focusing on the authorities concerned with national defence and security and their identification of potential hybrid threats that faces Sweden. For countering such hybrid threats the study investigates the highly topical Swedish defence act 2021-2025. Its focus being on investigating potential goals, strategies and abilities for building resilience and countermeasures regarding hybrid threats. The study finds that Sweden is subject to the use of hybrid threats by antagonistic state actors, mainly Russia and China. Tools being used against Sweden include for example espionage, strategic acquisition of businesses and real estate, disinformation, and cyberattacks. For countering these threats, the study fails to find a specific set of goals for hybrid threat defence. Instead, the study finds a broad effort to strengthen national defence and security including among others the rebuilding of the Total Defence, founding of a national cybersecurity centrum, instituting an agency for psychological defence as well as lifting the perspective of hybrid threat among relevant national agencies.
43
Siddiqui, Muhammad Anas. "Cloud Computing : Evaluation, as a platform for Scania Architecture." Thesis, Mittuniversitetet, Institutionen för informationsteknologi och medier, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-18896.
Full textAbstract:
Cloud computing has been given a great deal of attention during recent years. Almost all the technology market leaders and leading hosting service providers (like IBM, Microsoft and Verizon) have entered into the Cloud market as Cloud Providers. Cloud computing promises to provide highly available, secure, low cost, agile and highly scalable solution to the consumers. Scania is a global company and one of the world’s leading heavy vehicle manufacturers with 35,000+ employees. All the large organizations such as Scania, aim to constantly update themselves with the latest technology in order to meet their business requirements but, these organizations must always be convinced that there is a strong reason(s) to implement new technology. This research provides the method and criteria in relation to initiating Cloud computing. A number of Scania’s specific business requirements that it is possible to map to the Cloud are addressed in this thesis. The methodology of research is split in two parts. Firstly, the identification of business cases at Scania and their requirements with the Cloud and Secondly, the evaluation and comparison of the functionalities and capabilities of different vendors. The accumulated data is then compared and suitable vendors, according to those business requirements are suggested. This thesis also shares the experience of moving on premise applications to the Cloud. These are Scania specific applications which are currently being hosted in-house. The research also addresses the possibilities of portability between the Cloud providers. Although there is no standardization in relation to Cloud computing, some initiatives such as OpenStack are available and its current position and some application and data migration tools are also discussed. The thesis concludes with a general discussion, recommendations in relation to adapting Cloud computing and selecting the Cloud provider. This recommendation applies to every organization including Scania.
44
Sein, Chaw Chaw [Verfasser], Ralph [Akademischer Betreuer] Mitlöhner, Joachim [Akademischer Betreuer] Saborowski, and František [Akademischer Betreuer] Hapla. "Growth and Site Conditions of Acacia mangium, Acacia hybrid, Eucalyptus urophylla, Cinnamomum parthenoxylon and Erythropholeum fordii for Livelihood Security of Smallholders in Industrial Tree Planting Programs of Vietnam / Chaw Chaw Sein. Gutachter: Ralph Mitlöhner ; Joachim Saborowski ; František Hapla. Betreuer: Ralph Mitlöhner." Göttingen : Niedersächsische Staats- und Universitätsbibliothek Göttingen, 2012. http://d-nb.info/1042262780/34.
Full text
45
[Verfasser], Chaw Chaw Sein, Ralph [Akademischer Betreuer] Mitlöhner, Joachim [Akademischer Betreuer] Saborowski, and František [Akademischer Betreuer] Hapla. "Growth and Site Conditions of Acacia mangium, Acacia hybrid, Eucalyptus urophylla, Cinnamomum parthenoxylon and Erythropholeum fordii for Livelihood Security of Smallholders in Industrial Tree Planting Programs of Vietnam / Chaw Chaw Sein. Gutachter: Ralph Mitlöhner ; Joachim Saborowski ; František Hapla. Betreuer: Ralph Mitlöhner." Göttingen : Niedersächsische Staats- und Universitätsbibliothek Göttingen, 2012. http://nbn-resolving.de/urn:nbn:de:gbv:7-webdoc-3435-6.
Full text
46
Drira, Wassim. "Secure collection and data management system for WSNs." Phd thesis, Institut National des Télécommunications, 2012. http://tel.archives-ouvertes.fr/tel-00814664.
Full textAbstract:
Nowadays, each user or organization is already connected to a large number of sensor nodes which generate a substantial amount of data, making their management not an obvious issue. In addition, these data can be confidential. For these reasons, developing a secure system managing the data from heterogeneous sensor nodes is a real need. In the first part, we developed a composite-based middleware for wireless sensor networks to communicate with the physical sensors for storing, processing, indexing, analyzing and generating alerts on those sensors data. Each composite is connected to a physical node or used to aggregate data from different composites. Each physical node communicating with the middleware is setup as a composite. The middleware has been used in the context of the European project Mobesens in order to manage data from a sensor network for monitoring water quality. In the second part of the thesis, we proposed a new hybrid authentication and key establishment scheme between senor nodes (SN), gateways (MN) and the middleware (SS). It is based on two protocols. The first protocol intent is the mutual authentication between SS and MN, on providing an asymmetric pair of keys for MN, and on establishing a pairwise key between them. The second protocol aims at authenticating them, and establishing a group key and pairwise keys between SN and the two others. The middleware has been generalized in the third part in order to provide a private space for multi-organization or -user to manage his sensors data using cloud computing. Next, we expanded the composite with gadgets to share securely sensor data in order to provide a secure social sensor network
47
Rebiha, Rachid 1977. "Métodos formais algébricos para geração de invariantes." [s.n.], 2011. http://repositorio.unicamp.br/jspui/handle/REPOSIP/275741.
Full textAbstract:
Orientador: Arnaldo Vieira MouraTese (doutorado) - Universidade Estadual de Campinas, Instituto de Computação
Made available in DSpace on 2018-08-19T00:11:05Z (GMT). No. of bitstreams: 1 Rebiha_Rachid_D.pdf: 1451665 bytes, checksum: abe6fc4e72cf43113c7c93064ab11ed8 (MD5) Previous issue date: 2011
Resumo: É bem sabido que a automação e a eficácia de métodos de verificação formal de softwares, sistemas embarcados ou sistemas híbridos, depende da facilidade com que invariantes precisas possam ser geradas automaticamente a partir do código fonte. Uma invariante é uma propriedade, especificada sobre um local específico do código fonte, e que sempre se verifica a cada execução de um sistema. Apesar dos progressos enormes ao longo dos anos, o problema da geração de invariantes ainda está em aberto para tanto programas não-lineares discretos, como para sistemas não-lineares híbridos. Nesta tese, primeiramente, apresentamos novos métodos computacionais que podem automatizar a descoberta e o fortalecimento de relações não-lineares entre as variáveis de um programa que contém laços não-lineares, ou seja, programas que exibem relações polinomiais multivariadas e manipulações fracionarias. Além disso, a maioria dos sistemas de segurança críticos, tais como aviões, automóveis, produtos químicos, usinas de energia e sistemas biológicos, operam semanticamente como sistemas híbridos não-lineares. Nesse trabalho, apresentamos poderosos métodos computacionais que são capazes de gerar bases de ideais polinomiais de invariantes não-lineares para sistemas híbridos não-lineares. Em segundo lugar, apresentamos métodos pioneiros de verificação que automaticamente gerem bases de invariantes expressas por séries de potências multi-variáveis e por funções transcendentais. Discutimos, também, a sua convergência em sistemas híbridos que exibem modelos não lineares. Verificamos que as séries de potência geradas para invariantes são, muitas vezes, compostas pela expansão de algumas funções transcendentais bem conhecidas, tais como "log" e "exp". Assim, apresentam uma forma analisável fechada que facilita o uso de invariantes na verificação de propriedades de segurança. Para cada problema de geração de invariantes estabelecemos condições suficientes, muito gerais, que garantem a existência e permitem o cálculo dos ideais polinomiais para situações que não podem ser tratadas pelas abordagens de geração invariantes hoje conhecidas. Finalmente, estendemos o domínio de aplicações, acessíveis através de métodos de geração de invariantes, para a área de segurança. Mais precisamente, fornecemos uma plataforma extensível baseada em invariantes pré-computadas que seriam usadas como assinaturas semânticas para análise de intrusos ("malwares") e deteção dos ataques de intrusões mais virulentos. Seguindo a concepção de tais plataformas, propomos sistemas de detecção de intrusão, usando modelos gerados automaticamente, onde as chamadas de sistema e de funções são vigiados pela avaliação de invariantes, pré-calculadas para denunciar qualquer desvio observado durante a execução da aplicação. De modo abrangente, nesta tese, propomos a redução de problemas de geração de invariantes para problemas algébricos lineares. Ao reduzir os problemas de geração de invariante não-triviais de sistemas híbridos não-lineares para problemas algébricos lineares relacionados, somos capazes de ultrapassar as deficiências dos mais modernos métodos de geração de invariante hoje conhecidos permitindo, assim, a geração automática e eficiente de invariantes para programas e sistemas híbridos não lineares complexos. Tais métodos algébricos lineares apresentam complexidades computacionais significativamente inferiores àquelas exigidas pelos os fundamentos matemáticos das abordagens usadas hoje, tais como a computação de bases de Gröbner, a eliminação de quantificadores e decomposições cilíndricas algébricas
Abstract: It is well-known that the automation and effectiveness of formal software verification of embedded or hybrid systems depends to the ease with which precise invariants can be automatically generated from source specifications. An invariant is a property that holds true at a specific location in the specification code, whenever an execution reaches that location. Despite tremendous progress over the years, the problem of invariant generation remains very challenging for both non-linear discrete programs, as well as for non-linear hybrid systems. In this thesis, we first present new computational methods that can automate the discovery and can strengthen interrelationships among the variables of a program that contains non-linear loops, that is, programs that display multivariate polynomial and fractional manipulations. Moreover, most of safety-critical systems such as aircraft, cars, chemicals, power plants and biological systems operate semantically as non-linear hybrid systems. In this work, we demonstrate powerful computational methods that can generate basis for non-linear invariant ideals of non-linear hybrid systems. Secondly, we present the first verification methods that automatically generate basis for invariants expressed by multivariate formal power series and transcendental functions. We also discuss their convergence over hybrid systems that exhibit non linear models. The formal power series invariants generated are often composed by the expansion of some well-known transcendental functions e.g. log and exp. They also have an analysable closed-form which facilitates the use of the invariants when verifying safety properties. For each invariant generation problem, we establish very general sufficient conditions that guarantee the existence and allow for the computation of invariant ideals for situations that can not be treated in the presently known invariant generation approaches. Finally, we extend the domain of applications for invariant generation methods to encompass security problems. More precisely, we provide an extensible invariant-based platform for malware analysis and show how we can detect the most virulent intrusions attacks using these invariants. We propose to automatically generate invariants directly from the specified malware code in order to use them as semantic aware signatures, i.e. malware invariant, that would remain unchanged by most obfuscated techniques. Folix lowing the design of such platforms, we propose host-based intrusion detection systems, using automatically generated models where system calls are guarded by pre-computed invariants in order to report any deviation observed during the execution of the application. In a broad sense, in this thesis, we propose to reduce the verification problem of invariant generation to algebraic problems. By reducing the problems of non-trivial nonlinear invariant generation for programs and hybrid systems to related linear algebraic problems we are able to address various deficiencies of other state-of-the-art invariant generation methods, including the efficient treatment of complicated non-linear loop programs and non-linear hybrid systems. Such linear algebraic methods have much lower computational complexities than the mathematical foundations of previous approaches know today, which use techniques such as as Gröbner basis computation, quantifier elimination and cylindrical algebraic decomposition
Doutorado
Ciência da Computação
Doutor em Ciência da Computação
48
Sahli, Nabil. "Contribution au problème de la sécurité sémantique des systèmes : approche basée sur l'ingénierie dirigée par les modèles." Electronic Thesis or Diss., Aix-Marseille, 2019. http://www.theses.fr/2019AIXM0699.
Full textAbstract:
Les infrastructures industrielles critiques seront dotées de plusieurs équipements embarqués intelligents. Elles exploitent des systèmes complexes, embarqués, intelligents et sémantiques pour leurs fonctionnements, en local et à distance, dans un contexte de développement, de villes intelligentes et du web des objets. Elles emploient, de plus en plus de systèmes «contrôle/commande», pour la surveillance des plateformes industrielles critiques, en temps réel. Les infrastructures critiques seront de plus en plus communicantes dans le cadre des échanges des alarmes et la mise en place de marchés euro-méditerranéens de l’électricité et davantage plus vulnérables. La cybernétique des plateformes critiques se développe, de jour en jour, essentiellement avec l’usage de systèmes complexes embarqués intelligents sémantiques, des services web, des ontologies,..etc. Ils sont tous embarqués sur les instruments intelligents, composant les systèmes sémantiques. Des réseaux de télécommunication intelligents, filaire et sans fil, dit hybrides, se développent. Ils représentent un grand challenge, pour la sécurité des systèmes communicants futurs. Dans un contexte de développement du web, des objets et des villes intelligentes, nos travaux de recherche visent à renforcer les bases de la sécurité et de la cybernétique sémantique, pour les systèmes communicants. Dans notre solution globale, en matière de sécurité sémantique, des infrastructures critiques, nous avons proposé plusieurs sous-solutions, tels que des méta-modèles et des modèles, ainsi qu’une stratégie de sécurité de bout en bout, avec un fonctionnement sur un réseau Cloud global, hybride et sécuriséCritical, modern, current, and even future industrial infrastructures will be equipped with several intelligent embedded equipment. They exploit complex, embedded, intelligent and semantic systems for their operations, locally and remotely, in a context of development, smart cities and the web of things. They are using more and more SCADA and DCS control systems to monitor critical industrial platforms in real time. Critical infrastructures will be more and more communicating in the framework of the exchanges of allarmes and the establishment of Euro-Mediterranean markets of the életcricité and also more and more vulnerable, to classic and even semantic attacks, to viruses, to Trojan horses. The cybernetics of critical platforms is growing, day by day, mainly with the use of complex embedded intelligent semantic systems, web services, ontologies, and format files (XML, OWL, RDF, etc.). They are all embedded in intelligent instruments, making up semantic SCADA systems. Intelligent telecommunication networks, wired and wireless, called hybrids, are developing. They represent a great challenge for the security of future communicating systems. In a context of development of the web of things and smart cities, our research aims to strengthen the bases of security and semantic cybernetics, for communicating systems. In our global solution for semantic security, critical infrastructures, we have proposed several sub-solutions, such as metamodels and models, as well as an end-to-end security strategy, with operation on a global cloud network, hybrid and secure
49
Šťastný, Jan. "Řízení projektů v cloudu." Master's thesis, Vysoká škola ekonomická v Praze, 2014. http://www.nusl.cz/ntk/nusl-193783.
Full textAbstract:
Goal of this thesis is to provide a summary of information connected to cloud project management. The thesis describes, what cloud is, what types of cloud there are and also describes project management methodologies and their specifics. In the practical part of this thesis one of the methodologies is applied to a practical project. The thesis contains also a summary of practical information about cloud projects and risks associated with cloud projects.
50
Riberg, Joakim, and Johan Selin. "Det moderna kriget och de hybrida hoten : Ett problem för Sveriges nationella säkerhetsstrategi?" Thesis, Högskolan i Halmstad, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-39726.
Full textAbstract:
Under 2014 genomförde Ryssland framför ögonen på resten av världen en annektering av Krimhalvön i Ukraina. Västvärlden var i det som närmast kan beskrivas som en chock över detta offensiva beteende. Utan någon förvarning så flyttade Ryssland med stöd av "små gröna män" fram sina positioner på Krimhalvön. En ny taktik användes och strider blandades med andra medel och metoder i det som populärt kan uttryckas som gråzonen. Denna undersökning besvarar följande problemformulering med stöd av en kvalitativ textanalys i form av en dokumentundersökning. Utifrån ett säkerhetsstrategiskt perspektiv; Hur kan problamtiken med hybrida hot i gråzonen beskrivas och hur omhändertas dessa i den nationella säkerhetsstrategin? Genom att läsa i empiri och teori om gråzon, hybrida hot och säkerhetsstrategier skapar sig författarna en modell för analys. Denna analysmodell används sedan för att analysera den (Svenska) nationella säkerhetstrategin som publicerades 2017. Analysmodellen grundar sig på de av Treverton identifierade hybrida hoten: Desinformation, cyberattacker, ekonomiska påtryckningar, irreguljära beväpnade styrkor, reguljära beväpnade styrkor.Undersökningen visar att den nationella säkerhetsstrategin, trots en bristande tydlighet inom vissa områden och en bristande balans mellan mål, metoder och medel, identifierar och ger styrningar för omhändertagandet av de identifierade hybrida hoten. Vidare visar säkerhetsstrategin på en bred förståelse och tolkning av begreppen hybrida hot och gråzonen, utan att försöka definiera dessa komplexa begrepp. Då analysmodellen appliceras, belyses en möjlig hotbild; miljöhot. Resultaten av analysen visar också att det kan vara klokt att beskriva just de samtida hoten och utnyttjande av dessa, istället för att argumentera avseende definitioner. Författarna menar att det är av större vikt att skapa en större förståelse för fenomenen, i syfte att åstadkomma en allomfattande ansats för att motverka de verkliga effekterna av hoten.In 2014 Russia, in front of the rest of the world, claimed and performed an annexing of Crimea. The larger parts of the western world were left in shock. Without any acknowledgment Russia moved forward with “little green men” and implied a different tactic. It was not officially war and nor peace, the fighting and the action took place in what was popularly named as the gray zone. This thesis is answering the following questions by using a qualitative document examination. From a strategic security perspective: How can the problem regarding hybrid threats in the gray zone be described and how does the national Swedish strategy respond to these threats? By reading and concluding existing theory about hybrid threats within the gray zone the authors have created their own model of analysis to utilize on the Swedish National Security Strategy. The model of analysis consists of the five main hybrid threats chosen from the theory presented by Treverton: Disinformation, Cyber-attacks, Economic pressure, Irregular armed forces and Regular forces.The thesis concludes that although unclear and found lacking in coherence regarding ends, ways and means; the National Security Strategy addresses and gives guidance on how to counter the effects of the above-mentioned threats. The Security Strategy also shows a consciousness regarding the complexity of the hybrid threats and the gray zone, without trying to define the actual area or methods utilized. When looked at through the model of analysis, it also highlights a possible new threat to be considered; environmental threats. The results of the analysis also indicate that it might be wise to use the term contemporary threats and the utilization of these, instead of arguing about definitions. The authors argue that it is of greater importance to create a larger understanding of the phenomena, in order to counter the actual effects by employing a truly comprehensive approach.