To see the other types of publications on this topic, follow the link: ICT security.
Dissertations / Theses on the topic 'ICT security'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'ICT security.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Pandey, Bimal Raj. "Indicators for ICT security incident management." Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, 2013. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-20665.
Full textAbstract:
Managing the different types and the nature of information security incidents has become a challenging task. However, the use of security incident indicators can improve the capabilities of the incident management process. Indicators are not only needed to assess and monitor the quality of incident management capabilities by quantifying overall processes, but also to provide an early warning and notification of incident occurrences. Though some research work has been initiated for development of measurements and indicators in information security incident management, use of those have been relatively sparse. Also, varied profiles of organizations, changing nature of threats and frequent update and advancement in technology have made it difficult to establish a set of common measurements and indicators. However, there exists significant amount of research, development and implementation of indicators in the safety field. It would be of significant interest to investigate whether safety performance indicators could be adapted to the field of security incident management. In this thesis, a literature study has been performed in the field of safety performance indicators. This study provided us with some results, indicating that effective safety performance indicators could be adapted to the security incident management field. Effective indicators have been adapted to different phases of security incident management through a defined methodology. Those indicators are analysed in detail with their usage, scope, pros and cons in different phases of the incident management process. This thesis also includes a scenario describing the use and implementation of such indicators. It was found that safety indicators could be adapted to the plan, prepare and protect phase, the respond phase and the review phase of an incident management process, and they have been effective to measure the efficiency as well as the capabilities of corresponding phases. For the detection phase, however, it was found that the safety indicators could only be adapted with great difficulties.
2
Bellavista, Daniele. "Ict security: Defence strategies against targeted attacks." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/6960/.
Full textAbstract:
L’avanzare delle tecnologie ICT e l’abbattimento dei costi di produzione hanno portato ad un aumento notevole della criminalità informatica. Tuttavia il cambiamento non è stato solamente quantitativo, infatti si può assistere ad un paradigm-shift degli attacchi informatici da completamente opportunistici, ovvero senza un target specifico, ad attacchi mirati aventi come obiettivo una particolare persona, impresa o nazione. Lo scopo della mia tesi è quello di analizzare modelli e tassonomie sia di attacco che di difesa, per poi valutare una effettiva strategia di difesa contro gli attacchi mirati. Il lavoro è stato svolto in un contesto aziendale come parte di un tirocinio. Come incipit, ho effettuato un attacco mirato contro l’azienda in questione per valutare la validità dei sistemi di difesa. L’attacco ha avuto successo, dimostrando l’inefficacia di moderni sistemi di difesa. Analizzando i motivi del fallimento nel rilevare l’attacco, sono giunto a formulare una strategia di difesa contro attacchi mirati sotto forma di servizio piuttosto che di prodotto. La mia proposta è un framework concettuale, chiamato WASTE (Warning Automatic System for Targeted Events) il cui scopo è fornire warnings ad un team di analisti a partire da eventi non sospetti, ed un business process che ho nominato HAZARD (Hacking Approach for Zealot Attack Response and Detection), che modella il servizio completo di difesa contro i targeted attack. Infine ho applicato il processo all’interno dell’azienda per mitigare minacce ed attacchi informatici.
3
Mella, Luca. "Ict security: Testing methodology for targeted attack defence tools." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/6963/.
Full textAbstract:
La tesi di laurea presentata si inserisce nell’ampio contesto della Sicurezza Informatica, in particolare tratta il problema del testing dei sistemi di sicurezza concepiti per contrapporsi alle odierne minacce: gli attacchi mirati (Targeted Attacks) ed in generale le minacce avanzate persistenti (Advanced Persistent Threats).
Il principale obiettivo del lavoro svolto è lo sviluppo e la discussione di una metodologia di test per sistemi di sicurezza focalizzati su questo genere di problemi. Le linee guida proposte hanno lo scopo di aiutare a colmare il divario tra quello che viene testato e quello che in realt`a deve essere affrontato realmente.
Le attività svolte durante la preparazione della tesi sono state sia di tipo teorico, per quanto concerne lo sviluppo di una metodologia per affrontare al meglio il testing di sistemi di sicurezza a fronte di attacchi mirati, che ne di tipo sperimentale in quanto si sono utilizzati tali concetti per lo svolgimento di test su più strumenti di difesa in uno scenario d’interesse reale.
4
Kvastad, Johan. "ICT Security of an Electronic Health Record System: an Empirical Investigation : An in depth investigation of ICT security in a modern healthcare system." Thesis, KTH, Skolan för datavetenskap och kommunikation (CSC), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-194121.
Full textAbstract:
An empirical investigation of the security flaws and features of an in-use modern electronic health record system is performed. The investigation was carried out using dynamic analysis, manual testing and interviews with developers. The results indicate that in-use electronic health record systems suffer from serious authentication flaws, arising from the interaction of many different proprietary systems. The authentication problems are so severe that gaining access to any user’s computer on the hospital intranet would compromise a large database of patient medical records, including radiological data regarding the patients. Common web vulnerabilities were also present, such as injections and incorrectly configured HTTP security headers. These vulnerabilities were heavily mitigated by the use of libraries for constructing web interfaces.En empirisk undersökning av säkerheten inom ett modernt elektroniskt patientjournal-system har utförts. Undersökningen genomfördes med hjälp av dynamisk analys, manuell testning och intervjuer med utvecklarna. Resultatet indikerar att system för elektroniska patientjournaler har stora brister inom autentisering, vilka uppstår p.g.a. att flera olika kommersiella system måste samarbeta. Problemen är så allvarliga att med tillgång till en enda dator på intranätet kan en stor databas med patientdata äventyras, inklusive radiologisk data gällande patienterna. Vanliga websårbarheter fanns också, så som injektioner av skript och inkorrekt konfigurerade HTTP säkerhetsheaders. Dessa sårbarheter mitigerades starkt genom användandet av bibliotek för webinterface.
5
Matusík, Jan. "Zavedení managementu bezpečnosti ICT na základní škole." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2015. http://www.nusl.cz/ntk/nusl-224834.
Full textAbstract:
The aim of this study is aproposal of ICT Security Management implementation in a specific Basic school. Introduction describes the school building, its equipment and existing Security Management. The practical part consists of a discussion about current shortcomings and proposed set of measures for solving the most important problems in terms of management of ICT security.
6
Näckros, Kjell. "Visualising security through computer games : investigating game-based instruction in ICT security : an experimental approach /." Kista : Department of Computer and Systems Sciences, Stockholm University : Royal Institute of Technology, 2005. http://urn.kb.se/resolve?urn=urn:nbn:se:su:diva-533.
Full text
7
Schoffer, Pavel. "Analýza informačního systému ISAD a návrh jeho změn." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2016. http://www.nusl.cz/ntk/nusl-241506.
Full textAbstract:
This diploma thesis focuses on the information system ISAD owned by ISIT a.c. Primary part of the project is composed of analysis of the system and used technologies. Another part is concentrated on integration of the system for given customer and possibilities of enhancement. Project also contains proposals of new and enhancements of current functionality of the system.
8
Tarimo, Charles N. "ICT Security Readiness Checklist for Developing Countries : A Social-Technical Approach." Doctoral thesis, Kista : Department of Computer and Systems Sciences, Stockholm University, 2006. http://urn.kb.se/resolve?urn=urn:nbn:se:su:diva-1354.
Full text
9
Kosek, Jindřich. "Zavedení ISMS v malém podniku se zaměřením na ICT infrastrukturu." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2014. http://www.nusl.cz/ntk/nusl-224444.
Full textAbstract:
The diploma thesis is focused on the design implementation of information security management system in a small business and is applying theoretical knowledge to real-life situations in a manufacturing company. First of all is performed analysis of current status and the consequent threats which can affect the company's assets. Thereafter are proposed measures based on identified risks and requirements of the owner.
10
Sulanová, Monika. "Strategie pro rozvoj vzdělávání v oblasti bezpečnosti ICT na vysokých školách." Master's thesis, Vysoká škola ekonomická v Praze, 2017. http://www.nusl.cz/ntk/nusl-358805.
Full textAbstract:
The thesis deals with the problems of education in ICT security experts at universities in order to design a strategy for the development of education in present degree courses that dealing with this issue. The theoretical part focuses on the definition of ICT security and to familiarize the reader with the basic concepts of information security management and management of cyber security and gives an overview of the overall development of ICT security and the current trends in this area. It also describes the current situation on the labor market in relation to ICT security and the education of professionals in this field and characterizes the existing recommendations for education in ICT security. Practical part focuses on analyzing the current education ic ICT security and on analyzing the knowledge and skills requirements of the labor market to professionals in this area. Defines the basic professional role and knowledge domains that should be covered by this role. In the analytical part they are evaluated current profiles of graduates Master's degree programs focused on this area in order to find gaps in the knowledge base of graduates based on the requirements of the labor market and the existing recommendations. The results of the analysis are input to define a strategy on education in ICT security, which gives basic recommendations on how to eliminate the shortcomings.
11
Imrich, Martin. "Nasazení kontextového DLP systému v rámci zavádění ISMS." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2015. http://www.nusl.cz/ntk/nusl-224836.
Full textAbstract:
This diploma thesis focuses on a DLP implementation within a specific organization. The thesis contains current situation analysis and provides decision for choice of the most suitable DLP based on the analysis findings. Eventually describes a real implementation of the chosen DLP system within the organization.
12
Patáčik, Andrej. "Posouzení informačního systému firmy a návrh změn." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2020. http://www.nusl.cz/ntk/nusl-417652.
Full textAbstract:
In this master’s thesis I focused on assessment of the information system Metrik for Continental Matador Rubber, s.r.o., specifically for the department of Global Evaluation Púchov in Slovakia. The solutions design is based on results of system and company analysis. Output of this thesis is a design of measures and changes aimed on improving efficiency of the analyzed system, improving information and cyber security and increasing overall satisfaction of employees.
13
Kouřimský, Vlastimil. "Výzvy pro CIO." Master's thesis, Vysoká škola ekonomická v Praze, 2011. http://www.nusl.cz/ntk/nusl-124679.
Full textAbstract:
The diploma thesis deals with the issue of the chosen current trends of ICT. The CIO represents the crucial person of the whole thesis. The aim of the thesis is to describe and comment on the connection of the role of the CIO with trends and challenges he/she has to face in recent times. To fulfill this aim it is necessary to realize the current trends through the integration of surveys of the renowned companies dealing with the ICT market. The field overhang of these studies dedicated to technologies is essential. The benefit of the thesis consists of the connection of the business and ICT at the CIO level. The abstraction from technical specifications of the particular trend as well as from the managerial point of view creates an image of the challenges for the CIO in the company context. The introductory part of the thesis reflects the position of ICT in companies and creates an image of the internal connection of the company as a whole. The core of the main part of the thesis contains chapters dedicated to the trends in particular: data analysis, content analysis, social business, big data, ICT security and education. Each of these main chapters describes the current state of the ICT field and its role in the company context. The last part of each main chapter deals with the benefit and the role of the CIO for the mentioned field. CIO's influence on the challenge, allies and possible risks of the trend are mentioned. At the end of the thesis the benefit of the CIO for the company and his/her role of facing challenges which come from the ICT field are evaluated. CIO plays an important role as a responsible person for particular challenges. Nevertheless, as it is apparent from the thesis, the CIO is not the only important part of the system that is necessary to create the maximum from each challenge.
14
Bakari, Jabiri Kuwe. "A Holistic Approach for Managing ICT Security in Non-Commercial Organisations : A Case Study in a Developing Country." Doctoral thesis, Kista : Department of Computer and Systems Sciences, Stockholm University, 2007. http://urn.kb.se/resolve?urn=urn:nbn:se:su:diva-6781.
Full text
15
Lambe, Erik. "Information Security Culture and Threat Perception : Comprehension and awareness of latent threats in organisational settings concerned with information security." Thesis, Uppsala universitet, Statsvetenskapliga institutionen, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-352263.
Full textAbstract:
A new challenge for organisations in the 21st century is how they should ensure information security in a time and environment where the widespread use of Information Communication Technologies (ICTs), such as smartphones, means that information has been made vulnerable in numerous new ways. Recent research on information security has focused on information security culture and how to successfully communicate security standards within an organisation. This study aims to examine how latent threats to information security are conceptualised and examined within an organisation in which information security is important. Since threats posed by ICTs are said to be latent, this study wishes to explore in what ways an inclusion of threat conceptualisation can have in understanding what constitutes an efficacious information security culture when the intention is to ensure information security. The study focuses on the Swedish armed forces, and compare how threats to information security posed by interaction with private ICTs are communicated in information security policies and how they are conceptualised by the members of the organisation. Through interviews conducted with service members, the findings of this study indicate that it is possible to successfully communicate the contents of information security policies without mandating the members of the organisation to read the sources themselves. Furthermore, the study identified a feature of information security culture, in this paper called supererogatory vigilance to threats to information security, which might be of interest for future studies in this area, since it offers adaptive protection to new threats to information security that goes beyond what the established sources protects against.
16
Strachová, Zuzana. "Implementace nástroje pro řízení kybernetické bezpečnosti." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2021. http://www.nusl.cz/ntk/nusl-444573.
Full textAbstract:
The thesis is focused on the implementation of a software tool to increase the effectiveness of cyber security management. The tool is implemented in a company preparing to be classified as a part of critical information infrastructure. Based on the customer's requirements, a suitable cyber security management tool is selected. Subsequently, I propose a methodology for implementing the tool, which I immediately apply. The output of the work is an implemented tool, risk analysis and security documentation required by law.
17
Campbell, Joshua Michael. "How Information and Communication Security Technologies Affect State Power." Malone University Undergraduate Honors Program / OhioLINK, 2016. http://rave.ohiolink.edu/etdc/view?acc_num=ma1462540876.
Full text
18
Hajný, Jiří. "Management informační bezpečnosti ve zdravotnickém zařízení." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2014. http://www.nusl.cz/ntk/nusl-224498.
Full textAbstract:
The diploma thesis focuses on implementation and deployment of information security management system (ISMS) into healthcare organizations. Specifies what is required to include in this process and what not to forget. It includes a risk analysis of a branch of the selected company, and for it is written a safety guide. Safety guide provides advice and recommendations regarding security in terms of human resources, physical security, ICT security and other aspects that should be included in the ISMS deployment in healthcare organizations. The work also reflects the newly emerging law on cyber security. It is expected that the law will also address cyber security in healthcare.
19
Marek, Jaroslav. "Posouzení informačního systému firmy a návrh změn." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2015. http://www.nusl.cz/ntk/nusl-224944.
Full textAbstract:
This diploma thesis is focused on evaluation of the Allrisk, ltd. information system and on the changes proposal. The theoretical part of the work describes an essential background and an explanation of individual methods used for analysis of information systems. Shortcomings revealed by the analysis are worked up and measures are taken to improve the current state.
20
Gustafsson, Magnus, Jonas Norlinder, and Michael Rehn. "Using an ICT System to Increase Efficiency and Effectiveness in Patient-Practitioner Communication." Thesis, Uppsala universitet, Institutionen för informationsteknologi, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-352274.
Full textAbstract:
The number of people dealing with mental health issues like depression is increasing in Sweden. One common tool used by healthcare practitioners when treating depression is the use of self-assessment questionnaires, which estimates how severe the depression is. The current modus operandi is to let patients answer questionnaires with pen-and-paper, a practice with major inefficiencies. Our aim was to develop an ICT (information and communication technology) system that enables efficient and effective communication between patients and practitioners. Efficient in the way that manually transferring questionnaire results from pen-and-paper into the medical record is not necessary and effective in the way that the system enables data visualisation that makes it easier for the healthcare practitioner to make decisions. The result was an ICT system, ready for use by a healthcare provider, that was developed with the current regulations in mind. The system developed was deemed to make the utilisation of self-assessment questionnaires more efficient and effective. However, some features in the system can be further improved or added, to increase the efficiency and effectiveness of patient-practitioner communication.Antalet människor med mentala sjukdomar så som depression ökar i Sverige. Ett verktyg som används av vårdgivare under behandlingen av depression är självskattningsformulär, dessa kan uppskatta hur allvarlig depressionen är. Den nuvarande arbetsmetoden är att patienter fyller i formulär med papper och penna, en arbetsmetod som kan vara mycket ineffektiv. För att lösa problemet utvecklades ett IT-system som möjliggör både produktivare och effektivare kommunikation mellan patienter och dess vårdgivare. Produktivare i den bemärkelsen att föra över formulärsvar från papper till patientjournalen inte längre kommer vara nödvändigt och effektivare då systemets datavisualisering tillåter vårdgivaren att fatta mer välgrundade beslut. Resultatet var ett IT-system, färdigt att användas av en vårdenhet, som dessutom har utvecklats med den rådande lagen i åtanke. Systemet som utvecklades anses göra hanteringen av självskattningsformulär mer produktiv och effektiv, dock kan vissa funktioner i systemet förbättras eller tillföras för att ytterligare öka produktiviteten och effektiviteten i kommunikationen mellan patienter och vårdgivare.
21
Šebrle, Petr. "Zavedení ISMS do podniku podporujícího kritickou infrastrukturu." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2017. http://www.nusl.cz/ntk/nusl-318630.
Full textAbstract:
This diploma thesis deals with the methodology of Management of Information Security in a medium size company supporting critical infrastructure. The first part is focused on the theoretical aspects of the topic. Practical part consists of analysis of the current state, risk analysis and correction arrangements according to the attachment A of standard ČSN ISO/IEC 27001:2014. Implementation of ISMS is divided into four phases. This thesis however covers the first two phases only
22
Innocenti, Federica. "Analisi e riprogettazione del processo di ict risk management: un caso applicativo in Telecom Italia." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/6708/.
Full textAbstract:
Questo lavoro di tesi muove da tematiche relative alla sicurezza IT e risulta dagli otto mesi di lavoro all’interno della funzione Technical Security di Telecom Italia Information Technology. Il compito primario di questa unità di business è ridurre il rischio informatico dei sistemi di Telecom Italia per mezzo dell’attuazione del processo di ICT Risk Management, che coinvolge l’intera organizzazione ed è stato oggetto di una riprogettazione nel corso del 2012. Per estendere tale processo a tutti i sistemi informatici, nello specifico a quelli caratterizzati da non conformità, all’inizio del 2013 è stato avviato il Programma Strutturato di Sicurezza, un aggregato di quattro progetti dalla durata triennale particolarmente articolato e complesso. La pianificazione di tale Programma ha visto coinvolto, tra gli altri, il team di cui ho fatto parte, che ha collaborato con Telecom Italia assolvendo alcune delle funzioni di supporto tipiche dei Project Management Office (PMO).
23
Firouzi, Abdul Rahman. "Workshop webbapplikation : Utveckling av Webbtjänst för pluggstugan vid KTH ICT." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-177036.
Full textAbstract:
Kungliga Tekniska Högskolan har för en tid sedan anordnat så kallade ”workshops” för att hjälpa studenter med sina studier. Dessa workshops ger studenterna tillfälle att få hjälp av assistenter. Syftet med detta projekt är därför att göra administrationen för workshopstillfällena så effektiv och smidig som möjligt.För att uppnå detta syfte har en webbapplikation konstruerats i utvecklingsmiljön Netbeans och är baserad på en treskiktsarkitektur. Detta har genomförts med hjälp av utvecklingsmetoden Scrum och programmeringsspråket Java. Stor vikt har lagts på att skapa en modulär applikation med fokus på hållbar utveckling.Resultatet har blivit en webbapplikation som kan nås via mobila enheter, surfplattor och stationära enheter. Den har prestandatestats och är därmed redo för att testas för en utvärdering av dess effektivitet och inverkan på workshopverksamheten.The Royal Institute of Technology has recently arranged so-called "workshops" to help students with their studies. These workshops give students the opportunity to receive help from assistants. The purpose of this project is to make the administration of the workshop sessions as efficient and seamless as possible.To achieve this purpose, a web application has been designed in Netbeans the development environment and is based on three-layer architecture. This has been implemented using the Scrum development methodology and the Java programming language. Great emphasis was placed on creating a modular application with focus on sustainable development.The result is a web application that can be accessed via mobile devices, tablets, and stationary units. Its performance has been tested and the web application is thus ready to be tested in order to evaluate its effectiveness and impact on the workshop activities.
24
Muž, Jan. "Posouzení informačního systému firmy a návrh změn." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2021. http://www.nusl.cz/ntk/nusl-444582.
Full textAbstract:
Diploma thesis focuses on the analysis of current situation of Lingua Centrum s.r.o. and the information system they developed. Using the inner and outer environment analysis, several vulnerabilities have been discovered. Consequently a draft of improvements was developed, that aims at ensuring higher security and effectivity working with information system. New module is also suggested to be implemented providing better utilisation of the system itself. The thesis is devided into three chapters. First part describes the theoretical resources and analytical instruments which have been used for analysis of the company in part two. The final part provides changes, that would lead to eradicating the systems deficiencies.
25
Konečný, Martin. "Integrace ERP systému Helios Easy a řešení pro elektronický obchod." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2014. http://www.nusl.cz/ntk/nusl-224334.
Full textAbstract:
This diploma thesis focuses on the issue of implementation of ERP system for small company, and proposes a solution to create a custom enterprise system for e-commerce, which is integrated with the ERP system. Author´s proposals are conceived in the form of a project, including definition of goals, definition of the logical framework, time analysis, risk analysis and economic evaluation.
26
Mousavi, Shoshtari Seyed Farid. "Cloud Computing Adoption in Iran as a Developing Country : A Tentative Framework Based on Experiences from Iran." Thesis, Högskolan i Borås, Institutionen Handels- och IT-högskolan, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:hb:diva-17236.
Full textAbstract:
The employment of the right technology in an organisation can provide major competitiveadvantages. Not only in organisations, but at a higher level, governments are seeking for newtechnologies to enhance their services while minimising the costs. Although, there might beno precise definition for cloud computing, the tremendous advantages and benefits of this newtechnology has turn cloud computing to the hottest topic in Information Technology.The remarkable effects of cloud computing in economy have already stimulated thedeveloped countries to deploy this technology in national level. Nonetheless, the adoption ofcloud computing could transform the workflow in the organisations. Therefore, in order toensure the smooth transition with minimal casualties, preparations needs to be done and aclear road map has to be followed.However, the approach to cloud adoption process in developing countries can be entirelydifferent. While it has been pointed out that cloud computing can bring more advantages todeveloping countries, it adoption can be profoundly challenging. Consequently, a set offundamental and yet vital preparation are required to facilitate the process of cloud adoption.Moreover, a definite framework that is formed based on the current state of the country isabsolutely necessary.In this research, we focus on the process of cloud adoption in Iran as a developing country.We start by providing a comprehensive background on cloud computing by studying itsaspects, features, advantages and disadvantages and continue to identify the vital cloudreadiness criteria. Next, we conduct an empirical study in order to assess the state of cloudreadiness in Iran by performing interviews, observations and discussions. Finally, after weanalyse our data from the empirical study, we present our results by presenting a clear and definitive framework for cloud adoption in Iran.Program: Masterutbildning i Informatik
27
Brejla, Tomáš. "Návrh koncepce prevence ztráty dat." Master's thesis, Vysoká škola ekonomická v Praze, 2011. http://www.nusl.cz/ntk/nusl-114106.
Full textAbstract:
This work deals with the making of conception of implementation of processes and software tools designed to ensure sensitive data leakage prevention from the organization infrastructure. The structure consists of three key parts. The first one describes theoretical basis of the work. It explains what is the data loss prevention, what it comes from, why it is necessary to deal with it and what its goals are. It also describes how this fits into the whole area of corporate ICT security environment. There are defined all the risks associated with leakage of sensitive data and there are also defined possible solutions and problems that are associated with these solutions. The first part also analyzes the current state of data loss prevention in organizations. They are divided according to their size and for each group there is a list of the most common weaknesses and risks. It is evaluated how the organizations currently solve prevention of data loss and how they cover this issue from both a procedural point of view and in terms of software tools. The second part focuses directly on the software tools. It is characterized the principle of operation of these systems and it is explained their network architecture. There are described and evaluated current trends in the development of the data loss prevention tools and it is outlined possible further development. They are divided into different categories depending on what features they offer and how these categories cover the needs of organizations. At the end of the second part there are compared the software solutions from leading vendors in the market against actual experience, focusing on their strengths and weaknesses. The third part presents the core content. IT joins two previous sections and the result is the creation of the overall concept of the implementation of data loss prevention with focus on breakdown by several different levels -- processes, time and size of the company. At the beginning of this third section it is described what precedes the implementation of data loss prevention, and what the organizations should be careful of. It is defined by how and what the organizations should set their own expectations for the project could be manageable. The main point is the creation of a procedure of data loss prevention implementation by creating a strategy, choice of solutions, to the implementation of this solution and related processes. The end of the third part deals with the legal and personnel issues which are with the implementation of DLP very closely related. There are made recommendations based on analysis of the law standards and these recommendations are added to the framework approach of HR staff. At the very end there are named benefits of implementing data loss prevention, and the created concept is summarized as a list of best practices.
28
Kostrhoun, Ivo. "Posouzení informačního systému firmy a návrh změn." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2012. http://www.nusl.cz/ntk/nusl-223435.
Full textAbstract:
This thesis is about information system assessment in Wistron company. There is assessed for which reason the system is utilized, what the weaknesses of system or implementation are and these are followed by the relevant proposals for improving the problematic areas. The theoretical part deals with information systems in general, process methodologies and company and information systems assessments methodologies. Then followed by project management and information strategies. The practical part proposes new information strategy and implementation of company information system.
29
Mišurová, Katarína. "Posouzení informačního systému firmy a návrh změn." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2018. http://www.nusl.cz/ntk/nusl-378347.
Full textAbstract:
A thesis deals with the assessment of the information system in an engineering company, the assessment of its efficiency and the proposal of the ICT modification to improve this system. Furthermore, the thesis deals with the proposal of the information system changes in the company and the elimination of the risks related to these changes. An analytical part also deals with the company analysis, the analysis of the company processes and the analysis of the current information system. .
30
Motii, Anas. "Engineering secure software architectures : patterns, models and analysis." Thesis, Toulouse 3, 2017. http://www.theses.fr/2017TOU30274/document.
Full textAbstract:
De nos jours la plupart des organisations pour ne pas dire toutes, dépendent des technologies de l'information et de la communication (TIC) pour supporter plusieurs tâches et processus (quelquefois critiques). Cependant, dans la plupart des cas, les organisations et en particulier les petites entreprises accordent une importance limitée à l'information et à sa sécurité. En outre, sécuriser de tels systèmes est une tâche difficile en raison de la complexité et de la connectivité croissante du matériel et du logiciel dans le développement des TICs. Cet aspect doit alors être pris en compte dès les premières phases de conception. Dans ce travail, nous proposons une approche basée sur les modèles permettant de sécuriser des architectures logicielles en utilisant des patrons. Les contributions de ce travail sont : (1) un cadre de conception intégré pour la spécification et l'analyse d'architectures logicielles sécurisées, (2) une nouvelle méthodologie à base de modèles et de patrons et (3) une suite d'outils. Le fondement de l'approche associe un environnement basé sur des langages de modélisation pour la spécification et l'analyse des modèles d'architectures sécurisées et un dépôt à base de modèles d'artéfacts dédiés à la sécurité (modèle de patrons de sécurité, menaces et propriétés de sécurités) permettant la réutilisation de savoir-faire et de connaissances capitalisées. Pour cela on utilise des langages de modélisation pour la spécification et l'analyse de l'architecture. Le processus associé est constitué des activités suivantes : (a) analyse de risques à base de modèle appliquée à l'architecture du système pour identifier des menaces, (b) sélection et importation de modèles de patrons de sécurité, afin d'arrêter ou de mitiger les menaces identifiées, vers l'environnement de modélisation cible, (c) intégration de modèles de patrons dans le modèle d'architecture, (d) analyse de l'architecture obtenue par rapports aux exigences non-fonctionnelles et aux menaces résiduelles. Dans ce cadre, on s'est focalisé sur la vérification du maintien du respect des contraintes temporelles après application des patrons. La recherche de menaces résiduelles est réalisée à l'aide de techniques de vérification exploitant une représentation formelle des scénarios de menaces issus du modèle STRIDE et basés sur des référentiels de menaces existants (ex., CAPEC). Dans le cadre de l'assistance pour le développement des architectures sécurisées, nous avons implémenté une suite structurée d'outils autour du framework SEMCO et de la plateforme Eclipse Papyrus pour supporter les différentes activités basées sur un ensemble de langages de modélisation conforme à des standards OMG (UML et ses profils). Les solutions proposées ont été évaluées à travers l'utilisation d'un cas d'étude autour des systèmes SCADA (systèmes de contrôle et d'acquisition de données)Nowadays most organizations depend on Information and Communication Technologies (ICT) to perform their daily tasks (sometimes highly critical). However, in most cases, organizations and particularly small ones place limited value on information and its security. In the same time, achieving security in such systems is a difficult task because of the increasing complexity and connectivity in ICT development. In addition, security has impacts on many attributes such as openness, safety and usability. Thus, security becomes a very important aspect that should be considered in early phases of development. In this work, we propose an approach in order to secure ICT software architectures during their development by considering the aforementioned issues. The contributions of this work are threefold: (1) an integrated design framework for the specification and analysis of secure software architectures, (2) a novel model- and pattern-based methodology and (3) a set of supporting tools. The approach associates a modeling environment based on a set of modeling languages for specifying and analyzing architecture models and a reuse model repository of modeling artifacts (security pattern, threat and security property models) which allows reuse of capitalized security related know-how. The approach consists of the following steps: (a) model-based risk assessment performed on the architecture to identify threats, (b) selection and instantiation of security pattern models towards the modeling environment for stopping or mitigating the identified threats, (c) integration of security pattern models into the architecture model, (d) analysis of the produced architecture model with regards to other non-functional requirements and residual threats. In this context, we focus on real-time constraints satisfaction preservation after application of security patterns. Enumerating the residual threats is done by checking techniques over the architecture against formalized threat scenarios from the STRIDE model and based on existing threat references (e.g., CAPEC). As part of the assistance for the development of secure architectures, we have implemented a tool chain based on SEMCO and Eclipse Papyrus to support the different activities based on a set of modeling languages compliant with OMG standards (UML and its profiles). The assessment of our work is presented via a SCADA system (Supervisory Control And Data Acquisition) case study
31
Kaltoun, Jan. "Elektronické volby v podmínkách VŠE Praha a ČR." Master's thesis, Vysoká škola ekonomická v Praze, 2010. http://www.nusl.cz/ntk/nusl-81981.
Full textAbstract:
The focus of this paper is research of electronic voting topics applied to conditions of University of Economics, Prague and the Czech Republic. It therefore consists of not only theoretical research but also of applied work. First goal of this paper was to provide information base both about (especially electronic) voting and significant electronic voting projects realized throughout the world. Consequent second goal was analysis and design of electronic voting solution for chosen elections type at the University of Economics, Prague and proposal of possible process changes in chosen type of elections in the Czech republic should electronic voting be implemented. In it's first part the paper gathers, summarizes and presents information about (especially electronic) voting and chosen electronic voting implementations. The second part then describes chosen types of elections at the University of Economics, Prague and in the Czech Republic and analyzes their processes. In former case the analysis is followed by proposition and evaluation of possible electronic voting implementation variants of chosen elections type and detailed elaboration of the most suitable one. In latter case the paper goes on to describe possible process changes that could arise should electronic voting be implemented for chosen elections type in the Czech Republic. Author's contribution lies in fulfilling the goals of this thesis and performing the necessary activities leading to them. Following the (electronic) voting research the author has provides the reader with information base needed to quickly orientate tehmselves in the field of electronic voting. The author then leverages this information to research and process-analyze chosen types of elections at the University of Economics, Prague and in the Czech Republic, propose changes in mapped processes needed for eventual electronic voting implementation, present alternatives of electronic voting implementation of chosen elections type at the University of Economics, Prague and elaborate on the chosen most suitable one.
32
Benjuma, Nuria Mahmud. "An educational framework to support industrial control system security engineering." Thesis, De Montfort University, 2017. http://hdl.handle.net/2086/15494.
Full textAbstract:
Industrial Control Systems (ICSs) are used to monitor and control critical infrastructure such as electricity and water. ICS were originally stand-alone systems, but are now widely being connected to corporate national IT networks, making remote monitoring and more timely control possible. While this connectivity has brought multiple benefits to ICS, such as cost reductions and an increase in redundancy and flexibility, ICS were not designed for open connectivity and therefore are more prone to security threats, creating a greater requirement for adequate security engineering approaches. The culture gap between developers and security experts is one of the main challenges of ICS security engineering. Control system developers play an important role in building secure systems; however, they lack security training and support throughout the development process. Security training, which is an essential activity in the defence-indepth strategy for ICS security, has been addressed, but has not been given sufficient attention in academia. Security support is a key means by which to tackle this challenge via assisting developers in ICS security by design. This thesis proposes a novel framework, the Industrial Control System Security Engineering Support (ICS-SES), which aims to help developers in designing secure control systems by enabling them to reuse secure design patterns and improve their security knowledge. ICS-SES adapts pattern-based approach to guide developers in security engineering, and an automated planning technique to provide adaptive on-the-job security training tailored to personal needs. The usability of ICS-SES has been evaluated using an empirical study in terms of its effectiveness in assisting the design of secure control systems and improving developers’ security knowledge. The results show that ICS-SES can efficiently help control system designers to mitigate security vulnerabilities and improve their security knowledge, reducing the difficulties associated with the security engineering process, and the results have been found to be statically significant. In summary, ICS-SES provides a unified method of supporting an ICS security by design approach. It fosters a development environment where engineers can improve their security knowledge while working in a control system production line.
33
Hanna, Drew E. "Developing RRAM-Based Approaches for Security and Provisioning of ICs." University of Cincinnati / OhioLINK, 2021. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1617108121648124.
Full text
34
Sidor, Peter. "Návrh infrastruktury ICS pro průmyslový podnik." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2017. http://www.nusl.cz/ntk/nusl-316693.
Full textAbstract:
This thesis deals with the issues of industrial communication, that is necessary to take account before making a final draft of industrial infrastructure and the overall design of a network infrastructure for a particular object. The first part of this thesis describes ICS system, parts of ICS and principle of operation. The thesis also focuses on the current trends in industrial networks, systems communication, security requirements of physical layer and the main differences from commercial infrastructures. The second part of the thesis describes the design of infrastructure for the foundry object. The final draft resolves the location of the switchboards, the specification of the used elements, the security, the cost of the solution and the final solution in practice.
35
Green, Benjamin. "Augmenting ICS cyber security risk assessments : assimilation of socio-technical characteristics and constructs." Thesis, Lancaster University, 2018. http://eprints.lancs.ac.uk/126782/.
Full textAbstract:
Industrial Control Systems (ICSs) are applied to the monitoring, control, and automation of operational processes. Example industries include water, electricity, gas, and discrete manufacturing, some of which can be considered critical national infrastructure. Over recent years, an increase in disclosed ICS specific vulnerabilities, and cyber attacks, have been witnessed. The potential direct and cascading impact of these presents a significant risk, with dramatically detrimental consequences from a societal perspective. Complex relationships between essential services, and loss or compromise there of, provide motivation for this thesis. Modern ICSs rely on enterprise to plant floor connectivity. Where the size, diversity, and therefore complexity of an ICS increases, operational requirements, goals, and challenges, defined by users across various sub-systems will ultimately follow. Recent trends in technology convergence may cause system operators to lose a comprehensive understanding of end-to-end requirements. This presents a risk to system security and resilience, where the most minor of changes to sensor signals, can result in operational process degradation and failure. Furthermore, sensors once solely applied for operational process use, now act as inputs supporting a diverse set of organisational requirements. If these are not fully understood, incomplete cyber security risk assessment, and inappropriate implementation of security controls, could occur. This acts as a guiding principle across all thesis chapters, with core objectives set out to better understand and improve current approaches to the assessment of cyber-induced risk. In setting thesis objectives, three prerequisite questions were laid out, leading towards three core research questions, across four phases (Discover, Define, Develop, and Deliver). Initial phases related to ascertaining how ICSs can be understood from a social and technical perspective, who is likely to target ICSs with malicious intent, and how could attacks be conducted from a practical perspective. Applying this as a foundation, based on existing literature and practical experimentation, latter phases were better able to elicit pertinent challenges in current cyber security risk assessment practices, prior to the identification of appropriate mechanisms by which challenges may be addressed. In answering each research question, a mixed approach including literature reviews, practical experimentation, and industry engagement, was applied. Taking this approach has resulted in an output with practical contributions and impact, across both academia and industry alike. This thesis provides contributions across a number of discrete areas, including; a method by which ICSs can be defined from a social and technical perspective; an understanding of relevant threat actors, including tools and techniques which could be applied in the targeting of ICSs; how ICS cyber security risk assessments are currently approached by academia and industry, including a mechanism for their review, and identification of key gaps; approaches to the inclusion of socially derived cyber security risk within an assessment, including the identification of key challenges; and an approach to aid initial phases of ICS cyber security risk assessments. More specifically, how one can obtain a joint socio-technical understanding of system characteristics and constructs, as a prerequisite to cyber security risk assessments. Additional contribution in the form of a comprehensive ICS testbed environment, was developed to support thesis objectives. This facility continues to be of high value in initial stages of future work, more specifically, in the development of tools for use during a cyber security risk assessment, and ongoing risk management/mitigation.
36
Elish, Karim Omar Mahmoud. "User-Intention Based Program Analysis for Android Security." Diss., Virginia Tech, 2015. http://hdl.handle.net/10919/54943.
Full textAbstract:
The number of mobile applications (i.e., apps) is rapidly growing, as the mobile computing becomes an integral part of the modern user experience. Malicious apps have infiltrated open marketplaces for mobile platforms. These malicious apps can exfiltrate user's private data, abuse of system resources, or disrupting regular services. Despite the recent advances on mobile security, the problem of detecting vulnerable and malicious mobile apps with high detection accuracy remains an open problem.
In this thesis, we address the problem of Android security by presenting a new quantitative program analysis framework for security vetting of Android apps. We first introduce a highly accurate proactive detection solution for detecting individual malicious apps. Our approach enforces benign property as opposed of chasing malware signatures, and uses one complex feature rather than multi-feature as in the existing malware detection methods. In particular, we statically extract a data-flow feature on how user inputs trigger sensitive critical operations, a property referred to as the user-trigger dependence. This feature is extracted through nontrivial Android-specific static program analysis, which can be used in various quantitative analytical methods. Our evaluation on thousands of malicious apps and free popular apps gives a detection accuracy (2% false negative rate and false positive rate) that is better than, or at least competitive against, the state-of-the-art. Furthermore, our method discovers new malicious apps available in the Google Play store that have not been previously detected by anti-virus scanning tools.
Second, we present a new app collusion detection approach and algorithms to analyze pairs or groups of communicating apps. App collusion is a new technique utilized by the attackers to evade standard detection. It is a new threat where two or more apps, appearing benign, communicate to perform malicious task. Most of the existing solutions assume the attack model of a stand-alone malicious app, and hence cannot detect app collusion. We first demonstrate experimental evidence on the technical challenges associated with detecting app collusion. Then, we address these challenges by introducing a scalable and an in-depth cross-app static flow analysis approach to identify the risk level associated with communicating apps. Our approach statically analyzes the sensitivity and the context of each inter-app communication with low analysis complexity, and defines fine-grained security policies for the inter-app communication risk detection. Our evaluation results on thousands of free popular apps indicate that our technique is effective. It generates four times fewer false positives compared to the state-of-the-art collusion-detection solution, enhancing the detection capability. The advantages of our inter-app communication analysis approach are the analysis scalability with low complexity, and the substantially improved detection accuracy compared to the state-of-the-art solution. These types of proactive defenses solutions allow defenders to stay proactive when defending against constantly evolving malware threats.Ph. D.
37
Benovič, Jozef. "Politické aspekty nemecko ruských vzťahov v ére Putina a ich hlavné problémy." Master's thesis, Vysoká škola ekonomická v Praze, 2013. http://www.nusl.cz/ntk/nusl-192493.
Full textAbstract:
German Russian relations are key partnership for European security and energy. Many European states, including Czech and Slovak republic, are dependent on the German-Russian economic cooperation. Russia is for Germany historically a strategic partner and the importance of their relationship is rising currently, as well. The cooperation extends and the traditional contradictions are ignored. However, the Ukrainian crisis has brought a change of German policy towards Russia. The thesis describes the character of the relation and problems following the methodology of the international relations theories with real reflection. It analyses the relation from the political and economic dimensions and their close interconnection.
38
Swartz, Erik. "Mänskligt beteende - ett ofrånkomligt hot mot informationssäkerhet?" Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-44967.
Full textAbstract:
Information har idag kommit att bli så viktigt att det av många aktörer kallas för den nya digitala oljan, och med anledning av just detta är information idag en av de främsta tillgångar en organisation kan besitta. För att skydda informationen lägger organisationer massiva summor pengar på tekniska och fysiska åtgärder. Tillsammans med dessa åtgärder utfärdas även interna bestämmelser och riktlinjer för hur IT-system och information får eller inte får hanteras. Trots detta sker både intrång och andra säkerhetsrelaterade incidenter som kan härledas till mänskligt felaktigt beteende, eller den så kallade mänsklig faktorn. I den här uppsatsen har därför författaren gjort en djupdykning i ämnet för att studera vilka samband som kan finnas mellan beteendevetenskapliga teorier och efterlevnad av informationssäkerhet. Med kvalitativa metoder har bland annat litteraturstudier genomförts för att ta reda på vilka teorier som är mest relevanta i sammanhanget. Intervjuer har sedan nyttjats för att bredda författarens uppfattning om vilka faktorer som kan påverka mänskligt beteende. De personer som intervjuats har bland varit yrkesverksamma som säkerhetschefer, säkerhetskyddshandläggare och ledande forskare inom det specifika området.
39
Minello, Giacomo. "Metodologie per la realizzazione di una Security Token Offering." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2019. http://amslaurea.unibo.it/19133/.
Full textAbstract:
Le Security Token Offerings, abbreviate in STOs, sono un fenomeno recente che si è diffuso a partire dalla seconda metà del 2017 mantenendo inizialmente la connotazione di Initial Coin Offerings (ICOs), per poi prestare maggiore attenzione alla regolamentazione e differenziarsi in token sales in cui il token è uno strumento finanziario regolamentato.
Come si avrà modo di osservare, questo cambio di paradigma è ciò che contraddistingue le STOs. Nel 2017 le ICOs hanno raggiunto un picco di popolarità per poi la maggior parte fallire in meno di un anno, facendo capire agli investitori che le ICOs sono state una bolla speculativa. Nonostante ciò, la validità del modello di raccolta di capitale tramite la vendita di token basati su tecnologia Blockchain non è stata messa in discussione. Proprio per questo sono nate le STOs, delle token sales in cui il token è uno strumento finanziario, che offre tutela agli investitori.
Lo scopo di questo lavoro di tesi è stato approfondire la comprensione di questo fenomeno in particolare analizzandone le motivazioni, le caratteristiche e le metodologie con le quali queste STOs vengono realizzate.
40
Andersson, Dorothea. "Simulation of industrial control system field devices for cyber security." Thesis, KTH, Elkraftteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-202405.
Full textAbstract:
Industrial Control Systems (ICS) are an integral part of modernsociety, not least when it comes to controlling and protecting criticalinfrastructure such as power grids and water supply. There is a need to testthese systems for vulnerabilities, but it is often difficult if not impossible to doso in operational real time systems since they have been shown to be sensitiveeven to disturbances caused by benign diagnostic tools. This thesis exploreshow ICS field devices can be simulated in order to fool potential antagonists,and how they can be used in virtualized ICS for cyber security research. 8different field devices were simulated using the honeypot daemon Honeyd,and a generally applicable simulation methodology was developed. It was alsoexplored how these simulations can be further developed in order to functionlike real field devices in virtualized environments.Industriella informations- och styrsystem utgör en viktig delav vårt moderna samhälle, inte minst när det gäller kontroll och skydd avkritisk infrastruktur som elnät och vattenförsörjning. Det finns stora behov avatt säkerhetstesta dessa typer av system, vilket ofta är omöjligt iproduktionsmiljöer med realtidskrav som är erkänt känsliga för störningar, tilloch med från vanligt förekommande analysverktyg. Denna rapport presenterarhur vanliga komponenter i industriella informations- och styrsystem kansimuleras för att lura potentiella antagonister, och hur de kan användas ivirtualiserade styrsystem för cybersäkerhetsforskning. 8 olika komponentersimulerades med hjälp av Honeyd, och en generellt applicerbarsimuleringsmetodik utvecklades. Hur dessa simuleringar kan vidareutvecklasför att fungera som riktiga styrsystemskomponenter i virtualiserade miljöer harockså undersökts.
41
Ho, Sun Wah. "A cryptosystem based on chaotic and elliptic curve cryptography /." access full-text access abstract and table of contents, 2005. http://libweb.cityu.edu.hk/cgi-bin/ezdb/thesis.pl?mphil-it-b19886238a.pdf.
Full textAbstract:
Thesis (M.Phil.)--City University of Hong Kong, 2005."Submitted to Department of Computer Engineering and Information Technology in partial fulfillment of the requirements for the degree of Master of Philosophy" Includes bibliographical references (leaves 109-111)
42
Šnapková, Patrícia. "Energetické výzvy Číny a ich odraz v diplomacii." Master's thesis, Vysoká škola ekonomická v Praze, 2010. http://www.nusl.cz/ntk/nusl-81943.
Full textAbstract:
Energy is crucial for economic development of a country. It is very important for the Chinese leadership to ensure energy security of the country. China is the largest consumer of energy. Oil demand is surging and China imports more than a half of its consumption. Peking tries to get adequate supplies from abroad at reasonable prices. However, China faces serious dangers that could disrupt the imports. In order to avoid this risk, Peking builds strategic reserves, diversifies oil suppliers and transfer routes. The thesis examines in what measure diplomacy (through bilateral negotiations, development aid, economic incentives and military cooperation) helps China ensure its energy security.
43
Metzger, Christiane, and Johann Haag. "„Ich könnte nie wieder zu einem ‚normalen‘ Stundenplan zurück!“ – Zur Reorganisation der Lehre in einem Bachelor-Studiengang IT Security." Universität Potsdam, 2013. http://opus.kobv.de/ubp/volltexte/2013/6488/.
Full textAbstract:
Im Bachelor-Studiengang (B. Sc.) IT Security an der Fachhochschule St. Pölten wurde im Wintersemester 2011/12 versuchsweise die Lehrorganisation im ersten Fachsemester verändert: Die Module bzw. Teilmodule wurden nicht mehr alle parallel zueinander unterrichtet, sondern jedes Modul wurde exklusiv über einige Wochen abgehalten. Im Beitrag werden die Auswirkungen und bisherigen Erfahrungen mit dieser Reorganisation der Lehre geschildert: So haben sich die Noten im Mittel um etwa eine Note verbessert, die Zahl derjenigen Studierenden, die durch Prüfungen durchfallen, ist drastisch gesunken. Die Zufriedenheit der Studierenden und Lehrenden ist so groß, dass diese Form der Lehrorganisation im gesamten Bachelor- und auch im Masterstudiengang übernommen wird.
44
Oraka, Obiageli. "Assessing the AU/ICC relationship towards greater collaborations in promoting peace and security in Africa : a case study of Sudan." Diss., University of Pretoria, 2013. http://hdl.handle.net/2263/64123.
Full text
45
Maele, Fostino Yankho. "Legality of the jurisdiction of the ICC over nationals of non-states parties who commit offences within the jurisdiction of the ICC on territories of non-states parties." Thesis, University of the Western Cape, 2012. http://hdl.handle.net/11394/4556.
Full textAbstract:
Magister Legum - LLMThe coming into force of the Rome Statute on the 1st July 2002 signified the birth of the International Criminal Court (ICC). The ICC came into existence as a permanent criminal court for the prosecution of Genocide, Crimes against Humanity, War Crimes and Crime of Aggression. There are 121 states-parties to the Rome Statute. This means there are many states that have not ratified the Rome Statute. The ICC would ordinarily not have jurisdiction over the nationals of these states if they committed offences within the jurisdiction of the ICC on the territories of the non-states parties. This paper intends to analyse whether the ICC has jurisdiction over nationals of non-state parties who commit crimes within the jurisdiction of the ICC on the territories of non-states parties to the Rome Statute. There are situations and cases that are before the ICC involving nationals of non-state parties that committed crimes on territories of non-states parties. These cases have come before the ICC by way of United Nations Security Council (UNSC) referrals. This paper will therefore examine the legality of UNSC referrals under international law in respect of nationals of non-states parties, who commit crimes within the jurisdiction of the ICC, on territories of non-states parties.
46
Elrod, Michael. "A Novel Approach to Determining Real-Time Risk Probabilities in Critical Infrastructure Industrial Control Systems." NSUWorks, 2017. http://nsuworks.nova.edu/gscis_etd/1006.
Full textAbstract:
Critical Infrastructure Industrial Control Systems are substantially different from their more common and ubiquitous information technology system counterparts. Industrial control systems, such as distributed control systems and supervisory control and data acquisition systems that are used for controlling the power grid, were not originally designed with security in mind. Geographically dispersed distribution, an unfortunate reliance on legacy systems and stringent availability requirements raise significant cybersecurity concerns regarding electric reliability while constricting the feasibility of many security controls. Recent North American Electric Reliability Corporation Critical Infrastructure Protection standards heavily emphasize cybersecurity concerns and specifically require entities to categorize and identify their Bulk Electric System cyber systems; and, have periodic vulnerability assessments performed on those systems. These concerns have produced an increase in the need for more Critical Infrastructure Industrial Control Systems specific cybersecurity research. Industry stakeholders have embraced the development of a large-scale test environment through the Department of Energy’s National Supervisory Control and Data Acquisition Test-bed program; however, few individuals have access to this program. This research developed a physical industrial control system test-bed on a smaller-scale that provided an environment for modeling a simulated critical infrastructure sector performing a set of automated processes for the purpose of exploring solutions and studying concepts related to compromising control systems by way of process-tampering through code exploitation, as well as, the ability to passively and subsequently identify any risks resulting from such an event. Relative to the specific step being performed within a production cycle, at a moment in time when sensory data samples were captured and analyzed, it was possible to determine the probability of a real-time risk to a mock Critical Infrastructure Industrial Control System by comparing the sample values to those derived from a previously established baseline. This research achieved such a goal by implementing a passive, spatial and task-based segregated sensor network, running in parallel to the active control system process for monitoring and detecting risk, and effectively identified a real-time risk probability within a Critical Infrastructure Industrial Control System Test-bed. The practicality of this research ranges from determining on-demand real-time risk probabilities during an automated process, to employing baseline monitoring techniques for discovering systems, or components thereof, exploited along the supply chain.
47
Lárusson, Erik. "Maritime security in the High North : Swedish and Icelandic responses to new Arctic shipping opportunities." Thesis, Karlstad University, Faculty of Social and Life Sciences, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-5707.
Full textAbstract:
The purpose of this study is to compare how the issue of new shipping opportunities in theArctic region is tackled and met by the governments of Sweden and Iceland when it comes tomaritime security regime building, and to set this into perspective by looking at the shippingindustry’s seemed aspirations and interests for Arctic shipping, the latter to see if policy and“reality” appear to be corresponding. By conducting a qualitative comparative analysisthrough studying previous research, government documents and through interviewingrepresentatives from the shipping industry; using the analytical framework of Regime Theoryfor International Relations; the following research questions have been answered:
- In what ways do the governments of Sweden and Iceland contribute to developments of Arctic maritimesecurity regimes, due to new shipping opportunities in the High North?
- Are these contributions in line with the shipping industry’s views of and aspirations for Arctic shipping?
- (How) does this differ between the countries?
- (How) does the shipping industry contribute to maritime security?
Sweden and Iceland differ in many aspects, but the general aims at environmental protectionare visible in both countries. Iceland has a larger focus on crisis response due to its locationalexposure and do moreover have a chance on economically exploiting new shipping activitiesfor the same reason. Sweden can be said to have a more general approach to Arctic maritimesecurity, whereas Iceland rather focuses on its own proximity.Both countries’ responses to Arctic shipping are currently to be seen as in line with theshipping industry’s views and aspirations for Arctic shipping.The shipping industry contributes to maritime security by developing new methods andtechnology for addressing the Arctic ice; collectively and on shipping company individualbasis. The shipping industry furthermore contributes by educating ship commanders as well assharing experiences and knowledge with each other.
48
Sontag, Koenig Sophie. "Les droits de la défense face aux technologies de l'information et de la communication." Thesis, Poitiers, 2013. http://www.theses.fr/2013POIT3001.
Full textAbstract:
Les droits de la défense émanent d'une époque où les justiciables subissaient le procès et les atteintes pouvant en résulter pour leurs droits et leurs libertés. Protéiforme, héritier des garanties issues de la notion de procès équitable telle que définie par la Cour européenne des droits de l'homme, ce concept prend une coloration spécifique dans le procès pénal. Il est incarné, en soi, par l'avocat pénaliste qui, en symbiose avec lui, doit s'adapter aux mutations dont il a parfois fait l'objet. Instruite d'expériences menées à l'étranger sur l'introduction des Technologies de l'Information et de la Communication dans le domaine de la justice, la France, elle aussi, a décidé de moderniser ses procédures judiciaires en y recourant dans la sphère pénale. Révolution copernicienne, porteuse d'espoirs au plan managérial et de l'administration de la justice, les technologies modernes suscitent de facto craintes et résistances en raison de leur relative complexité et de leur caractère novateur. Ainsi, à des difficultés techniques qui limitent les retombées positives des réformes, s'ajoutent des aspects symboliques concernant le déroulement du rituel judiciaire, instaurant une dialectique nouvelle entre intervenants de la "chaîne pénale" et modifiant les rapports entre professionnels du droit ainsi qu'entre ceux qui unissent justice et justiciables. Il s'ensuit une mutation des cadres du procès et, corrélativement, une reformulation des schémas de pensée au regard des droits de la défense et de l'exercice de la défense pénaleThe rights of the defense come from a time when individuals undergoing trial and damage that may result to their rights and freedoms. Protean, they are born guaranteed from the notion of a fair trial as defined by the European Court of Human Rights. Taking a specific color in the criminal trial, this notion appears embodied in itself, the criminal lawyer who, in harmony with his specialty, must adapt to the changes which it has sometimes been. Technologies of Information and Communication have gradually invested the field of Justice and in particular the criminal sphere. Educated the results of experiments conducted abroad, France has also decided to modernize its judicial procedures using these new techniques. Copernican revolution, full of hope at the managerial level and the administration of justice, modern technologies raise fears facto resistance due to their relative complexity and novelty. Thus, a technical difficulty that limits the positive impact of the reforms, in addition symbolic aspects concerning the conduct of judicial ritual, introducing a new dialectic between stakeholders "criminal justice system" and changing the relationship of legal professionals as well as those that unites justice and litigants. It follows a change of management of the trial and, correspondingly, a restructuring of the thought patterns of the rights of defense and the practice of criminal defense
49
Bernsand, Veronica, and Hanna Strömberg. "Hur intensivvårdssjuksköterskor skapar trygghet för lätt sederade patienter vårdade i respirator." Thesis, Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-41137.
Full textAbstract:
Introduktion: I dag ska patienter som vårdas på intensivvårdsavdelning vara så lätt sederade som möjligt. Detta kan vid samtidig respiratorvård inge känslor av panik, rädsla och otrygghet. Det är därför av stor vikt att intensivvårdssjuksköterskor vet hur de ska skapa trygghet hos patienterna, då trygghetskänslan även reducerar känslorna av panik och rädsla. Syfte: Syftet med examensarbetet var att belysa hur intensivvårdssjuksköterskor skapar trygghet för lätt sederade patienter vårdade i respirator. Metod: En kvalitativ metod användes och data samlades in genom intervjuer med 14 intensivvårdssjuksköterskor på 3 olika sjukhus. Data bearbetades utifrån Elo och Kyngäs kvalitativa innehållsanalys. Huvudresultat: I resultatet framkom fyra huvudkategorier; Genom att finnas där, Genom upprepad och anpassad information, Genom en bra miljö och yttre resurser samt Genom individanpassad vård. Diskussion: Det framkom att intensivvårdssjuksköterskorna skapade trygghet genom att involvera patienterna och de anhöriga i vården genom en god kommunikation och information. Miljön spelade även en viktig roll i trygghetsskapandet genom att minska störande ljud och inte själva vara stressade. Att skapa trygghet för lätt sederade patienter som vårdas i respirator är viktigt, då trygga patienter kan släppas upp snabbare från sederingen och ändå uppleva välbefinnande.Introduction: The aim of caring for today’s intensive care patient is to have the patient sedated so light as possible. This can induce a sense of panic, fear and insecurity for the patient, when cared for in a mechanical ventilation. It is therefore very important that the intensive care nurse has the ability to create a sense of security for the patient, thus reducing feelings of fear and panic. Aim: The aim of this study was to illustrate how the intensive care nurses creates a sense of security when caring for light sedated patients in mechanical ventilation. Method: A qualitative method was selected and data collected through interviews with 14 intensive care nurses at 3 different hospitals. The data was processed by using Elo and Kyngäs qualitative content analysis. Main Results: The result of the study presents with four main categories; Being there, Through repeating and adapting information, Through a good climate and outer resources as well as Through individually modified care. Conclusions: It showed that the intensive care nurses created a sense of security through involve the patients and their near ones in the care of the patient through good communication and information. The environment also played a critical role through minimizing distracting noise and not to appear stressed themselves. To create sense of security for light sedated patients in mechanical ventilation is important, as when the patients experience a sense of security they could be more quickly weaned of the sedation and yet still experience a sense of wellbeing.
50
MARIN, RAFAEL C. "Desenvolvimento de metodologias utilizadas nas áreas de salvaguardas e forense nuclear baseadas na técnica LA-HR-ICP-MS." reponame:Repositório Institucional do IPEN, 2013. http://repositorio.ipen.br:8080/xmlui/handle/123456789/10589.
Full textAbstract:
Made available in DSpace on 2014-10-09T12:42:16Z (GMT). No. of bitstreams: 0Made available in DSpace on 2014-10-09T14:05:15Z (GMT). No. of bitstreams: 0
Dissertação (Mestrado)
IPEN/D
Instituto de Pesquisas Energeticas e Nucleares - IPEN-CNEN/SP