To see the other types of publications on this topic, follow the link: OAuth.
Dissertations / Theses on the topic 'OAuth'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'OAuth.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Lavesson, Alexander, and Christina Luostarinen. "OAuth 2.0 Authentication Plugin for SonarQube." Thesis, Karlstads universitet, Institutionen för matematik och datavetenskap (from 2013), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-67526.
Full textAbstract:
Many web services today give users the opportunity to sign in using an account belonging to a different service. Letting users authenticate themselves using another service eliminates the need of a user having to create a new identity for each service they use. Redpill Linpro uses the open source platform SonarQube for code quality inspection. Since developers in the company are registered users of another open source platform named OpenShift, they would like to authenticate themselves to SonarQube using their OpenShift identity. Our task was to create a plugin that offers users the functionality to authenticate themselves to SonarQube using OpenShift as their identity provider by applying the authentication framework OAuth. Theproject resulted in a plugin of high code quality according to SonarQube’s assessment. RedpillLinpro will use the plugin to easily access SonarQube’s functionality when using theapplication in their developer platform.
2
P, Svensson Gustav, and Filip Eriksson. "En säkerhetsanalys och jämförelse av SAML och OAuth." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-166571.
Full textAbstract:
Vi har utfört en jämförelse av två populära SSO protokoll, OAuth och SAML. Detta för att göra valet av protokoll enklare för företag. Två simplistiska SSO-implementationer har utvecklats för att testa säkerheten av de två protokollen. En simplistisk SSO-implementation betyder i detta fallet att inga säkerhetsfunktioner har lagts till utöver vad protokollen kräver. Tre attacker har utförts: 307 redirect attack, Man in the middle och Replay attack. Resultatet visar att en simplistisk SAML implementation är säkrare än en simplistisk OAuth implementation. Vidare arbete krävs dock för att få en bättre bild av säkerheten för de olika protokollen.
3
Arshad, Elham. "Analysis of Oauth and CORS vulnerabilities in the wild." Doctoral thesis, Università degli studi di Trento, 2022. https://hdl.handle.net/11572/361123.
Full textAbstract:
Thanks to the wide range of features offered by the World Wide Web (WWW), many web applications have been published and developed through different libraries and programming languages. Adapting to new changes, the Web quickly evolved into a complex ecosystem, introducing many security problems to its users. To solve these problems, instead of re-designing the Web, the vendors added the security patches (protocols, mechanisms)to the Web platform to provide a more convenient and more secure environment for web users.
However, not only did these patches not completely resolve the security problems, but their implementations also introduced other security risks unbeknownst to website operators and users.
In this thesis, I propose a novel research on two different security patches to understand and analyze their deployment in real-world scenarios and discover the unseen, neglected factors and the elements involved in exploiting their use: one security protocol, OAuth, and one security mechanism, CORS.
As this thesis is based on offensive approaches, I develop automated methodologies, including novel strategies for analyzing and measuring the security qualities of the OAuth protocol and CORS mechanism in real-world scenarios.
4
Aas, Dag-Inge. "Authentication and Authorization for Native Mobile Applications using OAuth 2.0." Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for datateknikk og informasjonsvitenskap, 2013. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-22969.
Full textAbstract:
OAuth 2.0 has in the recent years become the de-facto standard of doing API authorization and authentication on mobile devices. However, recent critics have claimed that OAuth does not provide sufficient security or ease-of-use for developers on mobile devices. In this thesis, I study four approaches to mobile authorization using OAuth 2.0, and suggest an improved solution based on current industry best-practices for security on Android. The end result is a solution which provides a native authorization flow for third-party developers to integrate with an existing API endpoint. However, the thesis shows that even with current industry best-practices the proposed solution does not provide a completely secure approach, and developers must keep the security consequences of that fact in mind when implementing OAuth on mobile devices.
5
Edin, Andreas. "Autentisering med OAuth 2.0 i SiteVision : Jämförelse mellan Java Portlets och WebApps." Thesis, Mittuniversitetet, Avdelningen för informationssystem och -teknologi, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-33878.
Full textAbstract:
The aim of this project has been to explore alternative technical solutions for making own extensions in the CMS SiteVision. The purpose of these extensions is to retrieve data from an external API (Office 365) which requires OAuth 2.0 authentication. Additional, the alternative technical solutions have been evaluated and compared. The comparisons have been made based on criteria developed through interviews with professional IT-consultants. The purpose of the project has been to contribute to more efficient digitization, integration and individualization of datasystems. Within the project, an applied example (POC) has been created to show examples of how the technology can be used. In this example, Java Portlets have been used to implement the above functionality. WebApps in SiteVision have also been studied since this technology is an alternative to Java Portlets. The survey shows that it is fully possible to create a separate extension in SiteVision that performs authentication with OAuth 2.0 and then uses it to retrieve data from an external API. The results from the comparison between the two different Java Portlets and WebApps technologies show that there are pros and cons of each technique. The alternatives studied where comparable in performance. Individual circumstances can dictate which alternative is best.Det övergripande syftet med detta projekt har varit att bidra till en effektiviserad digitalisering och individualisering. Målet för projektet har varit att undersöka alternativa tekniska lösningar för att göra egna tillägg i CMS:et SiteVision. Tillägg vars uppgift består i att hämta data från ett externt API (Office 365) som kräver autentisering med OAuth 2.0. Vidare har de alternativa tekniska lösningarna värderats och jämförts. Jämförelsen har gjorts utifrån kriterier som tagits fram genom intervjuer med utvecklare på ett IT-konsultbolag. Inom projektet har ett tillämpat exempel (POC) skapats för att visa exempel på hur tekniken kan användas. I detta exempel har Java Portlets använts för att implementera ovanstående funktionalitet. Även WebApps i SiteVision har studerats då den tekniken utgör ett alternativ till Java Portlets. Undersökningen visar att det är fullt möjligt att skapa ett eget tillägg i SiteVision som genomför autentisering med OAuth 2.0 och sedan använda denna för att hämta data från ett externt API. Resultaten från jämförelsen mellan de två olika teknikerna Java Portlets och WebApps visar att det finns för- och nackdelar med respektive teknik. Båda alternativen framstår som jämstarka i jämförelsen. De individuella omständigheterna kring ett framtida användande bör fälla avgörandet för vilken teknik som väljs.
6
Odyurt, Uraz. "Evaluation of Single Sign-On Frameworks, as a Flexible Authorization Solution : OAuth 2.0 Authorization Framework." Thesis, Linnéuniversitetet, Institutionen för datavetenskap (DV), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-37097.
Full textAbstract:
This work introduces the available authorization frameworks for the purpose of Single Sign-On functionality within an enterprise, along with the fundamental technicalities. The focus of the work is on SAML 2.0 and OAuth 2.0 frame- works. Following the details related to available protocol flows, supported client profiles and security considerations, the two frameworks are compared in accordance with a set of factors given in a criteria. The report discusses the possibilities provided by a Microsoft Windows based infrastructure, as well as different scenarios and their feasibility in an enterprise environment. The preferred framework, OAuth 2.0, is selected according to the given criteria and the comparative discussions.
7
Ribeiro, Alysson de Sousa. "Uma implementação do protocolo OAuth 2 em Erlang para uma arquitetura orientada a serviço." reponame:Repositório Institucional da UnB, 2017. http://repositorio.unb.br/handle/10482/24694.
Full textAbstract:
Dissertação (mestrado)—Universidade de Brasília, Instituto de Ciências Exatas, Departamento de Ciência da Computação, 2017.Submitted by Albânia Cézar de Melo (albania@bce.unb.br) on 2017-09-11T15:42:55Z No. of bitstreams: 1 2017_AlyssondeSousaRibeiro.pdf: 1271389 bytes, checksum: 028f1e01f88580b2cbb9864a2c4e321e (MD5)
Approved for entry into archive by Raquel Viana (raquelviana@bce.unb.br) on 2017-10-03T16:16:19Z (GMT) No. of bitstreams: 1 2017_AlyssondeSousaRibeiro.pdf: 1271389 bytes, checksum: 028f1e01f88580b2cbb9864a2c4e321e (MD5)
Made available in DSpace on 2017-10-03T16:16:19Z (GMT). No. of bitstreams: 1 2017_AlyssondeSousaRibeiro.pdf: 1271389 bytes, checksum: 028f1e01f88580b2cbb9864a2c4e321e (MD5) Previous issue date: 2017-10-03
A utilização da Arquitetura Orientada a Serviço (SOA) oferece alguns benefícios, tais como: baixo acoplamento e interoperabilidade, sendo bastante utilizada para a integração de aplicações dentro de uma organização. Essa característica faz com que a arquitetura orientada a serviço seja utilizada na modernização de sistemas legados. No entanto, a sua implantação ainda merece alguns cuidados relacionados aos problemas de segurança. Este trabalho apresenta um mapeamento sistemático a cerca dos mecanismos de autenticação e autorização em SOA e levanta algumas questões de pesquisa, bem como alguns protocolos utilizados em SOA. Como resultado deste mapeamento foi identificado uma solução de autorização considerada adequada para a arquitetura utilizada pelo CPD para modernizar os seus sistemas legados. O protocolo OAuth 2.0 foi implementado no Enterprise Service Bus (ESB) que será utilizado para a modernização dos sistemas legados da UnB. Foram realizados testes de desempenho na solução permitindo verificar o aumento da latência introduzida pelo protocolo e a vazão média suportada. Foram realizadas ainda simulações de segurança com o objetivo de verificar o comportamento do protocolo implementado quando exposto a uma ataque de repetição.
The utilization of Service-Oriented Architecture (SOA) offers certain benefits, such as low coupling and interoperability. It widely used for the integration of applications within an organization. This characteristic makes it so service-oriented architecture is used in the modernization of legacy systems, being thoroughly discussed and used as an architecture solution for the modernization of the legacy systems of the IT Center (CPD) of University of Brasília (UnB). Nevertheless, its implementation still requires some care related to the security problems. This study presents a systematic mapping regarding the authentication and authorization mechanisms in SOA, and raises some research questions, as well as some of the protocols used in SOA. As a result of the mapping, an authorization solution considered adequate for the architecture used by the CPD to modernize its legacy systems was identified. The OAuth 2.0 protocol was implemented in the Enterprise Service Bus (ESB) that will be used for modernization of legacy systems of UnB. Performance tests were carried out in the solution allowing to check the increase in the latency introduced by the Protocol and the average flow supported. Simulations were carried out with the objective to verify the behavior of the Protocol implemented when exposed to a replay attack.
8
Maan, Narbir Singh, and Hamza Hanchi. "Secure Access for Public Clients to Web API:s with Minimum Performance Loss." Thesis, KTH, Data- och elektroteknik, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-153731.
Full textAbstract:
A lot of information nowadays is made available through Web APIs on the Internet and without security and encryption; it is very easy for malicious users to access confidential information. The goal was to find out what different mechanisms that are available for providing a safe communication with a web API from web clients and mobile applications with little as possible impact on the performance. Learning, implementing and maintaining the mechanisms are also im- portant aspects looked at in the evaluation. Many mechanisms are available for use to secure the communication but not all are suitable for public clients. The suitable mechanisms are Digest authentication and OAuth 2.0. The chosen mechanisms were developed, tested and evaluated in regard to safety, performance impact and usabil- ity from a company perspective. The authentication and authorization mechanism, which was the most suitable, was OAuth 2.0as it has least impact on performance and better security features than the other mechanisms.Mycket information finns numera tillgänglig via Web API:er på Internet och utan säkerhet och kryptering är det mycket lätt att illvilliga personer får tillgång till konfidentiellinformation. Målet är att ta reda på vilka olika säkerhetsmekanismer som finns tillgängliga för att tillhandahålla en säker kommunikation med ett Web API från webbklienter och mobila applikationer med så liten påverkan på prestanda. Kunskapsinhämtning, utveckling och underhållandet av lösningar är också viktiga aspeketer som tittats på vid utvärderingen av mekanismerna. Flera mekanismer finns att använda sig av för att säkra kommunkationen men de lämpliga mekanismerna för publika klienter är Digest Authentication och OAuth 2.0. De utvalda mekanismerna har utvecklats, testats, utvärderats med avseende på säkerhet, påverkan på prestanda och användbarhet utifrån ett företags perspektiv. Autentiserings- och behörighets-mekanismen som blev den utvalda var OAuth 2.0 då den har minst påverkan på prestandan och bättre säkerhets egenskaper än de andra mekanismerna.
9
Andersson, Fredrik, and Malmqvist Simon Cedergren. "Effective construction of data aggregation services in Java." Thesis, Malmö högskola, Fakulteten för teknik och samhälle (TS), 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20735.
Full textAbstract:
Stora mängder data genereras dagligen av slutanvändare hos olika tjänster. Denna data tenderar att tillhandahållas av olika aktörer, vilket skapar en fragmenterad marknad där slutanvändare måste nyttja flera programvaror för att ta del av all sin data. Detta kan motverkas genom utvecklandet av aggregeringstjänster vilka samlar data från flera tjänster på en enskild ändpunkt. Utveckling av denna typ av tjänster riskerar dock att bli kostsamt och tidskrävande, då ny kod skrivs för flera projekt trots att stora delar av funktionaliteten är snarlik. För att undvika detta kan etablerade tekniker och ramverk användas för att på så vis återanvända mer generella komponenter. Vilka av dessa tekniker som är bäst lämpade och således kan anses vara mest effektiva ur ett utvecklingsperspektiv, kan dock vara svårt att avgöra. Därför baseras denna uppsats på vad som genom analys av akademisk litteratur kan utläsas som ett akademiskt konsensus.Innan denna uppsats påbörjades utvecklades en Java-baserad dataaggeringstjänst baserad på krav från ÅF i Malmö. Denna experimentella implementation har som syfte att samla in data från två separata tjänster, och tillgängliggöra denna på en enskild ändpunkt. Efter att implementationen färdigställts påbörjades arbetet på uppsatsen. Denna består av en litteraturstudie för att undersöka vilka tekniker och ramverk som akademisk forskning funnit bäst lämpad för användningsområdet. Vidare används resultaten från studien även för att analysera i vilken grad dessa korrelerar med de krav som ÅF presenterade inför den experimentella implementationen.Litteraturstudien visar på att de teknikmässiga val som gjordes av företaget i stor utsträckning korrelerar med de tekniker som akademisk forskning funnit bäst lämpade för användningsområdet. Detta innefattar bland annat OAuth 2.0 för autentisering, JSON som serialiseringsformat samt REST som kommunikationsarkitektur. Vidare visar denna litteraturstudie på en eventuell lucka inom den tillgängliga litteraturen, då sökningar kring specifika programvaror relaterade till området endast resulterar i en mindre mängd artiklar.Large quantities of data are generated daily by the end users of various services. This data is often provided by different providers, which creates a fragmented market where the end users have to utilize multiple applications in order to access all of their data. This can be counteracted by the development of aggregation services that gather data from multiple services to a combined endpoint. The development of these kinds of services does however run the risk of becoming costly and time-consuming since new code is written for several projects even though large portions of the functionality is similar. To avoid this, established technologies and frameworks can be utilized, thereby reusing the more general components. Which of the technologies are the best suited, and thereby can be considered the most effective from a development perspective, can however be difficult to determine. This essay is therefore based on what can be considered an academic consensus through analysis of literature regarding earlier reasearch on the subject. Before the writing of the essay began a Java-based data aggregation service was developed, based on requirements from the company ÅF in Malmö. The purpose of this experimental implementation is to gather data from two separate services, and make them accessible on a unified endpoint.After the implementation was finished, work on the essay began. This consists of a literature review to investigate what technologies and frameworks that has been found best suited for this area of application by academic research. The results from this study are also used to analyze the extent of the correlation between the results and the requirements presented by ÅF regarding the experimental implementation. The literature review shows that the choices made by the company largely correlates with the technologies that the academic research has found best suited for this area of application. This includes OAuth 2.0 for authentication, JSON as a serialization format and REST for communications architecture. The literature review also indicates a possible gap within the available academic literature since searches regarding specific pieces of software related to the subject only results in a small amount of articles.
10
SHARIF, AMIR. "Analysis of Best Current Practices to Assist Native App Developers with Secure OAuth/OIDC Implementations." Doctoral thesis, Università degli studi di Genova, 2021. http://hdl.handle.net/11567/1050122.
Full textAbstract:
OAuth 2.0 and OpenID Connect are two of the most widely used protocols to support secure and frictionless access delegation and single sign-on login solutions, which have been extensively integrated within web and mobile native applications. While securing the OAuth and OpenID Connect implementations within the web applications is widely investigated, this is not true for mobile native applications due to their peculiarities compared to web applications. Given that, we investigate the availability of necessary information to mobile native application developers. Our investigation reveals that mobile native application developers need to access many sparse documents and understand technical security writing, when they are not necessarily security experts that leads to insecure integration of OAuth and OpenID Connect solutions due to various implementation flaws. Thus, to assist mobile native application developers in the understanding of OAuth and OpenID Connect documentations, we demystify the OAuth and OpenID Connect core documentations and two of the most security-critical profiles for governmental and financial domains, namely “International Government Assurance” and “Financial Grade API” to extract the wealth information and summarize them in plain English.
To secure the integration of OAuth and OpenID Connect solutions, the OAuth working group and the OpenID foundation have produced many security-related documents to provide general guidelines and best current practices. These documents explain the features that OAuth and OpenID Connect providers must support and how web and mobile native application developers should implement these solutions for the different use case scenarios. In addition, due to the peculiarities of mobile native applications, the OAuth working group has published the “OAuth 2.0 for Na- tive Apps” documentation dedicated to assist mobile native application developers. Recently, the OAuth working group released AppAuth SDK to support mobile native application developers in the secure implementation of access delegation and single sign-on login solutions within mobile native applications. It enables mobile native applications to authorize and authenticate users by communicating with OAuth and OpenID Connect providers, beside embedding the security and usability best current practices described in [DB17]. We thus perform a comprehensive analysis to investigate the compliance with the best current practices of the main OAuth and OpenID Connect providers and top-ranked Google Play Store applications. Our analysis shows that 7 out of 14 providers, and 5 out of 87 top-ranked Google Play Store applications are fully compliant with the best current practices and none of the Google Play Store applications use AppAuth SDK.
We conjecture that the root-causes of the non-compliant solutions are different for OAuth and OpenID Connect providers and Google Play Store applications. Concerning providers, they might be aware of these best current practices violations and their non-compliant solutions can be due to legacy reasons. Concerning Google Play Store applications, their non-compliant solutions can be due to the following: (i) the best current practices documents for OAuth and OpenID Connect are sparse, and mobile native application developers may be either unaware of them or misinterpret them as they are not (necessarily) security expert, (ii) lack of the best current practices adoption by OAuth and OpenID Connect providers that leads to the difficulty in integration of AppAuth SDK within mobile native applications. In addition, even in the case of compliant OAuth and OpenID Connect providers, the mobile native application developers still need to properly configure the AppAuth SDK and write the secure code to invoke the SDK properly within their mobile native applications, which is not a daunting task, and (iii) the pressure on mobile native application developers to provide new functionalities for the mobile native applications may result in prioritizing the functionality over the security—as performing a risk as- assessment procedure is a complex task in the context of OAuth and OpenID Connect solutions—they could not have the resources to perform a risk assessment procedure.
The above-mentioned problems motivate us to propose methodologies to assist mobile native application developers with the secure implementation of OAuth and OpenID Connect solutions within their mobile native applications. To this aim, we provide a reference model for OAuth and OpenID Connect solutions by utilizing the extracted information from various documents that can be used within a risk as- assessment approach to enable mobile native application developers with an informed decision w.r.t. their implementation choices. In addition, we design a wizard-based approach and implement it within an Android Studio plugin called mIDAssistant that assists mobile native application developers with automatic integration of the core functionalities and ensures the enforcement of the best current practices by leveraging AppAuth SDK.
The effectiveness of our approach has been verified in several real-world scenarios (e.g., pull printing), research and innovation projects (e.g., the EIT Digital activity API Assistant), and in the context of industrial collaborations (Poste Italiane, IPZS). Furthermore, we had the opportunity to present our work to the OAuth working group experts (during the OAuth Security Workshop), and they have shown interest in our approach.
11
Rehnberg, Daniel. "SharePoints hemligheter : Ett integrationsprojekt i SiteVision." Thesis, Mittuniversitetet, Avdelningen för data- och systemvetenskap, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-29940.
Full textAbstract:
I detta projekt har SharePoint integrerats i SiteVision. Flera av SiteVision AB:s kunder har efterfrågat en möjlighet att integrera produkten med SharePoint. Microsoft tillhandahåller inga direkta API:er för SharePoints objektmodell i Java som SiteVision är skrivet i. SiteVision AB visste inte hur kunderna ville kunna arbeta med SharePoint i SiteVision och var angelägna om att ta reda på detta. Det övergripande syftet med denna rapport har varit att möjliggöra en attraktiv integration av SharePoint från SiteVision. Detta har utförts genom att undersöka vilka delar av SharePoint som SiteVision AB:s kunder vill kunna komma åt från SiteVision och hur kunderna vill kunna komma åt dessa delar i SiteVision. Undersökningen har genomförts genom kvalitativa intervjuer med några av SiteVision AB:s kunder. Undersökningen har visat att kunderna helst vill ha en integration mot SharePoints dokumenthanteringssystem. De vill ha möjligheten att lista filer från SharePoint i SiteVision utifrån en given mapp eller metadata. De vill även kunna söka efter SharePoint-filer i SiteVision. Ett internt API för kommunikation mot SharePoint i Java har konstruerats. Efter kundernas önskemål har en SiteVision-modul som listar filer utifrån en angiven mapp skapats. Dessutom har en enkel prototyp till sökmodul konstruerats. Resultaten från intervjuerna kan inte anses vara representativa för hela kundkretsen men gav en indikation om vad som skulle utvecklas först. Projektets mål är uppfyllda men modulerna behöver utvecklas vidare innan de kan lanseras.In this thesis project, SharePoint has been integrated in SiteVision. Several customers of SiteVision AB have requested an integration of SharePoint from SiteVision. Microsoft doesn’t provide any API for Java to SharePoint object model. SiteVision AB did not know in what form the customers wanted to access SharePoint from SiteVision but was keen to find out. The overall aim with this thesis has been to make an appealing integration of SharePoint from SiteVision possible. This has been accomplished by performing a study investigating what parts of SharePoint the customers wanted to access from SiteVision and in what form they wanted to access it. The study has been performed by qualitative interviews with some of the customers of SiteVision AB. The study has shown that the customers most of all wants to integrate the document management system of SharePoint. They want to be able to view SharePoint files inside SiteVision based on a provided folder, or file meta data. They also want to search for SharePoint files in SiteVision. An internal API for communication with SharePoint in Java has been constructed. Based on the customers’ requests, a SiteVision module that lists SharePoint files based on a folder has been created. Furthermore, a simple prototype for a search module has been constructed. The results from the study cannot be considered as representative of all customers but gave an indication of what should be developed first. The overall aim has been fulfilled but the modules need additional developing before they can be released.
12
Kaššák, Marián. "Návrh dílčí části informačního systému." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2019. http://www.nusl.cz/ntk/nusl-400109.
Full textAbstract:
The diploma thesis deals with the analysis of the company and the focus on data security. Based on the company analysis and requirements is designed a new system of employee authorization in CMS systems of the company. The design of the employee authorization API solution is based on the OAuth 2.0 protocol.
13
Grahn, Kristoffer. "Utredning och impementation av säkerhetslösningar för publika API:er." Thesis, Örebro universitet, Institutionen för naturvetenskap och teknik, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:oru:diva-84184.
Full textAbstract:
Examensarbetet går igenom vanliga säkerhetsrisker med publika API:er och ger information om IIS, Apache, Nginx, OAuth 2.0 och några av deras säkerhetsmoduler som kan implementeras. IIS och Apache har inbyggda hanteringsprocesser för att motverka ”Distributed-Denial-of-Service” (DDoS) attacker som jämförs med varandra utifrån analys av en befintlig rapport som testar två olika DDoS attacktyper. Säkerhetslösningarnas autentiseringsmoduler bryts ner i olika verifieringsprocesser, där det framkommer att verifieringsprocesserna har en gemensam svaghet mot ”Man-in-The-Middle” (MitM) attacker. Rapporten går in djupare hur man kan skydda sig mot MitM attacker med bra krypteringsprotokoll, ”Transport Layer Security” (TLS), samt undersöker den nyaste versionen TLS 1.3The thesis examines common security risks with public APIs and provides information about IIS, Apache, Nginx and OAuth 2.0 and some of the security modules they provide that can be implemented. IIS and Apache have builtin modules for handling Distributed-Denial-of-Service (DDoS) attacks that are compared against eachother through analyzing a existing report that tests two different DDoS attack types. The security solutions authentication modules are broken down into different types of verification processes, where it comes forth that the processes share a common security risk against Man-in-the-Middle (MitM) attacks. The report goes through how you can protect against MitM attacks with secure encryption protocols, Transport Layer Security (TLS), and analyzes the newest version TLS 1.3.
14
Emil, Söder. "Central autentisering för ett inbyggt system." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-37482.
Full textAbstract:
Central autentisering är en metod som länge har använts för att på ett lätthanterligtsätt administrera användare till olika nätverksresurser såsom datorer, skrivare ochservrar. I en tid när många industrier uppgraderas och byggs ut för att möta nyakrav för att kunna nås från runt om i världen måste många system byggas om.Arbete genomförs tillsammans med HMS Industrial Networks AB och kommer attundersöka möjligheten att autentisera användare mot en inbyggd kontroll ochstyrenhet centralt istället för lokalt vilket det idag är. Teori kommer att blandas medegna experiment av möjliga implementeringar och slutligen utvärderas all fakta ochen slutsats presenteras.Central authentication is a method that has been around a long time to manage users tovarious network resources, such as computers, printers, and servers. At a time whenmany industries are upgrading and expanding to meet new requirements to be accessedfrom around the world, many systems need to be rebuilt. The work will be donetogether with HMS Industrial Networks AB and will investigate the possibility ofauthenticating users against a built-in controller centrally instead of locally, as it istoday. Theory will be commingled with experiments of possible implementations andfinally evaluated with all the facts and a conclusion will be presented.
15
Fedi, Alessandro. "Servizi Web Integrati con Applicazioni di Social Networking tramite Framework Spring Social." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2017.
Find full textAbstract:
Il lavoro effettuato in questa tesi prevede la creazione di un sistema configurabile da installare su un’applicazione web che sia in grado di offrire l’interazione con i Social Network più diffusi. Attraverso questo lavoro è stato approfondito lo studio di Spring Social, strumento in grado di gestire la connessione ai Social Network che utilizzano OAuth per concedere l'autorizzazione. Inoltre è stato realizzato un prototipo sviluppato con AngularJS che soddisfacesse i requisiti dati.
16
ANDRADE, Marcos Tadeu de. "Mecanismos de autenticação e autorização em redes sociais virtuais: o caso futweet." Universidade Federal de Pernambuco, 2010. https://repositorio.ufpe.br/handle/123456789/2318.
Full textAbstract:
Made available in DSpace on 2014-06-12T15:56:41Z (GMT). No. of bitstreams: 2
arquivo2964_1.pdf: 2832258 bytes, checksum: ebe11e2d78c78120b2413077dd92b9c7 (MD5)
license.txt: 1748 bytes, checksum: 8a4605be74aa9ea9d79846c1fba20a33 (MD5)
Previous issue date: 2010A crescente penetração da internet entre os mais diversos setores e camadas da sociedade favoreceu a popularização de novas formas de interação entre as pessoas que a utilizam. Dentre estas novas formas de interação, podemos destacar as redes sociais virtuais, que podem agregar usuários com interesses em comum. Várias redes sociais virtuais disponibilizam APIs de acesso às suas funcionalidades, o que gera a necessidade da existência de mecanismos de autenticação e autorização para os usuários ou aplicações que utilizam tais APIs. Alguns mecanismos são sustentados por protocolos já conhecidos e validados tanto no âmbito acadêmico quanto no profissional, como é o caso do Kerberos, que pode ser utilizado no processo de Single Sign-On, em que o usuário é autenticado uma única vez e acessa vários serviços a partir dessa autenticação. Um protocolo que tem sido adotado pelas principais redes sociais é o OAuth, que enfatiza a segurança das credenciais do usuário. Nesse contexto, um problema existente é o de como integrar as diversas formas de autenticação existentes nas mais variadas redes sociais virtuais em uma única aplicação web. Com o objetivo de prover uma solução para esse problema, foram adicionados mecanismos que tratam da autenticação de usuários provindos de redes sociais diversas ao jogo Futweet, que originalmente utilizava somente a rede social Twitter. Este trabalho descreve as formas de autenticação das principais redes sociais, indica uma possível solução para o problema citado anteriormente e descreve a implementação utilizada no Futweet
17
Hůla, Vladimír. "Herní webový portál - objektové programování." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2016. http://www.nusl.cz/ntk/nusl-242147.
Full textAbstract:
This thesis deals with design and implementation of programming structure of game web portal. The web portal will serve as a communication and information center to simplify coordination among players and allow them to gain new experience. In the thesis are analyzed the needs of players, existing solutions and their drawbacks. The results of this analysis are used to design individual functions of the portal. Implementation of the most important parts of the website has been described, the implementation of these parts were evaluated and some enhancemets were eventually suggested. In the end of this thesis several functionalities were suggested, which could extend the portal in the future.
18
Cutler, Bryant Gordon. "Simple, Secure, Selective Delegation in Online Identify Systems." Diss., CLICK HERE for online access, 2008. http://contentdm.lib.byu.edu/ETD/image/etd2515.pdf.
Full text
19
Mancuso, Antonio. "Sistema di fatturazione collegato a Google Drive." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2014. http://amslaurea.unibo.it/6601/.
Full textAbstract:
L'obbiettivo della tesi è quello di sviluppare una semplice web application per la creazione di fatture.
La caratteristica principale è l'integrazione delle funzionalità di Google Drive permettendo all'utente di archiviare e condividere con pochi click le fatture con i clienti.
L'utente potrà creare, personalizzare, salvare, archiviare e condividere le proprie ricevute in tempo reale.
In questo documento verrà analizzato il processo di sviluppo del software che comprenderà: analisi dei requisiti, progettazione, sviluppo (scelte implementative), test e sviluppi futuri. Verranno anche documentate le tecnologie utilizzate al fine di raggiungere il prodotto finale.
20
Alaia, Vincenzo Maria. "Migrazione verso una architettura rest di un applicativo per l'inter library loan." Master's thesis, Alma Mater Studiorum - Università di Bologna, 2013. http://amslaurea.unibo.it/6199/.
Full textAbstract:
Questo lavoro di tesi �si basa sull'estendere l'architettura del software NILDE - Network Inter Library Document Exchange attraverso un processo di migrazione verso servizi REST (REpresentational State Transfer) utilizzando e ampliando metodologie, best practice e frameworks che hanno permesso lo sviluppo di API Pubbliche e Private utilizzabili da utenti esterni.
21
Gauffin, Christopher. "Addswift : En webbplattform för internetanvändare över hela världen." Thesis, Mittuniversitetet, Avdelningen för informationssystem och -teknologi, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-34950.
Full textAbstract:
New technologies arise everyday, but which ones are the best for your project? How do you store data in a safe manner that complies with the new European GDPR law? How do you plan, develop and complete a project? These are but a few formulations of questions that the study in this report will cover. The report is based around a business idea and vision for a company that offers advanced products built with modern technologies. The first step for the development of this company is to create a prototyp of its first product, a web platform. The prototyp will be formed after a projectplan with meetings with a supervisor and with the use of professional tools like Gantt, WBS and Trello. First and foremost a study will be done behind the theory of different frameworks and technologies but also a reasearch about GDPR and data security. The design phase will be the first part in shaping the projekt where wireframes, sitemap and ERdiagram have been created and documented. The choice of frameworks, mainly Vue, Express and MongoDB and the data security standards JWT and Oauth will be explained and used in the prototype as a base for the technical aspects of the project. Lastly the results och the finished prototype will be presented together with a discussion regarding problems that arose during the project, improvments that needs to be done and what the future holds for the complete web platform.Nya tekniker växer i rasande fart, men vilka är bäst för ens projekt? Hur lagrar man data på ett säkert sätt som följer den nya europeiska GDPR lagen? Hur planerar, utvecklar och genomför man ett projekt? Dessa är några få frågeställningar som undersökningen i denna rapport tar tittar närmare på. Rapporten grundar sig på en affärsidé och vision för ett företag som erbjuder avancerade produkter skapade med moderna webbteknologier. Det första steget för företagets utveckling är att skapa en prototyp av den första produkten, en webbplattform. Prototypen kommer att utvecklas efter en projektplan med handledningsmöten och användning av professionella verktyg som Gantt, WBS och Trello. Först och främst studeras teorin bakom om olika ramverk och tekniker men även en undersökning om GDPR och datasäkerhet. Designfasen kommer sedan vara det första momentet för projektets utformning där bland annat wireframes, sitemap och ERdiagram har skapats och dokumenterats. Valet av ramverk, främst Vue, Express och MongoDB samt datasäkerhetsstandarna JWT och Oauth kommer att förklaras och användas i prototypen som grund för projektets tekniska skapande. Slutligen presenteras resultatet av den färdiga prototypen tillsammans med en diskussion över problem som uppstod under projektets gång, förbättringar som behöver göras och vilka framtidsplaner som finns för den fullständiga webbplattformen.
22
Pezzulli, Francesco. "Analisi ed implementazione di un sistema Single Sign-On basato su Shibboleth e OpenID Connect." Bachelor's thesis, Alma Mater Studiorum - Università di Bologna, 2020.
Find full textAbstract:
Il lavoro raccolto in questa tesi comprende sia lo studio delle soluzioni Single Sign-On e del loro impiego in contesti reali, sia il lavoro di implementazione di un sistema di Identity Provider nella realtà CINECA.
Lo studio parte dal concetto di identità digitale e di come essa viene gestita nei sistemi di autenticazione. In questo lavoro è rappresentata l'analisi della figura di Identity Provider che va dallo studio delle componenti e dei workflow di processo del caso d'uso SPID all'esame del sistema Shibboleth nella sua interezza.
La piattaforma Shibboleth è una soluzione di Single Sign-On molto ricca e funzionale e per questo motivo è quella adottata dal CINECA nell'erogazione dei propri servizi.
Il lavoro implementativo compreso in questa tesi è nato dall'esigenza CINECA di evolvere i propri sistemi Shibboleth in una soluzione unica e trasversale alle diverse esigenze applicative aziendali.
Lo studio e la realizzazione di questo progetto ha portato all'individuazione di un prototipo di piattaforma che verrà sviluppato appieno nei prossimi mesi e che verrà adottato dal CINECA in futuro.
23
DASHTI, SALIMEH. "An Assisted Methodology to Conduct a Data Protection Impact Assessment." Doctoral thesis, Università degli studi di Genova, 2021. http://hdl.handle.net/11567/1050120.
Full textAbstract:
The uptake of digital technologies in our everyday activities today is unlike any time in history. Consequently, the amount of personal data produced and shared is staggering. Indeed, they have become the primary asset for many businesses. While users benefit from online engagement, an increasing number of critics have voiced their privacy concerns. To protect peoples’ fundamental rights concerning processing their personal data, General Data Protection Regulation (GDPR) has been introduced. GDPR requires to conduct a Data Protection Impact Assessment (DPIA) when data processing is likely to result in a high risk to the rights and freedoms of individuals. For example, where the processing may lead to discrimination, damage to the reputation, loss of confidentiality personal data. Therefore, it requires assessing security risks and privacy risks—we learned identifying the latter is not easy even for information security and data protection experts. GDPR is not clear about when and how to conduct a DPIA. Thus, academic works and legal bodies introduced guidelines and tools to help controllers conduct the DPIA. However, these works lack to either provide an assistance, include all steps of the DPIA or be applicable to all domains. These shortages motivated us to propose an assisted methodology to conduct a DPIA. The methodology provides assistance from identifying the required data type for a given data processing to identifying and evaluating privacy and security risks. We have adopted our methodology to conduct a DPIA-compliance risk analysis for OAuth/OIDC-based financial services. That is because of: (1) the growth of open banking, (2) the necessity of deploying appropriate identity management solutions—as stated in PSD2, which requires to respect the GDPR requirement—and (3) the wide usage of OAuth/OIDC identity management solutions that are secure but error-prone. The methodology can also be used for any OAuth/OIDC-based services.
24
Toufanpanah, Monir. "Decision Support framework: Reliable Federated Single Sign-on." Thesis, Luleå tekniska universitet, Datavetenskap, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-62594.
Full textAbstract:
Identity management is a critical concept for enterprises, and it has turned to more challenging issue since businesses are significantly moving towards service oriented architecture (SOA) with the aim to provide seamless service delivery to their customers, partners and employees. The organizational domains are expanded to blur the virtual borders, simplify the business collaboration and maximize opportunities in the competitive market place, which explicitly shows the essentiality for federating the identities. Real-world identity comprises of different dimensions such as Law, Business, Policy, Technology and Society, therefore reliable digital identity management and successful federation are required to take these dimensions and complexity into consideration. Considering variety of academic and industrial researches that report on remarkable demands for identity federation adoption by enterprises, this study has approached federated Identity Management from technological point of view. Technologies provide tools and mechanisms to satisfy the business requirements and enable single sign-on capability in reliable federated platform. Different authentication technologies and standards have emerged to enable federated single sign-on (FSSO) implementation as a core service of the FIdM, each with different features and capabilities. This brings more complexity and confusion for experts and decision makers for FIdM adoption and development. To overcome this obstacle and accelerate the data collection and analysis process for decision makers, this research contributes to the filed by providing a conceptual framework to simplify the analysis of underlying technology for decision making process. In this framework 1) a list of state-of-the-art requirements and mechanisms for successful identity federation and reliable SSO is elaborated, 2) Six most prevalent standard authentication technologies along with latest specifications are analysed, explained and assessed against the defined criteria, and 3) several security and privacy consideration are gathered. The usage of framework is monitored and the efficiency of it is evaluated in 2 real business case scenarios by five IT experts and the result is reported.
25
Barcelos, Mariana Alexandra Aleixo de. "Towards a security framework for the semiconductor supply chain environment." Master's thesis, Universidade de Aveiro, 2018. http://hdl.handle.net/10773/23555.
Full textAbstract:
Mestrado em Engenharia Eletrónica e TelecomunicaçõesHoje em dia, a troca de informação entre os parceiros da cadeia de forne-cimento de semicondutores pode ser alvo de muitas ameaças de segurança conhecidas e desconhecidas no ambiente interno/externo dos parceiros. Particularmente, estas vulnerabilidades, no ambiente da cadeia de fornecimento de semicondutores, podem ser exploradas por atacantes com um amplo espectro de motivações que vão desde intenções criminais, visando o ganho financeiro, até à espionagem industrial e a cyber-sabotagem. Os atacantes podem comprometer a comunicação de dados entre parceiros na cadeia de fornecimento e, portanto, podem prejudicar o fornecimento de serviços pelos parceiros, bem como a continuidade da prestação de serviços. Como resultado, os parceiros da cadeia de fornecimento de semicondutores poderão sofrer repercussões nocivas que podem causar perdas significativas de receita, destruição da sua marca e atrasos no avanço das suas tecnologias. Consequentemente, uma plataforma de segurança para o ambiente da cadeia de fornecimento de semicondutores é de extrema importância. Assim, a intenção desta tese é fornecer uma base para uma plataforma de segurança para comunicação segura de dados entre todos os parceiros da cadeia de fornecimento de semicondutores.
Nowadays, data communication across the partners in the semiconductor supply chain can be the target of many known and unknown security threats exploiting security vulnerabilities in the internal/external environment of the partners. Particularly, these vulnerabilities in the semiconductor supply chain environment can be exploited by attackers with a wide spectrum of motivations ranging from criminal intents aimed at nancial gain to industrial espionage and cyber-sabotage. Attackers can compromise the data communication between legitimate parties in the supply chain and thus can jeopardize the delivery of services across the partners as well as the continuity of the service provision. As a result, semiconductor supply chain partners will su er from damaging repercussions which can cause signi cant revenue loss, destroy their brand and eventually hinder their advancement. Consequently, a security framework for the semiconductor supply chain environment is of utmost importance. Hence, the intent of this thesis is to provide a foundation for a security framework for secure data communication across the partners in the semiconductor supply chain.
26
Yip, Shing-lam, and 葉成林. "Rendezvous under oath: weddingland." Thesis, The University of Hong Kong (Pokfulam, Hong Kong), 1994. http://hub.hku.hk/bib/B31982219.
Full text
27
Yip, Shing-lam. "Rendezvous under oath : weddingland /." Hong Kong : University of Hong Kong, 1994. http://sunzi.lib.hku.hk/hkuto/record.jsp?B25944939.
Full text
28
Callaway, Cathy L. "The oath in epic poetry /." Thesis, Connect to this title online; UW restricted, 1990. http://hdl.handle.net/1773/11449.
Full text
29
Blythe, Jimmy G. Jr. "The oath of God in Hebrews." Thesis, Southeastern Baptist Theological Seminary, 2016. http://pqdtopen.proquest.com/#viewpdf?dispub=10246169.
Full textAbstract:
The author of Hebrews is concerned that the persecution of a spiritually immature and discouraged Christian community may cause them to relinquish their mission and lose certain rewards inherent to obedience. He argues that God swears an oath in Psalm 2 and Psalm 110 in order to assure his people of the certainty of his promises (Heb. 6:13–20). He demonstrates that specific elements of the divine oath have been fulfilled in Jesus Christ, guaranteeing the eventual consummation of the inaugurated promises of this oath and providing certain benefits that enable Christians to fulfill their divinely appointed mission. These embattled saints can endure attacks from their enemies because Jesus Christ is the anointed king who will utterly defeat his enemies, and he is the promised priest after the order of Melchizedek who grants direct access to his heavenly throne for the power to persevere faithfully in the last days. Therefore, the thesis is that the author of Hebrews views Psalm 2 and Psalm 110 as oaths of God, reassures his audience by proving that God is bringing to completion all the elements of his oaths, and encourages them to take advantage of the benefits provided by God’s oaths.
30
Hedmark, Alice. "Undersökning av webbsidors säkerhet vid användning avFacebook Login : Vidareutveckling och analys av OAuthGuard." Thesis, Mittuniversitetet, Institutionen för data- och systemvetenskap, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-36859.
Full textAbstract:
Single Sign-On (SSO) är en autentiseringsprocess som tillåter en utvecklare att delegera autentiseringsansvaret till en dedikerad tjänst. OAuth 2.0 är ett auktoriseringsramverk som ofta står som grund för ett autentiseringslager som i sin tur möjliggör SSO. En identitetsleverantör är tjänsten som står för hantering av användaruppgifterna och autentiseringen, två vanliga identitetsleverantörer är Google och Facebook som i sin tur implementerar SSO med hjälp utav autentiseringslagren OpenID Connect respektive Facebooks egna autentiseringslager. Det har visat sig att många klienter som ska utnyttja SSO med OAuth 2.0 implementerar det fel så att säkerhetsbrister uppstår, studier har utförts med förslag till lösningar men många bristande implementationer fortsätter produceras och existera. Att skapa diverse verktyg för att främja säkerhet i dessa sammanhang är en metod där OAuthGuard utvecklats med visionen att även kunna skydda användaren, direkt från en webbläsare. OAuthGuard har även tidigare använts för att analysera säkerheten med Google SSO och visat att 50% av undersökta klienter har brister, men motsvarande studie eller verktyg saknas för Facebook SSO. Denna studie gjorde en motsvarande undersökning för Facebook SSO-klienter med en vidareutvecklad version av OAuthGuard och fann att de lider av brister med liknande trend som tidigare studies resultat mot Google-SSO-klienter, men att färre Facebook- SSO-klienter har brister i jämförelse. Vid vidareutvecklingen av OAuthGuard upptäcktes ett antal svårigheter och framtiden för denna typ av verktyg behöver vidare analyseras. Vidare analys behöver även göras för att bedöma om Facebook-SSO kan vara att föredra över Google-SSO ur säkerhetsperspektiv samt vidare utforskande av nya säkerhetsfrämjande metoder behöver utföras.Single Sign-On (SSO) is an authentication process that allows a developer to delegate the authentication responsibility to a dedicated service. OAuth 2.0 is an authorization framework that often serves as a base for authentication layers to be built upon that in turn allows for SSO. An identity provider is the service that is responsible for handling user credentials and the authentication, two common identity providers are Google and Facebook that implement SSO with the authentication layers OpenID Connect respectively Facebooks own authentication layer. It has been shown that many clients using OAuth 2.0 as base for SSO make faulty implementations leading to security issues, a number of studies has proposed solutions to these issues but faulty implementations are continually being made. To create various tools to promote security in these contexts is a method where OAuthGuard has been developed with the vision to also directly protect the common website user directly from the browser. OAuthGuard has been used in an earlier study to analyze the security of clients using Google SSO and discovered that 50% of the analyzed clients had flaws, no comparable study has been done for clients using Facebook SSO, which is the second largest third party log in variant. This study made a comparable investigation for Facebook SSO clients with a further developed version of OAuthGuard and found that these clients suffer from flaws with a similar trend as the previous study with Google-SSO clients, although fewer Facebook-SSO clients suffer from these flaws. When further developing OAuthGuard a dumber of difficulties was discovered and the future of these kind of tools needs to be investigated. Further analysis needs to be done to assess if Facebook-SSO should be recommended over Google-SSO from a security perspective and also further exploration of new methods to promote security needs to be done.
31
Zapolskas, Vytautas. "Securing Cloud Storage Service." Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, 2012. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-18626.
Full textAbstract:
Cloud computing brought flexibility, scalability, and capital cost savings to the IT industry. As more companies turn to cloud solutions, securing cloud based services becomes increasingly important, because for many organizations, the final barrier to adopting cloud computing is whether it is sufficiently secure.More users rely on cloud storage as it is mainly because cloud storage is available to be used by multiple devices (e.g. smart phones, tablets, notebooks, etc.) at the same time. These services often offer adequate protection to user's private data. However, there were cases where user's private data was accessible to other user's, since this data is stored in a multi-tenant environment. These incidents reduce the trust of cloud storage service providers, hence there is a need to securely migrate data from one cloud storage provider to another.This thesis proposes a design of a service for providing Security as a Service for cloud brokers in a federated cloud. This scheme allows customers to securely migrate from one provider to another. To enable the design of this scheme, possible security and privacy risks of a cloud storage service were analysed and identified. Moreover, in order to successfully protect private data, data protection requirements (for data retention, sanitization, and processing) were analysed. The proposed service scheme utilizes various encryption techniques and also includes identity and key management mechanisms, such as "federated identity management".While our proposed design meets most of the defined security and privacy requirements, it is still unknown how to properly handle data sanitization, to meet data protection requirements, and provide users data recovery capabilities (backups, versioning, etc.).
32
Ziegler, Yael. "Promises to keep : the oath in biblical narrative /." Leiden : Brill, 2008. http://catalogue.bnf.fr/ark:/12148/cb41303576g.
Full text
33
Josefsson, Ågren Fredrik, and Oscar Järpehult. "Characterizing the Third-Party Authentication Landscape : A Longitudinal Study of how Identity Providers are Used in Modern Websites." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-178035.
Full textAbstract:
Third-party authentication services are becoming more common since it eases the login procedure by not forcing users to create a new login for every website thatuses authentication. Even though it simplifies the login procedure the users still have to be conscious about what data is being shared between the identity provider (IDP) and the relying party (RP). This thesis presents a tool for collecting data about third-party authentication that outperforms previously made tools with regards to accuracy, precision and recall. The developed tool was used to collect information about third-party authentication on a set of websites. The collected data revealed that third-party login services offered by Facebook and Google are most common and that Twitters login service is significantly less common. Twitter's login service shares the most data about the users to the RPs and often gives the RPs permissions to perform write actions on the users Twitter account. In addition to our large-scale automatic data collection, three manual data collections were performed and compared to previously made manual data collections from a nine-year period. The longitudinal comparison showed that over the nine-year period the login services offered by Facebook and Google have been dominant.It is clear that less information about the users are being shared today compared to earlier years for Apple, Facebook and Google. The Twitter login service is the only IDP that have not changed their permission policies. This could be the reason why the usage of the Twitter login service on websites have decreased. The results presented in this thesis helps provide a better understanding of what personal information is exchanged by IDPs which can guide users to make well educated decisions on the web.
34
Skaistys, Audrius. "Teisinis priesaikos institutas ir jo socialinis vaidmuo." Doctoral thesis, Lithuanian Academic Libraries Network (LABT), 2011. http://vddb.laba.lt/obj/LT-eLABa-0001:E.02~2011~D_20110613_152119-89712.
Full textAbstract:
Tyrimo objektas ir problemos aktualumas
Tyrimo objektas. Disertacijoje teisiniu požiūriu tiriamas vienas tarpšakinių teisės institutų – priesaika. Disertacijos tyrimas apima paprotinės ir pozityviosios teisės raidos etapuose susiformavusius teisinius santykius, atsirasdavusius ir tebeatsirandančius priesaikos instituto taikymo ir jo funkcijų įgyvendinimo srityse. Šiame darbe nagrinėjami istoriniai, lituanistiniai šaltiniai; nacionalinių, tarptautinių ir kitų valstybių teisės aktų normos, reglamentuojančios priesaikos institutą, taip pat šią temą nagrinėjanti Lietuvos teisės doktrina.
Priesaikos teisinio instituto ir jo socialinio vaidmens tyrimas bendrąja prasme – tai vieno iš seniausių ir gilias tradicijas Lietuvoje turinčio teisinio instituto tyrimas. Priesaikos sampratos (sąvokos) pažinimas yra organiška teisės doktrinos, kaip vienalyčio darinio, dalis, tačiau šio instituto prasmė ir reikšmė teisės normose ir teorijoje (moksle) nėra plačiau tyrinėta. Šiuo tyrimu bandoma atskleisti socialinę teisinę priesaikos esmę, jos evoliuciją ir virsmą į tikrai talpų (vertybių ir atliekamų funkcijų požiūriu) teisinį reguliatorių, kuris laikytinas Lietuvos Respublikos Konstitucijoje įtvirtintų pamatinių vertybių koncentracija, o kartu ir jų veiksnumą užtikrinančiu įrankiu. Perfrazuojant prof. A. Vaišvilą, „aiškinant teisę (šiuo atveju – priesaiką, kaip koncentruotą teisės išraišką [išskirta disertanto] <...>, neužtenka pasakyti, kad teisė (priesaika) yra elgesio taisyklė (tai tik... [toliau žr. visą tekstą]The subject matter of the research and its relevance The subject matter. In the present paper one of the inter-branch law institutes namely – the oath is being under discussion. The treatment of the problem embraces the development of law from time honored stages up to the present state. Within the period the law terms has changed considerately and the process is still in progress, especially in the sphere of the implementation of its functions. In the given paper the objects of research are the historical and native Lithuanian sources; i.e. the norms of national, international legal acts and the acts of other states in which the oath institution is called upon, as well as the Lithuanian law doctrine dealing with this problem. The general approach to the research of the juridical Oath Institution and its social significance has a long standing tradition in Lithuania. The cognition of the concept of the oath is an organic element of the law doctrine, as an integral formation, however has never yet received a deeper research either in legal norms or in theory. The given paper is an attempt to reveal the juridical and social essence of the oath, its evolution and transformation into a really meaningful juridical regulation of values and its fitting functions. It ought to be a concentration of the fundamental values stated in the Constitution and at the same time – an instrument of the assurance of their implementation. Rephrasing prof. A. Vaišvila „when explaining law (in this... [to full text]
35
Oluyitan, Emmanuel F. "Combating Corruption at the Grass-Roots Level: The Case of Individual Oath Takers." Antioch University / OhioLINK, 2015. http://rave.ohiolink.edu/etdc/view?acc_num=antioch1429101146.
Full text
36
真樹子, 小宮, and Makiko Komiya. "Bound by the Pentecostal oath : chivalric performance and the round table in Malory's Morte Darthur." Thesis, https://doors.doshisha.ac.jp/opac/opac_link/bibid/BB12864014/?lang=0, 2014. https://doors.doshisha.ac.jp/opac/opac_link/bibid/BB12864014/?lang=0.
Full textAbstract:
本論文はトマス・マロリーの『アーサー王の死』における「円卓」の役割を、三つの定義を通じて考察するものである。中世において「ラウンド・テーブル」は「(1)アーサー王の騎士組織(2)彼らの集う場である家具(3)アーサー王伝説を模倣して行われた見世物」を意味した。本研究では特に円卓の形状と意味の変化、模擬戦と誓約による理想の提示、円卓が騎士たちの間に生み出す友愛と敵対、誓いにより結ばれた義兄弟と実の兄弟の差異、偽証による円卓の崩壊を取り上げる。This dissertation presents a more comprehensive study of Thomas Malory's Morte Darthur from the three aspects of the Round Table. I focus on the following elements especially: the evolution of the shape and significance of the Round Table; visual and verbal representations of the Round-Table ideal by means of tournaments and the Pentecostal Oath; the conflicts the table creates between fellowship and rivalry; the chasm between brothers bound by oath and those tied by blood; and its fall due to the violation of the Pentecostal Oath. Through these perspectives, I would like to reveal the functions of the Round Table and capture the essence of Le Morte Darthur.
博士(英文学)
Doctor of Philosophy in English Literature
同志社大学
Doshisha University
37
Boorer, Suzanne. "The promise of the land as oath : a key to the formation of the Pentateuch /." Berlin ; New York : W. de Gruyter, 1992. http://catalogue.bnf.fr/ark:/12148/cb35694138w.
Full text
38
Novosad, Andrej. "Využití metod dolování dat pro analýzu sociálních sítí." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2013. http://www.nusl.cz/ntk/nusl-236424.
Full textAbstract:
Thesis discusses data mining the social media. It gives an introduction about the topic of data mining and possible mining methods. Thesis also explores social media and social networks, what are they able to offer and what problems do they bring. Three different APIs of three social networking sites are examined with their opportunities they provide for data mining. Techniques of text mining and document classification are explored. An implementation of a web application that mines data from social site Twitter using the algorithm SVM is being described. Implemented application is classifying tweets based on their text where classes represent tweets' continents of origin. Several experiments executed both in RapidMiner software and in implemented web application are then proposed and their results examined.
39
Andress, David Robert. "Order and democracy in Paris from the oath of the clergy to the tricolour terror, January-August 1791." Thesis, University of York, 1994. http://etheses.whiterose.ac.uk/14000/.
Full textAbstract:
The first chapters of this thesis explore the picture of eighteenth-century Parisian popular culture emerging from recent research, and suggest how it may be incorporated into a history of Parisian popular disturbances in 1789. Developing themes from this, the thesis explores the interaction in 1791 between popular perceptions of the revolutionary situation and the perceptions of popular activity by the authorities and other opinion-forming groups, notably the press and the popular societies. The picture which emerges from comparison of police records with press and administrative reports is one of near-paranoid suspicion. Suspicion focused on the conception that popular discontent over socio-economic and political issues was necessarily the product of ignorance coupled with rabble-rousing by agents of aristocratic factions. In a situation of rising political tensions, stimulated by dissent amongst the clergy and royal reluctance to approve the new settlement, records show popular concerns over these events falling into spirals of growing alarm, as the press reflected back to the people the fears that their activities were provoking. Confusion over the identity of alleged seditious elements, coupled with social prejudices continuing from the ancien regime, made this process chronically destabilising, and eventually led to the Champ de Mars Massacre. The thesis concludes that individuals at all social levels appear to have had a meaningful engagement with the issues of freedom and equality raised by the promises of the Revolution, but that attempts to express these independently by members of the lower classes led to conflict and repression. It further suggests a path from this position to a new hypothesis on the formation of the sans-culottes under the Republic.
40
Willet, Mary. "THE WORD OF A GENTLEMAN AND THE OATH OF A PATRIOT: Military Parole in the American Civil War." Thesis, Department of History, 2011. http://hdl.handle.net/2123/7995.
Full textAbstract:
The use and eventual demise of military parole in the American Civil War provides a key insight into the changing nature of ‘military honour’ in America’s bloodiest conflict. This thesis will use parole to examine America’s engagement and dedication to European international law, the prevalence of ‘honour’ in Union and Confederate armies and the way a pre-war culture of honour was challenged both by the harsh realities of nineteenth-century warfare and by the uniquely American way parole was employed during the Civil War.
41
ROSSARO, SILVIA. "Archeologia e genealogia del giuramento nel mondo romano arcaico." Doctoral thesis, Università degli studi di Padova, 2014. http://hdl.handle.net/11577/3423746.
Full textAbstract:
The purpose of this thesis is a complex phenomenon, the oath, which always arouses the interest of lawyers, historians, anthropologists, ethnologists, theologians, linguists, philosophers, with regard to its early development in the most remote Roman antiquity. The phenomenological and conceptual complexity of the oath, located at the intersection of different disciplines and territories, is such that none of these can fully claim it, nor can it define it in its full complexity and global relevance.
Of particular value is Paolo Prodi’s attempt to identify an “a-ahistorical and still” core of the oath-event, which consists of an invocation to the deity as a witness and guarantee of truth / veracity of a statement or declaration-of' commitment-promise to perform or have performed a certain action or to maintain a certain behavior in the future by an individual, who aspires to play in his bodily and spiritual life based on common beliefs that draw from the meta-political sphere. It is, also, significant consider to the oath as a responsibility assumption accomplished by the individual not in front of his partner, who is directly interested in what he asserts or promises, but in front of a third party unconnected with such dealings, that is the deity.
If we look at the oldest time, the oath is found at the basis of various relations, from international treaties to sacramentum militiae, from iusiurandum between private parties to legis actio sacramento. Some of them are ab antiquo attracted to the fides and originally find their source in an oath or a foundation to it closely relatable. It is then perceived relations in a religious dimension, in which the juridical aspect is bound to the sacred value of connected to the oath. In the Archaic period the institution seems to create some sort of unity between the everyday life of the subject, as well as the community, and the religious sphere above them, reconnecting the vicissitudes of social life to the religious beliefs of the community.
In order to fully understand the origins of this institution, we will begin with the etymologist analysis and the study of archetypes “Per Dius Fidius”, “Iovem lapidem” and “Ita me Hercules iuvet”, and then move on to consider the elements constituents: the certa verba and gesture, the invocation to the deity and the curse of perjury.
Set the general characteristics of the oath and its function, sensitive to the unique needs of the archaic Roman reality, we will conclude by outlining the implications in the context of sponsio, foedus and ancient legis actio sacramento, with particular attention to the evolution of this institution.Oggetto della presente tesi è un complesso fenomeno, il giuramento, che da sempre suscita l’interesse di giuristi, storici, antropologi, etnologi, teologi, linguisti, filosofi, con riguardo ai suoi primi sviluppi nella più remota antichità romana. La complessità fenomenologica e concettuale del giuramento, collocato all’incrocio di territori e discipline diversi, è tale per cui nessuno di questi può interamente rivendicarlo, né può definirlo integralmente nella sua complessità e rilevanza globale. Di particolare pregio appare il tentativo di Paolo Prodi di individuare un nucleo «a-astorico e immobile» del giuramento-avvenimento, che consiste in un’invocazione della divinità come testimone e garanzia della verità/veracità di un’affermazione-dichiarazione o dell’impegno-promessa di compiere o aver compiuto una certa azione o di mantenere un certo comportamento in futuro, da parte di un individuo, che pone così in gioco la propria vita corporale e spirituale in base a comuni credenze che attingono alla sfera metapolitica. Appare, altresì, significativo ricondurre il giuramento ad una assunzione di responsabilità compiuta dall’individuo non di fronte al suo interlocutore, diretto interessato a quanto egli asserisce o promette, bensì di fronte ad un terzo estraneo a tale rapporto ovvero davanti alla divinità. Se si guarda all’epoca più antica, il giuramento si ritrova a fondamento dei più svariati rapporti, dai trattati internazionali al sacramentum militiae, dal iusiurandum tra privati alla legis actio sacramento. Taluni di questi, attratti ab antiquo nell’ambito della fides, originariamente trovano la propria fonte in un giuramento ovvero in un fondamento ad esso strettamente rapportabile. Si tratta di relazioni allora percepite in una conglobante dimensione religiosa, in cui l’aspetto giuridico risulta vincolato al valore di tipo sacrale connesso al giuramento. In epoca arcaica tale istituto sembra quasi creare una sorta di unità tra la vita quotidiana del soggetto, nonché della collettività, e la sfera religiosa che li sovrasta, ricollegando le vicende della vita sociale alle credenze religiose della comunità. Al fine di comprendere a fondo le origini di codesto istituto, si inizierà dall’analisi etimologica e dallo studio degli archetipi “Per Dius Fidius”, “Iovem lapidem” e “Ita me Hercules iuvet”, per poi passare a considerarne gli elementi costitutivi: i certa verba e il gesto, l’invocazione degli dèi e la maledizione dello spergiuro. Fissati i tratti generali del giuramento e la funzione ad esso propria, sensibile alle esigenze peculiari della realtà arcaica romana, si concluderà delineando i risvolti nell’ambito della sponsio, del foedus e dell’antica legis actio sacramento, con particolare attenzione all’evoluzione di tale istituto.
42
Nebiolo, Francesca. "« Nîš ilim zakârum ». Prêter serment à l’époque paléo-babylonienne : étude comparative des serments mésopotamiens du début du IIe millénaire av. J.-C., entre grammaire et société." Thesis, Paris Sciences et Lettres (ComUE), 2018. http://www.theses.fr/2018PSLEP065.
Full textAbstract:
Prêter serment est un acte humain propre à toutes les sociétés historiques. Sur cette base, ce travail doctoral dédié au serment à l’époque paléo-babylonienne (2002-1595 av. J.-C.) vise à analyser les aspects grammaticaux, religieux et sociaux qui le constituent. Grâce à une étude détaillée d’un corpus hétérogène qui couvre l’ensemble des villes mésopotamiennes de cette époque, on établit les composants des formules du serment, on suit leur évolution dans le temps et on observe les particularismes régionaux détectés. Établir la structure grammaticale du serment permet ainsi de mieux le définir en tant qu’acte religieux qui agit sur la société. Le serment se révèle être le point de conjonction entre religion, justice et pouvoir royal. Dans ces trois domaines, il est utilisé de manière constante afin de garder intact un équilibre entre les relations humaines, autant à l’intérieur des différents royaumes qu’au niveau international. Cette étude philologique et historique des sources analyse le serment paléo-babylonien comme miroir d’une société remarquable par sa complexitéTaking oath is a human act presents in all historical societies. On this basis, this doctoral dissertation dedicated to the oath in the Old Babylonian period (2002-1595 BC) aims at analysing it from its grammatical, religious and social aspects. Thanks to a detailed study of a heterogeneous corpus that covers all the Mesopotamian cities of that time, we establish the grammatical components of the formulas of the oath, we follow their evolution over time and we observe the regional peculiarities detected. Establishing the grammatical structure of the oath thus makes it possible to better define it as a religious act which impacts society. The oath turns out to be the point of conjunction between religion, justice and royal power. In these three areas, it is used consistently to maintain a balance between human relationships, both inside the kingdoms and internationally. This philological and historical study of sources analyses the Old Babylonian oath as a mirror of a society relevant for its complexity
43
Arvidsson, Isac. "En undersökning och implementering för att hitta lämpligast teknik vid e-postläsning : En jämförelse mellan Outlook Mail REST API, Gmail API och IMAP4 baserat på prestanda och säkerhet." Thesis, Mittuniversitetet, Institutionen för informationssystem och –teknologi, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-39346.
Full textAbstract:
Tekniker för att hämta e-post har sedan länge varit svåra att hantera på grund av brist på en tydlig standard. E-post kan variera i vilka headers som följer med och vilken storlek som är tillåten. De kan även vara skillnader på hur mailet är kodat vilket kan bidra till att mailet inte lyckas parsas på rätt sätt. Äldre tekniker som IMAP4 och POP3 förlitar sig på en bristande autentiseringsprocess som inte är önskvärd. Projektet kommer därför studera de nyare teknikerna Outlook Mail REST API och Gmail API för att jämföra dem mot IMAP4. Syftet är att på ett säkrare och effektivare sätt kunna läsa epost och integrera dem med ett ärendehanteringssystem. e-postöverföringar ska kunna schemaläggas med specifikationer som sparas i en konfigurationsfil. För att uppnå syftet implementerades tre prototyper som använde varsin teknik för att läsa e-post. För att jämföra teknikerna på prestanda gjordes tidsmätningar. En jämförelse på säkerhet genomfördes genom att sätta upp den information som måste sparas i konfigurationsfilen. En jämförelse på funktionalitet genomfördes genom att jämföra en lista på funktioner som bestämdes genom en intervju och därefter se om dem finns på de tre olika teknikerna. Resultatet blev att Outlook Mail API var överlägset bäst när det kommer till prestanda. Den stora anledningen varför var att Outlook API hämtar e-post i plain-text vilket leder till en betydligt kortare tid för att parsa e-post. Gmail API var snabbare än IMAP4 mest troligt för att den använder protokollet http för att hämta epost. Både IMAP4 och Gmail API hämtar e-post i form av MIME-meddelanden vilket ledde till en ungefärligt lika lång tid för parsning. Funktionaliteten för teknikerna var densamma förutom några få skillnader. Outlook API har funktionalitet för att hämta epost i plain-text medan de andra inte har det. Gmail API har inte möjlighet att sortera inkommande e-post. Slutligen kom projektet fram till att Gmail API och Outlook Mail REST API var säkrare än IMAP4 på grund av den modernare autentiseringsprocessen som inte hanterar några lösenord. Både Outlook och Gmail använder Oauth2 som autentiseringsprotokoll. Utifrån resultatet dras slutsatsen att Outlook Mail REST API är den lämpligaste lösningen baserat på dess säkerhet och prestanda.The process to fetch email has for a long time been a difficult task because of the amount of different standards in email formats. Email can vary in different headers, format, max size and more based on which email supplier sends the mail. Older methods for fetching email as IMAP4 and POP3 still relies upon weak authentication processes. This project will therefore study the new technologies Gmail API and Outlook Mail REST API and compare these to IMAP4. The purpose of this study is to find a more effective and secure way of transferring emails from an email server to the system named Easit GO. Email transfers should be able to be scheduled in such a way that it is specified in a configuration file. To accomplish this three prototypes was implemented. Every prototype used on of the technologies to read email. To compare these prototypes there was a performance test through time measurements. To compare functionality there was a list setup of fixed functions showing which technologies that had support for that specific function. Security was based on the sensitive information that was stored in the configuration file. The result was that Outlook Mail REST API clearly beat the others on performance. This was because of outlooks ability of reading email in plain-text which leads to a substantially shorter parsing time. All of the technologies had similar functionality except for a few things. Outlook API had the possibility of reading email in plain-text which resulted in better performance. Gmail API did not have functionality to sort incoming email on oldest first. The study concluded that Outlook API and Gmail API were more secure than IMAP4 because of no passwords were saved or even used in the prototype. Both Outlook and Gmail used the authentication protocol Oauth2 which is more secure than IMAP4s Basic Authentication. The conclusion points to Outlook Mail REST API being the most suitable solution based on its performance and more modern authentication.
44
Zhang, Zhikun [Verfasser]. "From Guan Li to eighteen-year-old oath ceremony : a study of Chinese initiation rituals in the perspective of historical anthropology / Zhikun Zhang." Berlin : Freie Universität Berlin, 2008. http://d-nb.info/1023376156/34.
Full text
45
Strine, C. A. "The Divine Oath and the Book of Ezekiel : an analysis of the meaning and function of the "As I Live" and "Lifted Hand" formulae." Thesis, University of Oxford, 2011. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.540123.
Full text
46
Gurney, Nicholas Scott. "As God as my witness: a contemporary analysis of theology's presence in the courtroom as it relates to the "oath or affirmation" requirement within the Florida rules of evidence." Honors in the Major Thesis, University of Central Florida, 2011. http://digital.library.ucf.edu/cdm/ref/collection/ETH/id/390.
Full textAbstract:
The existence of the oath in the courtroom can be traced back thousands of years throughout history, but the use, meaning, and effect of the oath in law has changed dramatically. The oath as we know it was once a powerful truth-telling instrument that our ancestors used to call upon a higher power. It was the belief of many that the oath itself was not sworn to man or state, but rather directly to a deity. The oath has since then evolved as a result of ever changing beliefs, fueled by increasing tolerance, shaping the oath into more of a tradition, and less of an edict. For centuries, theorists have attempted to determine whether an oath in court is actually effective at accomplishing its goal. The intent of this thesis is to examine the origin of the oath all the way up to the present day. It will be through a comprehensive study of federal law, state law, case law, articles, and publications that we will better understand the oath as a truth-telling instrument that in recent times has lost its effect. From there, it will be possible to better form a solution to a problem that plagues our courtrooms: perjury, or the act of lying under oath. This thesis will seek to establish the best way for our community to actively work towards ensuring the integrity and effectiveness of our judicial system.B.A. and B.S.
Bachelors
Health and Public Affairs
Legal Studies
47
Mugno, Allison P. "Priming for Honesty: A Novel Technique for Encouraging Children's True Disclosures of Adult Wrongdoing." FIU Digital Commons, 2017. http://digitalcommons.fiu.edu/etd/3360.
Full textAbstract:
Children are often involved in the legal system as victims of maltreatment, and their disclosure of adult wrongdoing is necessary to initiate effective legal responses and protect them from continued abuse. However, external pressures and children's perceptions of the consequences of truth-telling (e.g., punishment, removal from the home) may result in the delay of disclosure or failure to disclose altogether. Research examining techniques for promoting children's truth-telling has almost exclusively relied on explicit requests to tell the truth (e.g., a promise, reassurance, assessments of conceptual knowledge and moral discussions), and the success of these techniques has varied. The present study examined the benefit of priming honesty (i.e., indirectly or non-consciously activating the goal of honesty) on children's disclosure of an adult's transgression. One-hundred fifteen 6- to 9-year-olds (M age = 7.47 years) participated in a first aid/safety event during which an adult (mother or stranger) engaged the child in play with a box of forbidden puppets, broke a puppet that was designed to break, and requested that the child keep it a secret. Before responding to questions about the puppets, children were either (1) primed for the goal of honesty (prime condition), (2) asked to promise to tell the truth (oath condition), or (3) not provided with any further instructions or information (control condition). Then, children were asked open-ended, direct, and suggestive questions about whether they or the adult touched, played with, or broke any puppets. Regression analyses revealed that children’s truthful disclosures to direct questions increased when children witnessed a stranger transgressing rather than their mother. However, children’s truthful disclosures across the question types did not differ by age or when a prime relative to a promise to tell the truth was used. Results advance our understanding of how children disclose negative events and the effectiveness of different techniques (including a novel technique) in encouraging children’s true disclosures of a parent or stranger’s transgression.
48
Кравчук, Остап Леонідович. "Припинення державної служби за порушення присяги." Diss., Національний університет "Львівська політехніка", 2021. https://ena.lpnu.ua/handle/ntb/56729.
Full textAbstract:
У дисертації досліджено проблему припинення державної служби за порушення присяги в сучасних умовах правового розвитку України, визначено її теоретико-методологічні та практичні засади, з’ясовано природу присяги як юридичної категорії та явища правової дійсності, виходячи з нормативноправової регламентації основних принципів державної служби і гарантій державних службовців. Поняття «присяга» охарактеризовано як юридичний факт, крізь призму загального вчення про юридичні факти в теорії права, адже складення присяги
породжує правові наслідки, настає відповідальність за її порушення. Визначено основні обставини, за яких терміни «клятва», «присяга» набували саме юридичного змісту у різних правових системах. Акцентовано, що притягнення до юридичної відповідальності за «порушення присяги» є юридично значущими діяннями, тобто проступками. Наголошено, що юридична відповідальність при порушенні присяги може спиратися на морально-етичні критерії, які, формалізуючись, набувають характеру правових. Обґрунтовано доцільність законодавчого закріплення «присяжних норм» як норм права, які за своїм юридичним значенням є загальнообов’язковим
правилом поведінки для суб’єктів, що складають присягу. Вказано на необхідність законодавчого визначення поняття «присяга» як тексту та «порушення присяги» як проступку, вчинюваного державним службовцем, і
його конкретного юридичного складу як підстави притягнення до дисциплінарної відповідальності. Зроблено висновок, що Присяга є не лише урочистою обіцянкою додержуватись певних зобов’язань, а конкретним
юридичним зобов’язанням, тобто актом, що породжує юридичні факти, оскільки правова природа обіцянки та її застосування не властиві публічному праву. В диссертации исследована проблема прекращения государственной
службы за нарушение присяги в современных условиях правового развития Украины, определены ее теоретико-методологические и практические основы, выяснено природу присяге в качестве юридической категории и явления правовой действительности, исходя из нормативно-правовой регламентации основных принципов государственной службы и гарантий государственных служащих. Понятие «присяга» охарактеризованы как юридический факт, сквозь призму общего учения о юридических фактах в теории права, ведь принесения
присяги порождает правовые последствия, наступает ответственность за ее нарушение. Определены основные обстоятельства, при которых термины «клятва», «присяга» приобретали именно юридического содержания в
различных правовых системах. Акцентировано, что привлечение к юридической ответственности за «нарушение присяги» является юридически значимыми действиями, то есть проступками. Отмечено, что юридическая ответственность при нарушении присяги может опираться на морально-этические критерии, которые, формализируясь, приобретают характер правовых. Обоснована целесообразность законодательного закрепления «присяжных норм» как норм права, по своему юридическому значению является общеобязательным правилом поведения для субъектов, присягу. Указано на необходимость законодательного определения понятия «присяга» в виде текста и «нарушение присяги» как проступка, совершенного государственным служащим, и его конкретного юридического состава как основания привлечения к дисциплинарной ответственности. Сделан вывод, что Присяга есть не только торжественной обещанием соблюдать определенные обязательства, а
конкретным юридическим обязательствам, то есть актом, порождает юридические факты, поскольку правовая природа обещания и ее применение не свойственны публичному праву. The dissertation investigates the problem of termination of civil service for violation of the oath in modern conditions of legal development of Ukraine, defines its
theoretical and methodological and practical principles, and clarifies the nature of the oath as a legal category and the phenomenon of legal reality, based on regulations guarantees of civil servants. The concept of «oath» is characterized as a legal fact, through the prism of the general doctrine of legal facts in the theory of law, because the oath generates legal consequences, there is responsibility for its violation. The main circumstances under which the terms «oath», «oath» acquired a legal meaning in different legal systems are determined. It is emphasized that bringing to legal responsibility for «violation of the oath» are legally significant acts, ie misdemeanors. It is emphasized that legal liability
for violating the oath may be based on moral and ethical criteria, which, when formalized, become legal. The expediency of legislative consolidation of «sworn norms» as norms of law, which by their legal significance are a universally binding rule of conduct for the subjects taking the oath, is substantiated. The necessity of legislative definition of the
concept of «oath» as a text and «violation of the oath» as a misdemeanor committed by a civil servant and its specific legal structure as a basis for disciplinary action is pointed out. It is concluded that the Oath is not only a solemn promise to comply with certain obligations, but a specific legal obligation, ie an act that gives rise to legal facts, because the legal nature of the promise and its application is not inherent in public law.
49
Mounier, Hélène. ""Tu rendras tes serments au Seigneur" : Une histoire politico-religieuse du serment. XVIe-XVIIIe siècle." Thesis, Montpellier 1, 2012. http://www.theses.fr/2012MON10039.
Full textAbstract:
Le serment constitue un instrument privilégié pour étalonner la prégnance du domaine religieux alliée à l'instabilité du contexte politique qui caractérise la période Moderne (XVIe-XVIIIe). Il apparaît ainsi que les époques particulièrement troublées que représentent les guerres de religion puis la Révolution française connaissent un emploi permanent du serment destiné prioritairement à renforcer la solidité des liens et des accords. L'utilisation de l'institution connaît une évolution sans précédent dès les guerres de religion, mettant ainsi en lumière la nécessité d'exprimer une adhésion idéologique au côté de la traditionnelle garantie de fidélité. Durant cette période douloureuse et tout particulièrement son épilogue, le serment dessine une unité nationale désormais articulée prioritairement autour du lien politique, la dimension religieuse, bien que demeurant fondamentale, passant alors au second plan. La Révolution quant à elle, constitue l'âge d'or du serment d'adhésion, qui permet à « l'homme nouveau » d'apporter la sacralité indispensable à la régénération à une société qu'il veut déchristianisée. Au cours de cette période, le serment joue un rôle d'exclusion tout en servant de fondement à la répression révolutionnaire. Surtout, l'institution recèle des effets destructeurs, même lorsqu'elle est censée constituer l'outil créateur de la nouvelle Cité. Le recours au serment durant les périodes considérées met donc en lumière une construction de l'Etat Moderne par une sacralisation de la politique. Toutefois, l'essence même de l'institution résidant dans ses racines religieuses, un serment laïc ou servant de fondement à une société strictement laïque ne saurait exister sous peine de devenir vide de sens ou de se muer en une simple promesseThe oath represents a key instrument for calibrating the prominence of the religious sphere combined with the political situation that characterizes the early modern period (16th-18th century). Thus, it appears that particularly troubled times -religious wars, then the French revolution- present a regular use of the oath, primarily intended to reinforce the solidity of bonds and agreements. The use of the institution experiences an unprecedented evolution as early as the religious wars, thus highlighting the need to express ideological allegiance along with the traditional guarantee of loyalty. During that painful period and especially at its conclusion, the oath conveys a national unity now primarily revolving around the political bond; the religious dimension, although still fundamental receding into the background. The Revolution is a golden age for the oath of allegiance, which enables “the new man” to provide the indispensable sanctity for the regeneration of the society he wishes to be dechristianized. During the period, the oath plays the role of exclusion while laying a foundation for the revolutionary repression. Above all, the institution conceals destructive effects, even when it is supposed to be the building tool of the new City. Resorting to the oath during the periods currently presented emphasizes the building of the Modern State through a sacralization of politics. However, as the very essence of the institution lies in its religious roots, an oath, either secular or laying the foundation of a strictly secular society may not exist without risking becoming meaningless or turned into a mere promise
50
Buscemi, Francesco. ""Io giuro". Storia della fedeltà politica dai Lumi a Napoleone." Thesis, Paris 1, 2016. http://www.theses.fr/2016PA01H045.
Full textAbstract:
Le recours fréquent aux serments pendant la décennie révolutionnaire a déjà attiré l’attention de nombre d’historiens. Le serment civique a été surtout considéré en tant qu’acte significatif autour duquel semble s’être joué la légitimité révolutionnaire. Effectivement, du serment du roi et des députés de février 1790, à celui des prêtres adhérents à la Constitution civile du clergé, ou encore à celui que la troupe doit prêter après la fuite du roi, des formules constitutionnelles de 1791 et 1792 à celles de haine à la royauté de l’âge du Directoire, jusqu’aux variations apportées par Napoléon, le serment est un élément fondamental de la grammaire politique révolutionnaire. Mon projet de recherche se propose de considérer le serment dans une perspective plus vaste, en comparant la situation française aux expériences des Républiques Sœurs, en élargissant mon propos jusqu’à l’âge de la Restauration pour révéler l’importance du serment dans la culture politique contemporaineThis thesis aims to study the characteristics of political trust and loyalty during the eighteenth century and the French Revolution. These characteristics are essential to understand the revolutionary culture, as they involve one of the most divisive issues of that time : civic oath. My thesis is aimed to clarify how the experience of oaths shaped the relationship between citizens and power during the revolutionary decade (1789-1799) in France and in Italy, and how this relationship is empowered by narratives taken from religion, the culture of honor, and ideology. From a wider, transnational viewpoint, my primary goal was to provide a deeper look into this key topic of the historiography of French Revolution